[HN Gopher] BTC Endgame
___________________________________________________________________
BTC Endgame
Author : jbegley
Score : 125 points
Date : 2021-02-19 21:23 UTC (1 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| nostrademons wrote:
| You don't need a DoS attack under the assumptions of this
| project. It's already assumed that you control ~80% of hash rate,
| so you execute a 51% attack that mass double-spends coins and
| destroy all confidence in the integrity of the currency. Poof,
| nobody uses it.
|
| Note that China already controls ~65% of Bitcoin hash rate, so if
| they wanted to execute this right now, they probably could.
|
| That they haven't is one reason I'm bullish on cryptocurrency,
| and specifically Ethereum and Stellar, and it's entirely separate
| from why many other Bitcoin bulls are bullish on cryptocurrency.
| _You don 't need proof-of-work to secure a blockchain._ You only
| need game theory: as long as each participant has more to gain
| from allowing Bitcoin's continued existence than destroying it
| (and they can't subvert or destroy it in a way that will be
| invisible to other market participants), it will continue to
| exist. China gains no benefit from destroying Bitcoin; they can
| just continue to let it exist and tax all the Bitcoin miners in
| China, generating revenue for themselves and their citizens and
| continuing to be a thorn in the side of dollar hegemony.
|
| This also implies that proof-of-stake (if done right) is just as
| good as proof-of-work, which'll solve the energy issues
| associated with Bitcoin. And it means that cryptocurrency
| adoption, if it happens, isn't going to be because it's
| particularly good: rather, it'll be because the U.S. has
| destroyed the dollar. There's value in cryptocurrency simply in
| it being an alternative that's readily available, so that
| civilization doesn't stop if the U.S. does end up miscalculating
| and hyperinflating the dollar.
| hertzrat wrote:
| Will Bitcoin even be that decentralized in 50 years? The miners
| control the network, and most mining is done by big companies
| now and their data centres. If it's like other companies, won't
| they gradually acquire one another until there is only 1-2
| companies controlling almost the entire future crypto economy?
| The scale of the computing power we are talking about is not
| something that individuals can compete with
| mrits wrote:
| I've posted here before about it. I'm of the opinion that it
| currently is not decentralized. There is such a shortage of
| hardware that can be competitive right now and there are only
| a few organizations that can get their hands on them. I think
| this problem is just going to get worse when the manufactures
| start to realize it doesn't make sense to sell any of their
| miners at all.
| swader999 wrote:
| Agree, the electricity for the mining is even more
| centralised. That really is the point of control on this
| whole thing.
| AffableSpatula wrote:
| I'm not so sure. If you don't need proof of work to secure a
| blockchain, then why is the free market of Bitcoin consensus
| continuing to expend huge amounts of capital to stick with it
| as its sybil resistance mechanism? If it wasn't considered a
| value destroying move, the transition away from PoW would've
| happened already no?
| nostrademons wrote:
| It has, in _new_ cryptocurrencies. Virtually all
| cryptocurrencies launched since 2017 are proof-of-stake:
| Cardano, EOS, Stellar, Polkadot, Tezos, TRON. Ethereum is in
| the process of a very expensive and painful transition from
| proof-of-work to proof-of-stake.
|
| The reason you haven't seen this in the global cryptocurrency
| industry is because of network effects and adoption curves.
| Most programmers would probably agree that C++ is archaic and
| that the software industry has moved on to newer languages
| like Rust, Go, Kotlin, ES6, etc. Why then do Microsoft,
| Amazon, Apple, Google, etc. all rely on large quantities of
| C++ code? Because they were founded in the last millennia,
| when C++ was basically the only alternative for what they
| were trying to do, and have deeply enmeshed ecosystems and
| value chains that are all dependent on their existing C++
| codebase. Throw it out and you throw out the $5T+ in value
| they've built. They couldn't have built that up without the
| 20 year head start they have, but if you're founding a tech
| company _now_ , you're pretty dumb to use C++.
|
| Similarly, Bitcoin has built a whole ecosystem of miners,
| speculators, traders, exchanges, payment systems, wallets,
| etc. Throw proof-of-work out and you throw all that out, and
| along with it your advantage over Ethereum, Cardano, Stellar,
| etc.
| hertzrat wrote:
| > if you're founding a tech company now, you're pretty dumb
| to use C++
|
| All us unreal engine using indie developers must be pretty
| dumb then. It's true that programming in c# in unity is
| easier, but the end result of the c++ is a prettier game
| with more things happening at once at a higher frame rate.
