HomeBitcoin MiningBitcoin Mining Pool Ghash.io Is Unapologetic Over Risk Of Theoretical 51% Attack Caleb Chen 12/06/2014 Bitcoin Mining, Mining, News 17 Comments Many are uncomfortable with Ghash.io’s large percentage of total network hashrate Update: Ghash.io has responded as expected. Two Cornell researchers that have been trying to poke holes in Bitcoin’s network security, Ittay Eyal and Emin Gün Sirer, have taken this opportunity to remind the Bitcoin community of many other theoretical attacks that can occur with a centralized Bitcoin mining network. In fact, many of the theoretical attacks described would arguably be more likely than a blatant 51% attack. However, any attack, no matter how subtle, could be detected on the blockchain and the Bitcoin community will react in their best interests. Ghash.io is a Bitcoin mining pool that has been around for over a year. In the last year, Ghash.io has steadily grown a too-loyal backing of miners taking advantage of their large size and 0% fee structure. Ghash.io works alongside Cex.io, one of the first cloudhashing services to be adopted by the masses. Customers can buy Bitcoin mining contracts from Cex.io and receive mined bitcoins without having to worry about the hardware or software involved. Renting hardware in the form of contracts is an increasingly popular choice among “miners” who wish to reap all the benefits of mining without breaking a sweat. Miners use pools to smooth out their expected income: Mining with a large pool allows you to have relatively constant return in each difficulty period. Ghash.io has previously spoken on this matter at the beginning of the year when in the exact same situation: “GHash.IO does not have any intentions to execute a 51% attack, as it will do serious damage to the Bitcoin community, of which we are part of. On the contrary, our plans are to expand the bitcoin community as well as utilise the hashing power to develop a greater bitcoin economic structure. If something happened to Bitcoin as a whole it could risk our investments in physical hardware, damage those who love Bitcoin and we see no benefit from having 51% stake in mining.” CCN CCN reached out to Ghash/Cex days ago and has just received a response from Jeffrey Smith, Cex.io’s Chief Information Officer, to a short interview: CCN: What percentage of ghash.io’s hashing power is from cex.io? What percentage from other miners? Jeffrey Smith: The hashing power of CEX.IO constitutes 25 percent of GHash.IO total hash rate. The rest are independent miners. CCN: Also… how is the functionality for allowing cex users to point their hashing power elsewhere? Jeffrey Smith: It is very hard to implement this functionality, since on CEX.IO we allow users to trade even small portions of GHS (e.g. 0.001 GHS), and these small amounts cannot be separately connected to other mining pools. CCN: What has ghash.io learned from the last time this happened? Jeffrey Smith: We understand that the Bitcoin community strongly reacts to GHash.IO’s percentage of the total hash rate. However, we would never do anything to harm the Bitcoin economy; we believe in it. We have invested all our effort, time and money into the development of the Bitcoin economy. We agree that mining should be decentralised, but you cannot blame GHash.IO for being the #1 mining pool. CCN: What steps were put in place to ensure something like this didn’t happen again? (stop accepting miners when you guys are at 50%?) Jeffrey Smith: <blank> CCN: Which failsafes have been tripped in the last few days; what has ghash.io done in the last few days? Jeffrey Smith: We strongly believe that Bitcoin mining should be decentralised. We have been working hard for the past several months to ensure decentralisation of Bitcoin mining. Soon we will present a valid solution to this issue. CCN: What is ghash.io’s comfortable level for total percentage of network hashrate? It seems there might be some disconnect between your company’s vision and the community’s tolerance level. Jeffrey Smith: The bitcoin community determines the comfortable level of the GHash.IO’s percentage. We aim to please our users and provide quality trading and mining environment, while maintaining stability and prosperity of the Bitcoin community. This Is Not The First Time This Has Happened In January, Ghash.io broached the 40% mark and the Bitcoin community responded in fantastic fashion, showcasing the power of the mobilized Bitcoin community. Before that, in April of 2013, BTC Guild also ended up with a large portion of the network hashrate. In the aftermath of Ghash.io’s January fiasco, Ghash.io put out a press release to reveal their own Mitigation Plan. Half a year ago, Ghash.io promised to allow Cex.io customers point their hashing power towards other pools to mitigate the blatant centralization of mining power under one pool: Ghash/Cex has yet to fulfill this basic promise. Given that 25% of Ghash.io’s hashing power (upwards of 10% of the total network hashrate) is from Cex.io, this functionality was Ghash.io’s answer to the risk of a theoretical 51% attack the last time this question came about. Technically, hardware rented from Cex.io, but pointed away from Ghash.io, would still ultimately be under the control of Ghash.io; however, it wouldn’t show up as such in our network pool charts. BTC Guild’s operator, Eleuthria, espoused BTC Guild’s Mitigation Plan on the Bitcoin Forum, Reddit, and IRC. For the last year, BTC Guild has stayed true to its promise and BTC Guild’s pool speed has not risen over 50% of the total network hashrate. Eleuthria promised to raise fees by 50% to discourage new miners from joining the pool should BTC Guild’s percentage of network hashrate rise above 40%. Should it rise above 45%, BTC Guild would completely close off new registrations until the percentage of network hashrate dropped below 40%. BTC Guild released a proper mitigation plan that has worked to keep BTC Guild’s