Social media


What is a block withholding attack?

Author: LB 2021-02-13 60

Finance has entered into a new era with the advent of cryptocurrencies. Who has ever dared to imagine a world where money can be transferred through a peer-to-peer network? When the domain name, bitcoin.org was registered in 2008 everything changed and the crypto revolution took place. In the following years several other alternative currencies appeared, but still a large proportion of the users doesn’t seem to understand the underlying technology at all. Let’s see a few important aspects of crypto security and let me elaborate on various mining related vulnerabilities of the Bitcoin network.


When someone is swimming against the tide interesting things happen. Doubtless, whistleblowers are an important part of our societies, however their works sometimes remain unrequited. I think this is especially true in the crypto world. If you bought some crypto in the past months you want to see the price going up and you don’t really want those unbesought whistleblowers ruin your investments.


If you want to stay with the tide and gain popularity, you have to tell the people what they wish to hear. Otherwise you’re deemed to be a lunatic and you cannot but look for a different audience. While going against the flow is interesting itself, it is not too rewarding and sometimes you do get confused, because in certain situations you find yourself questioning mathematics and science in general.


The easiest way is to approach cryptocurrencies from social media, because whether you accept it or not we tend to use these newfangled platforms more and more in our everyday life. If you follow some of the demigods of the (brave?) new world, like Elon Musk who is a true believer of bitcoin you can easily think that cryptos are the universal solutions for our problems.


While bitcoin and other altcoins do solve certain problems, the underlying technology they utilize to perform transactions is vulnerable and actually, this is an actively researched field where there is much work to be done in the future. Our sages do forget to talk about these problems, either because they don’t know about them or they just simply don’t want to lose popularity. Who knows…


Well, whichever the case may be, these problems do exist and Ittay Eyal and his coworkers at IIT (Israel Institute of Technology) are working on the improvement of the blockchain based cryptocurrency networks. One of the most interesting parts of their research is centered around cryptocurrency mining.


Bitcoin mining


As bitcoin is operating over a distributed peer-to-peer network the transactions have to be verified by certain members of the network. In order to do such verifications, participants solve a seemingly complex mathematical problem, which is pretty simple for those who are familiar with hash functions. What these users (cryptocurrency miners) do is the following. They receive the block header of each transaction block and they add a random value to it (nonce). With the nonce and the block header, they calculate a SHA-256 hash value and check whether this value is smaller than a target difficulty. If not they repeat the step with a different nonce value if the condition is satisfied, they report the mined block to the other participants and the transaction block is deemed to be verified by the whole network. Clearly, the more hash values you can calculate in a given amount of time the higher the likelihood of finding a block for you. The bitcoin network has a feedback mechanism that is able to automatically adjust the difficulty so that the mined blocks appear with constant frequency. The motivation behind this is fairly simple. Miners receive a block reward upon successful verification and they receive this in bitcoins. It’s in the bitcoin network’s interest to keep the issuance rate constant, because otherwise an increased BTC issuance rate would lead to temporary inflation.


When a miner receives his reward in bitcoin he still needs cash to pay for electricity and new hardware. Crypto exchanges and bitcoin atms are excellent solutions for this problem. You can find bitcoin atms in many European cities, such as Krakow, Prague, Bratislava and Vienna.


Why do miners join the mining pools?


This is an interesting question. You can find many blogs on the Internet where they tell you that there are too many very powerful miners in the bitcoin network already, so there is no way that you can mine a single block with your mining rig as a solo miner. Therefore these blog articles instruct you to join mining pools and mine cryptos through these centralized entities. I had been sceptical about this a little bit until I read some of Ittay’s paper and finally understood the concept.


The idea behind mining pools is very straightforward. The problem with bitcoin mining in 2021 is not that it’s impossible to mine a block as a solo miner and you would never get rewarded. In a salubrious bitcoin network every miner shall be rewarded in proportion to his mining power he contributes to transaction verification. This remains true even if you’re a solo miner, so you would eventually mine a block, however you would have to wait for long. But for that you would be rewarded with a few bitcoins.


When you join a mining pool, which unites solo miners’ mining power you get rewarded more frequently, but you would obviously get less money for your work each time, because you’re contributing less. A very fair system, isn’t it?


Usually problems appear, when everything seems alright.


Mining pools are public system, which means that anybody can join them and make them more powerful. Their interest is to enchant more users, because by doing so they can increase their ability to mine blocks and take more pool fees. Some of the mining pools become alarmingly powerful and this happened with GHash.IO. They captured a 51% majority on 2014-06-03 04:10:07 GMT for 12 hours. Their appalling rise breached the network’s etiquette and they promised that they will not let this happen again in the future.


Block withholding attacks


51% attacks are well known problems in peer-to-peer networks and the cryptocurrency community has expressed its concerns on a few occasions already when they detected these dominant mining pools on the horizon. Selfish mining (Majority is not Enough: Bitcoin Mining is Vulnerable.) is another very fundamental imperfection in the bitcoin network and even less than 51% of the entire mining power suffices if one wants to tamper with bitcoin transactions on the blockchain.


Block withholding attacks belong to the same family of attacks and Ittay’s article, The Miner's Dilemma elaborates on this very interesting phenomena.


The key idea of a block withholding attack is the following. Malicious miners can join mining pools and mine bitcoin blocks, but when they deliberately discard their full proof-of-work results. This means they seemingly use their mining power to mine blocks, however whenever they are done with the work they don’t publish their results. By doing so, the reward of the other participants decreases, because the pool has to split the cumulative reward between more miners. In other words, the reprobate miners do useless work and they even get rewarded for it.


These good-for-nothing miners earn less than the honest miners in healthy pools, because they only publish partial solutions to their pools, so they’re not incentivised to do such attacks for their on sake for a long time.


The case is altered when a pool is trying to attack the other pool with a similar attack. In other words a malicious pool can allocate some of its miners to carry out block withholding attacks and transfer the received reward to the pool itself. That’s the crux of the matter, because basically based on the relative size of the two pools there is an optimal number of malicious miners that will maximize the revenue of the malicious pool.


Ittay goes further in the article and states that the situation in which no pool attacks is not a Nash equilibrium, in other words it’s always more beneficial to attack the other pool than to stay idle. However, when both pools attack each other they earn less than in the case of everyone being idle, hence the name “The miners’ dilemma”.


Detecting such an attack requires very subtle mechanisms, because it’s not easy to prove that a miner is not publishing full proof-of-works. In theory, it’s possible to measure the ratio between the expected mining rate and the actual mining rate and deduced that someone is being malicious in the network.


According to the author, these block withholding attacks are not too frequent in the bitcoin network, most likely because large mining pools have agreed on not attacking to avoid decreased revenues. Nevertheless, the problem persists and the cryptocurrency world is still waiting for a universal solution.

Author: LB


Illustration: The Miner's Dilemma.


Interesting entries


14.02.2021

A new use case of smart contracts in 21st century capitalism

14.02.2021

What is it like building a crypto community in Central Europe?

13.02.2021

What is a block withholding attack?

02.02.2021

How to invest in the crypto world?

21.01.2021

Why is the adoption of cryptocurrencies is slow?