| More grass, more characters, more animations, more AI
| nuance, more physics interactions, etc
| DSMan195276 wrote:
| > If it wasn't considered a value destroying move, the
| transition away from PoW would've happened already no?
|
| I think there's a conflict of interest issue here that would
| prevent such a move even if it would be worth it - the miners
| clearly have an incentive to keep the current PoW mechanism,
| as without it they're left holding a bunch of expensive
| useless tech. And without the miners willing to go along with
| a move from PoW to PoS, at best you're going to get a split
| between the PoW and PoS chains rather than a clean shift from
| one to the other and just create a mess, which isn't ideal
| for anyone.
| AffableSpatula wrote:
| The attack scenario is an adversarial nation state who is
| not motivated economically and is intent on sabotage of the
| network.
| DSMan195276 wrote:
| I don't understand what you're getting at, I was pointing
| out why Bitcoin hasn't moved to PoS even if it may
| actually be better.
| AffableSpatula wrote:
| You're right, I totally misread what you said.
|
| I think the answer to what you actually said is; miners
| don't control consensus on the network - it's not up to
| them, it's up to fullnodes/users who can change the
| ruleset whenever they want.
| nugget wrote:
| Given China's political structure, wouldn't it just take one
| participant (President Xi) to wake up and decide "party over"
| if it became politically favorable to do so?
| WJW wrote:
| > China gains no benefit from destroying Bitcoin;
|
| Citation needed on this one I'm afraid. If nothing else, a
| currency that the Party cannot control would be A Problem.
| China did not have much economic benefit in halting the ANT
| IPO, yet it did not go through all the same. There _might_ be a
| benefit in allowing bitcoin to continue to exist of course, if
| they think it advances their cause more than it hurts it. But
| as soon as that calculus changes, it seems quite likely that
| the big mining corps (with as you say at the moment of speaking
| about 65% of total hash rate) will receive some "friendly
| invitations" (from unfriendly people with guns) to stop their
| business operations.
| kajumix wrote:
| If they executed a 51% attack, it will most likely result in
| a hard fork. Every full node would be able to tell where
| China branched off. We'll have BTC and BTC-China, with their
| individual markets. Keep in mind that while China has the
| bulk of miners, the majority of reachable full nodes are in
| North America.
| tshaddox wrote:
| Why haven't they destroyed it then?
| bsder wrote:
| They may be using it to track people attempting to move
| money out of the country.
|
| Cryptocurrencies aren't very anonymous.
| fanciestManimal wrote:
| It's not inconceivable (to me at least) that at some point
| in the future it would be politically or personally
| beneficial for the leadership of a totalitarian government
| to do something that is economically costly to it's
| citizens (in this case we're talking about damaging
| bitcoin, but it could be anything).
| WJW wrote:
| In an elegant tautological argument: because at the moment
| it does not advance their causes to do so (yet).
| PragmaticPulp wrote:
| Frankly, because it's not as much of a threat as the
| popular narrative suggests. They may actually benefit from
| being able to use cryptocurrency for their own ends, either
| by using it directly or using the public ledger nature
| combined with their surveillance powers to get insight into
| transactions.
|
| Regardless, the attacks described here require large
| concentrations of mining power. In theory, the best way to
| attack it would be to wait for (or even
| encourage/subsidize) your country to become the
| geographical leader in mining operations.
|
| Or even better: Wait for companies in competing countries
| to start holding BTC on their balance sheets and consumers
| to put their investments in BTC. Now you have a kill switch
| for part of the balance sheets of competing countries.
|
| I personally doubt this is happening, but I'm sure it's
| being considered as an attack scenario.
| AffableSpatula wrote:
| This is the Turkey Fallacy.
| tshaddox wrote:
| No, I'm actually asking for ideas for why they haven't
| destroyed it yet.
| TrainedMonkey wrote:
| I think at least part of the reason is because they own it.
| Per https://www.statista.com/statistics/1200477/bitcoin-
| mining-b... 65% of all bitcoin mining is in China, this
| means majority of newly minted coins are in China, but also
| they can launch 51% attack at any time.
| thatfrenchguy wrote:
| Better stuff to do ?
| pvarangot wrote:
| > Note that China already controls ~65% of Bitcoin hash rate,
| so if they wanted to execute this right now, they probably
| could.
