A Poisoning Attack Against Cryptocurrency Mining Pools

  • Mohiuddin Ahmed
  • Jinpeng WeiEmail author
  • Yongge Wang
  • Ehab Al-Shaer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11025)


This paper discusses a potentially serious attack against public crypto-currency mining pools. By deliberately introducing errors under benign miners’ names, this attack can fool the mining pool administrator into punishing any innocent miner; when the top miners are punished, this attack can significantly slow down the overall production of the mining pool. We show that an attacker needs only a small fraction (e.g., one millionth) of the resources of a victim mining pool, which makes this attack scheme very affordable by a less powerful competing mining pool. We experimentally confirm the effectiveness of this attack scheme against a few well-known mining pools such as Minergate and Slush Pool.


Crypto currency Mining pool Invalid share DoS attack Stratum protocol 



This work is partially supported by the US National Security Agency (NSA) under grant number H98230-17-1-0354, and the US DoD Army Research Office (ARO) under grant number W911NF-17-1-0437. The views and conclusions contained in this paper are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the United States National Security Agency or Army Research Office. We also thank the anonymous reviewers for their insightful comments.


  1. 1.
  2. 2.
    bitcoinwiki Stratum-protocol (2018). Accessed 28 May 2018
  3. 3. (2018). Accessed 28 May 2018
  4. 4.
  5. 5.
    minergate (2018). Accessed 28 May 2018
  6. 6.
    Slushpool Stratum-protocol (2018). Accessed 28 May 2018
  7. 7.
    slushpool top contributor (2018). Accessed 28 May 2018
  8. 8.
    ASIC and FPGA miner in C for bitcoin (2018). Accessed 16 June 2018
  9. 9.
    BFGMiner a modular ASIC/FPGA Bitcoin miner (2018). Accessed 16 June 2018
  10. 10.
    Cryptocurrency GUI miner 8.1 & Mining Pool (2018). (2018). Accessed 16 June 2018
  11. 11.
    Buterin, V., Griffith, V.: Casper the friendly finality gadget. In: arXiv preprint arXiv:1710.09437 (2017)
  12. 12.
    Courtois, N.T., Bahack, L.: On subversive miner strategies and block withholding attack in bitcoin digital currency. CoRR abs/1402.1718 (2014).
  13. 13.
    Eyal, I.: The miner’s dilemma. In: 2015 IEEE Symposium on Security and Privacy, pp. 89–103, May 2015.
  14. 14.
    Eyal, I., Sirer, E.G.: Majority is not enough: Bitcoin mining is vulnerable. In: Proceedings of the Eighteenth International Conference on Financial Cryptography and Data Security (FC 2014) (2014)Google Scholar
  15. 15.
    Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: Proceedings of the 24th USENIX Conference on Security Symposium, SEC 2015, pp. 129–144. USENIX Association, Berkeley (2015).
  16. 16.
    Huang, D.Y., Dharmdasani, H., Meiklejohn, S., Dave, V., Grier, C., Mccoy, D., Savage, S., Weaver, N., Snoeren, A.C., Levchenko, K.: Botcoin: monetizing stolen cycles (2014)Google Scholar
  17. 17.
    Huang DY, Dharmdasani H, M.S.: Empirical analysis of denial-of-service attacks in the bitcoin ecosystem. In: Proceedings of the Network and Distributed System Security Symposium. Reston, Virginia: Internet Society (2014)Google Scholar
  18. 18.
    Johnson, B., Laszka, A., Grossklags, J., Vasek, M., Moore, T.: Game-theoretic analysis of DDoS attacks against bitcoin mining pools. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 72–86. Springer, Heidelberg (2014). Scholar
  19. 19.
    Karame, G.O., Androulaki, E., Capkun, S.: Double-spending fast payments in bitcoin. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 906–917. ACM, New York (2012).,
  20. 20.
    King, S., Nadal, S.: PPCoin: peer-to-peer crypto-currency with proof-of-stake. In: self-published paper, August 2012Google Scholar
  21. 21.
    Kwon, Y., Kim, D., Son, Y., Vasserman, E., Kim, Y.: Be selfish and avoid dilemmas: fork after withholding (FAW) attacks on bitcoin. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 195–209 ACM, New York (2017).,
  22. 22.
    Luu, L., Saha, R., Parameshwaran, I., Saxena, P., Hobor, A.: On power splitting games in distributed computation: the case of bitcoin pooled mining. In: 2015 IEEE 28th Computer Security Foundations Symposium, pp. 397–411, July 2015.
  23. 23.
    MinerGate: Invalid shares policy. Accessed 05 Feb 2018
  24. 24.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). Accessed 28 May 2018
  25. 25.
    Nakamoto, S.: Slushpool hashrate (2018). Accessed 28 May 2018
  26. 26.
    Nayak, K., Kumar, S., Miller, A., Shi, E.: Stubborn mining: generalizing selfish mining and combining with an eclipse attack. In: 2016 IEEE European Symposium on Security and Privacy (EuroS P), pp. 305–320, March 2016.
  27. 27.
    Ruben Recabarren, B.C.: Hardening stratum, the bitcoin pool mining protocol. In: 1st Workshop on Bitcoin ResearchGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Mohiuddin Ahmed
    • 1
  • Jinpeng Wei
    • 1
    Email author
  • Yongge Wang
    • 1
  • Ehab Al-Shaer
    • 1
  1. 1.University of North Caroline at CharlotteCharlotteUSA

Personalised recommendations