percentage of network hashrate at a manageable level for over a year. In stark contrast, Ghash.io’s mitigation plan has not had its desired effect because Ghash.io is unapologetic and has changed nothing despite repeated promises. Ghash.io has previously promised to never raise fees above 0%, which closes the door on that easy fix. Thanks to CCN’s Scott Fargo for getting these quotes: When asked about the dangers of mining pool centralization, BTC Guild operator Eleuthria had this to say: I can say that the fear of pool centralization is pretty misplaced these days. The amount of privately controlled hash rate is massive, bigger than it has ever been. With the exception of a private miner that also runs a pool (like GHash.io), there is really no chance of any pool ever becoming 40%+ again. In contrast, Nasty Mining’s OgNasty had this to say: I don’t think typical Bitcoin miners realize the potentially disastrous consequences they are inviting by mining on large pools. There are too many possible scenarios to list that could result in one of the larger pools executing a successful attack on the network. By participating in centralized pool mining, Bitcoin miners themselves are unknowingly the greatest threat to the Bitcoin project. P2pool is a simple and effective decentralized mining solution to this combat this problem… any large portion of the network in the hands of a few is a risk. You can make the scenario that if the #2 goes down for maintenance and the #3 pool gets DOS’d by attackers, the #1 pool could then be able to perform a 51% attack while previously having much lower than 51% of the network. Many other scenarios exist as well, and while unlikely, it would be unwise to ignore the possibility. Stop Worrying About The Theoretical 51% Attack Coinotron, a Litecoin mining pool, had over 51% of the Litecoin network hashrate by most metrics a few weeks ago: No 51% attack ever occurred. A large part of the general populace’s fixation with the theoretical 51% attack is its apparent feasibility. To those unversed in the economic incentive structure of Bitcoin mining, a single Bitcoin mining pool nearing 51% of the total network hashrate looks exactly like a centralized point of failure that could then successfully launch a double spend attack. People fear a successful double spend attack because it would signal loss of faith in the Bitcoin network as a whole. In reality, none of these points are anywhere near as true as mainstream media makes them out to be. With so called “selfish mining,” an attack attempt could occur with even less than 51% of the total network hashrate under centralized control. However, Bitcoin experts, Andreas Antonopoulos in particular, have been acting as a voice of reason to quell the sometimes misinformed fear. I do not worry about a 51% attack on bitcoin. It is neither likely, nor effective and it completely contravenes the incentives of miners. — AndreasMAntonopoulos (@aantonop) June 9, 2014 Coinsider This video of Andreas Antonopoulos explaining the lack of a threat from 51% of the network hashrate being under the control of a single pool operator to the Los Angeles Bitcoin Meetup. Worry About Centralization Instead. The community should realize that Ghash.io would never kill its golden goose by attempting a double spend. Even if Ghash.io were taken over or nationalized by an irrational and malicious actor, the Bitcoin community can and will still react to preserve the network. The 51% attack has become somewhat of a Bitcoin Boogeyman. In reality, the 51% attack is not the worst thing that could happen with centralization of mining power: Centralization is the worst thing in and of itself. Though the pool operator has every incentive to play by the rules, letting one Bitcoin mining pool have too much of the total network hashrate is implicitly allowing for unnecessary risk. As such, CCN recommends that readers use a P2pool, like Ognasty and nonnakip of NastyMining and NastyFans have set up. Ittay Eyal and Emin Gün Sirer have taken this opportunity to remind the Bitcoin community of all the other theoretical attacks that can occur with a centralised Bitcoin mining network. View our message to Ghash.io Bitcoin miners here. Want to Receive News Once a Day Sent Directly to Your Email? Sign Up Below! 51% Attackghash 17 Responses Jo543683 16/06/2014 it’s easy: ghash should put fees for external miners. (not cex.io miners) Log in to Reply BradyRose 16/06/2014 No one ever says how exactly Ghash is going to cause all their clients to begin to report back hash’s that are purposefully fraudulent, yet appear to be valid. Ghash doesn’t control the individual clients miners, and can’t magically switch the mining clients software to something that specifically calculates hash’s in a non-standard way. This entire controversy is a fantasy that confuses mining pools for people who have absolute control over all the individual miners that sign up for them. Tell me when AN INDIVIDUAL possesses 51% of the computational power ALONE, with complete control of how the mining is done. This is not the case with these pools, the clients run their own software, and report back potential matches to the hashes the pools assign them. Tell me exactly how Ghash is going to replace everyone’s mining client with ones specifically designed around committing fraud? You think none of those miners that endlessly tweak their software trying to mine faster are going to notice when suddenly their client is completely replaced with some other client designed around performing a completely different task? Let alone that happening to all of them? Think about all the machines / os’s, software that would have to be hacked to achieve that. Cause I don’t see how else your going to get all those pool members to start calculating false, but real looking hash results, purposefully without the mother of all conspiracy theories going down. Sorry but the escalating nonsense needs to be