|
| When you say "China" do you mean like an actor that can make
| coordinated decisions? Or just a geographic region? I'm asking
| out of curiosity because yeah there's a lot of miners in China
| across many geographic regions but I never saw any evidence
| that they even talking to each other, even less coordinated
| enough to agree on making a decision as drastic at attacking
| the Bitcoin blockchain.
| MattGaiser wrote:
| We are talking about China. There is a supreme actor who gets
| to make coordinated decisions if they so choose.
| flatline wrote:
| I think the concern is that the authoritarian Chinese
| government can exercise an awful lot of influence when they
| are inclined. For a supposedly decentralized system it's an
| awfully big risk.
| nine_k wrote:
| The question is whether CCP has sufficient control over them.
| If it does not yet, it might consider working on that. OTOH I
| like the game-theoretic argument: they don't need to.
| Fnoord wrote:
| A better question to ask is: 'is the effort worth the
| gain?'
| hinkley wrote:
| Is the theater of starting the process worth the
| concessions I can win?
|
| It's not bluffing if you're willing to do it. But it's a
| lot cheaper if you don't have to follow through.
|
| China is scary because of the big risks they're willing
| to take. Like giant earthquakes or drowning Shanghai if
| their hydro power system has the failure that western
| civil engineers have predicted.
| generalizations wrote:
| I'd make a wild guess that when parent is talking about
| 'control', they mean that if a miner is located within China,
| the Chinese government has the ability to put a gun to that
| miners head and tell them what to do.
| worker767424 wrote:
| No need to bother with a gun. Just threaten to take 100
| points off their social credit score or ban them from
| WeChat.
| gavrif wrote:
| With that kind of control, they could just put a gun to
| anyone's head and ask them to start mining bitcoin and do
| it the way they want them to. It wouldn't have to depend on
| how many bitcoin miners are in China at the moment.
| dontreact wrote:
| Fortunately, it is immensely more difficult for the
| Chinese state to exercise its monopoly on force outside
| of Chinese borders.
| nostrademons wrote:
| It's a lot easier to point a gun to someone's head and
| say "Switch your equipment over to the network pipe that
| we give you" rather than point a gun to someone's head
| and say "Build a datacenter, secure an extremely large
| source of power, buy a few thousand Bitcoin mining
| boards, hook them all up in this extremely technical way,
| and then switch it over to the network pipe we give you."
|
| The gun in the head strategy works best when you're only
| asking your populace to do simple things. For complex,
| technical tasks, the usual response is "Oops, I can't
| concentrate while you've got a gun against my head", and
| then you can shoot them but that's not going to help your
| task get accomplished any quicker. (This is also why
| working conditions at say Google or Apple tend to be
| pretty good, and why Soviet scientists were treated
| relatively well even if the rest of the population
| wasn't.)
| [deleted]
| swader999 wrote:
| I'd wager the way China would exert control on miners
| there would be to regulate their access to electricity.
| dingus9 wrote:
| China would benefit more by confiscating all hashrate &
| hoarding all of the BTC for themselves before announcing
| that BTC is their national currency and driving BTC price
| to millions per-coin.
|
| It's just as farfetched and unlikely, but anti-Bitcoiners
| just keep theorizing about a hostile China takeover
| crashing BTC price as if it's feasible, without considering
| the inverse.
| throwaway1777 wrote:
| Because China has already announced DCEP as their
| national crypto. So the chance of them making btc their
| currency is basically none while China has already
| cracked down on btc in various ways in the past. They
| could in theory use btc as some kind of reserve or
| exchange currency, but not sure why they would need to
| when everyone has to bend to their will to trade with
| them.
| justicezyx wrote:
| Same thing that a lot Chinese people thinking of the West.
| Like anything is coordinated behind thing, led by US, and
| followed up by the developed countries.
|
| Thanks for calling out this mental bias.
| PragmaticPulp wrote:
| > rather, it'll be because the U.S. has destroyed the dollar.
| There's value in cryptocurrency simply in it being an
| alternative that's readily available, so that civilization
| doesn't stop if the U.S. does end up miscalculating and
| hyperinflating the dollar.
|
| Even before Bitcoin, we had plenty of other alternative
| currencies that could have replaced the dollar. I've been
| reading headlines speculating about the dollar being replaced
| by other currencies as long as I can remember, before Bitcoin
| existed.
|
| To your point: If Bitcoin somehow did become an alternative
| world currency and USD was out of the running, wouldn't that
| create great incentive for China to crash Bitcoin prices and
| drive everyone to use their national currency?
