Advertisement

Smart Contracts Make Bitcoin Mining Pools Vulnerable

  • Yaron Velner
  • Jason Teutsch
  • Loi LuuEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10323)

Abstract

Despite their incentive structure flaws, mining pools account for more than 95% of Bitcoin’s computation power. This paper introduces an attack against mining pools in which a malicious party pays pool members to withhold their solutions from their pool operator. We show that an adversary with a tiny amount of computing power and capital can execute this attack. Smart contracts enforce the malicious party’s payments, and therefore miners need neither trust the attacker’s intentions nor his ability to pay. Assuming pool members are rational, an adversary with a single mining ASIC can, in theory, destroy all big mining pools without losing any money (and even make some profit).

Notes

Acknowledgments

We thank our shepherd, Iddo Bentov, for useful discussions and the anonymous reviewers of an earlier draft of this paper for helpful feedback.

Supplementary material

References

  1. 1.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2009). bitcoin.org
  2. 2.
    Rosenfeld, M.: Analysis of bitcoin pooled mining reward systems. CoRR, abs/1112.4980 (2011)Google Scholar
  3. 3.
    Luu, L., Saha, R., Parameshwaran, I., Saxena, P., Hobor, A.: On power splitting games in distributed computation: the case of bitcoin pooled mining. In: 2015 IEEE 28th Computer Security Foundations Symposium, pp. 397–411, July 2015Google Scholar
  4. 4.
    Ethereum Foundation: Ethereum’s White paper (2014). https://github.com/ethereum/wiki/wiki/White-Paper
  5. 5.
    Courtois, N.T., Bahack, L.: On subversive miner strategies and block withholding attack in bitcoin digital currency. CoRR, abs/1402.1718 (2014)Google Scholar
  6. 6.
    Eyal, I.: The miner’s dilemma. In: SP (2015)Google Scholar
  7. 7.
    Sasson, E.B., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from Bitcoin. In: Proceedings of 2014 IEEE Symposium on Security and Privacy, SP 2014 (2014)Google Scholar
  8. 8.
    Wood, G., Ethereum: a secure decentralised generalised transaction ledger (2014). http://gavwood.com/paper.pdf
  9. 9.
    Bitcoin Wiki: Pool mining’s payout schemes. https://en.bitcoin.it/wiki/Comparison_of_mining_pools
  10. 10.
    Sompolinsky, Y., Zohar, A.: Secure high-rate transaction processing in Bitcoin. In: Financial Cryptography and Data Security - 19th International Conference, FC 2015, San Juan, Puerto Rico, 26–30 January 2015, Revised Selected Papers, pp. 507–527, 2015Google Scholar
  11. 11.
    Eyal, I.: The miner’s dilemma. In: IEEE Symposium on Security and Privacy (SP 2015), pp. 89–103, May 2015Google Scholar
  12. 12.
    Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45472-5_28 Google Scholar
  13. 13.
    Luu, L., Teutsch, J., Kulkarni, R., Saxena, P.: Demystifying incentives in the consensus computer. In: Proceedings of 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS 2015), pp. 706–719. ACM, New York (2015)Google Scholar
  14. 14.
    Teutsch, J., Jain, S., Saxena, P.: When cryptocurrencies mine their own business. To appear in Financial Cryptography and Data Security (FC 2016) (2016)Google Scholar
  15. 15.
    Luu, L., Velner, Y., Teutsch, J., Saxena, P.: Smartpool: practical decentralized pooled mining. To appear in USENIX Security Symposium (2017)Google Scholar
  16. 16.
    Bonneau, J.: Why buy when you can rent? Bribery attacks on bitcoin-style consensus. In: Clark, J., Meiklejohn, S., Ryan, P.Y.A., Wallach, D., Brenner, M., Rohloff, K. (eds.) FC 2016. LNCS, vol. 9604, pp. 19–26. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53357-4_2 CrossRefGoogle Scholar
  17. 17.
    Sapirshtein, A., Sompolinsky, Y., Zohar, A.: Optimal selfish mining strategies in bitcoin. To appear in Financial Cryptography and Data Security (FC 2016) (2016)Google Scholar
  18. 18.
    Nayak, K., Kumar, S., Miller, A., Shi, E.: Stubborn mining: generalizing selfish mining and combining with an eclipse attack. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 305–320, March 2016Google Scholar
  19. 19.
    Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: 24th USENIX Security Symposium (USENIX 2015), pp. 129–144. USENIX Association, Washington, D.C., August 2015Google Scholar
  20. 20.
  21. 21.
    Karame, G., Androulaki, E. and Capkun, S.: Two bitcoins at the price of one? Double-spending attacks on fast payments in bitcoin. IACR Cryptology ePrint Archive 2012:248 (2012)Google Scholar
  22. 22.
    blockcypher.com: Confidence factor. http://dev.blockcypher.com/#confidence-factor
  23. 23.
    Bitcoin Wiki: Transaction malleability. https://en.bitcoin.it/wiki/Transaction_Malleability

Copyright information

© International Financial Cryptography Association 2017

Authors and Affiliations

  1. 1.The Hebrew University of JerusalemJerusalemIsrael
  2. 2.TrueBit FoundationTel AvivIsrael
  3. 3.School of ComputingNational University of SingaporeSingaporeSingapore

Personalised recommendations