let go. Please.. Self interest of the individual actors outweighs the realism of 51% attacks ever being a factor of significance. These pools have more to gain from possessing so many miners than they could ever hope from short term shenanigans that are next to impossible to pull off. Log in to Reply BradyRose 16/06/2014 RobLynn1 AskiTan Yes, and if you don’t pay your taxes for that state school , or that public library, then men in costumes will show up at your house. If you resist their demands, they will threaten you with coercion, and ultimately violence. Most people don’t recognise this violence because they simply break to this coercion. The reality is If you continue to resist, especially physically they might shoot you, or at the very least, lock you in a cage. Just because we mask the violence of the state in terminology that makes its actions appear to be moral because the ends supposedly justify the means, doesn’t mean the violence and coercion of the state isn’t there. It simply means the socialism in these instances is less directly visible to those that are indoctrinated into mythology of the state. In fact, this kind of occlusion of collectivism by giving it new names is more pernicious than systems that simply directly subjugate their victims. Hot tyranny can at least be seen in its raw evil. The most dangerous kind of slavery though is one in which the slave honestly believes they are free, and is increasingly subjected to meaningless distractions, false choices of liberty, and escalating constructs of the state “for their own good”. Log in to Reply sporkmonger 16/06/2014 EvanderSmart I think you’re right on the other points, but I’m not so confident about #2. Log in to Reply EvanderSmart 15/06/2014 My predictions of this growing situation: 1. GHash WANTS to get 51%, and will get there. 2. The Bitcoin Core Team knows it’s coming and will be ready. 3. The Blockchain needs to be vetted for this. Get it over with now. Better a greedy mining pool than the NSA. Good to practice these “War Games”. This may be the first time, but it won’t be the last. It won’t kill Bitcoin, and will make BTC and the Blockchain stronger. Log in to Reply talontech1 14/06/2014 Benjamin Catlin Which developer is that? Log in to Reply Benjamin Catlin 14/06/2014 One of the main Bitcoin developers just sold half his Bitcoins because of the very real risk, I think it’s time I moved to Nxt. Log in to Reply talontech1 13/06/2014 With such a tepid response from the mining community in actually moving their miners off of ghas.io/cex.io they are in full gear heading for as much of the hash power that they can get. Regardless of their intentions we the mining community have failed in properly supporting the network that supports us. I have never mined at ghash and never will but at the least variance at a pool many jump to the largest pool. This causes even more variance at the other pools as which they want the “luck” to change at before going back. Vicious cycle. Log in to Reply kdeselms 13/06/2014 https://bitcointalk.org/index.php?topic=327767.0 Log in to Reply AskiTan 13/06/2014 RobLynn1 AskiTan I’ve lived in a socialist country. I’m not a US citizen. but it is always refreshing to hear some privileged lefty with a silver spoon up his ass tell me about how my life experience means nothing cause your socialist professor’s utopian vision disagrees with reality I have lived. so define socialism for me, boy. go on. I’m really interested to hear your insights Log in to Reply RobLynn1 13/06/2014 AskiTan You have no idea what socialism is, eh? Did you go to a state school? That’s socialism. Got a public library in your town? That’s also socialism. Log in to Reply AskiTan 13/06/2014 the problem in a rational community like bitcoin/crypto is, that they see the world rationally. but irrational attacks are far more prevalent in the real world. religion, ideology, socialism, women in general. all these groups and women usually have purely emotion based reasoning. they will do things that are not good for anyone. not even for themselves. an irrational socialist billionaire, an irrational ideology driven group or statists that view the state as their savior and will not allow any great idea that crosses borders to help the world. look at socialism: it is all about lowering everyone down to the lowest common denominator. to equalize differences by punishing everyone who succeeds until all are poor. like robin hoods that redistribute and take a cut during every act of redistribution. take from the rich, give to the poor. but now those poor are richer than other poor. so take from them and give to the poorer and so on. these people see bitcoin as a way to excel. it is the ultimate evil for them Log in to Reply asdfadfa 13/06/2014 foobart fUD. Log in to Reply kdeselms 12/06/2014 It doesn’t really matter if a pool operator doesn’t intend to wage a 51% attack…because if they have the ABILITY to, they are a delicious target for hackers of any origin to wrest control of them and use their majority hashrate to that end. Log in to Reply talontech1 12/06/2014 It is greed. Pure and simple greed. They have no care if Bitcoin becomes centralized as long as they are in control. They have double spent in the past and will do again. They will push and push until the community finally stops using them. Only then will they stop their shay practices. Log in to Reply foobart 12/06/2014 ghash.io have done double spend attacks in the past. https://bitcointalk.org/index.php?topic=327767.0 they are not trustworthy. Log in to Reply BetMoose 12/06/2014 Real coin down being put down that they will tip over the 51% mark sometime this month: https://www.betmoose.com/bet/ghashio-will-reach-51-or-more-in-the-next-month I am more curious what the reaction would be, as well as investor’s thoughts on this… Log in to Reply Leave a Reply Cancel Reply You must be logged in to post a comment. Earn Bitcoin Points by signing up.