|
| I'm not happy with the current rate of inflation, but I think
| it's also clear that true hyperinflationary scenarios aren't
| likely in modern countries. As much as we like to criticize
| governments (often rightfully so), it takes orders of magnitude
| more incompetence and malice for a government to enter
| hyperinflation. It's not something that is stumbled upon by
| accident.
| fny wrote:
| US monetary dominance is up for grabs. This doesn't mean the
| US is necessarily supplanted as the world reserve currency,
| but it does mean lots of trade may dedollarize to some
| extent. My bet is there will be two major currency zones.
| Dollar/Euro in the West + Middle East + India, Renmimbi in
| the East + Australia + Africa.
|
| Given the explosion of debt to GDP in the west vs the east, I
| see no way the Renmimbi will not continue to appreciate
| against the dollar, and I fully expect Chinese monetary
| dominance to increase with the government's continued
| annexation of Hong Kong.
|
| BTC will probably dominate in countries were currency value
| is routinely destroyed (developing nations, Russia, the US
| and Europe to some extent) but as only as a back channel
| currency: I doubt any major commodity market or trade is ever
| going to be priced in BTC.
| nostrademons wrote:
| "If Bitcoin somehow did become an alternative world currency
| and USD was out of the running, wouldn't that create great
| incentive for China to crash Bitcoin prices and drive
| everyone to use their national currency?"
|
| It would, but there's no guarantee that if people left
| Bitcoin they would end up in RMB. More likely they'd jump to
| _another_ cryptocurrency, or to Euros. People tend to
| distrust the last party that fucked them over.
|
| I could see a dangerous situation if China let Bitcoin thrive
| for a generation, let all the other currencies wither on the
| vine through normal market mechanisms, and _then_ decided to
| exercise their national control over Bitcoin. That 's
| basically the Amazon strategy - make your product so
| appealing that all the other retailers go bankrupt, and
| _then_ jack up prices once there 's no alternative and a
| whole generation assumes you're the normal way to buy things.
| (Come to think of it, that's kinda the U.S. dollar strategy
| now.) But that's a generation off, so naturally I'm not
| thinking of it, and I doubt very many others outside of HN
| are either.
| gge wrote:
| > Stellar
|
| kek
| Laforet wrote:
| How would a hyperinflation on the US dollar cause civilization
| to stop?
|
| In any case, crypto trading since 2017 has been nothing but
| people buying and selling imaginary ticker symbols on
| unregulated exchanges.
|
| For example, XVG and ETC has been subject to successful 51%
| attacks more than once and every time the price was hardly
| affected. And each time the "solution" to deep chain reorg
| involved the exchanges freezing all trading while developers
| rushed to add a hardcoded checkpoint. Once the "correct"
| version of history has been manually restored, everybody sing
| kumbaya and goes back to paying real cash for monopoly money.
|
| Crypto need no proof of anything (PoS is still vaporware -
| debate me if you want), other than a shared delusion of value
| headed by the bucket shops.
| swinglock wrote:
| > PoS is still vaporware
|
| Why is that? Aren't Cardano and Polkadot PoS as they claim or
| doesn't it work?
| Laforet wrote:
| No PoS algorithm has yet managed to solve the Nothing-at-
| stake problem, nor are they any more resistant to the
| abovementioned kind of hostile takeover by the nation state
| player compared to PoW.
|
| I can't speak for every PoS coin out there but
| Cardano/Ouroborous explicitly assumes partial synchrony
| which is arguably never a good idea for a supposedly
| permissionless blockchain.
| ericb wrote:
| > PoS is still vaporware - debate me if you want
|
| Tezos has a fully working Proof of stake system, and there
| are others. Feel free to share whatever you're on about, but
| I have a feeling "the debate" will be an exercise in goalpost
| moving.
| Laforet wrote:
| Baseless accusations aside, please see my reply elsewhere
| in this thread for a response.
| shadowgovt wrote:
| > How would a hyperinflation on the US dollar cause
| civilization to stop?
|
| The dollar is the value used to denominate world debt via the
| IMF. It's also (partially related to this fact) the "mattress
| currency" of a lot of nations... Nations hoard US dollars to
| back-stop their own economies, since if their currency starts
| to tank, they can use dollars to pay their international
| debts.
|
| A worthless US dollar would have wide-ranging international
| currency disruption.
| afavour wrote:
| > China gains no benefit from destroying Bitcoin
|
| Right now they don't, no. But to my mind Bitcoin being subject
| to the whims of a major world power is a big knock against it,
| given that it aims to be a currency alternative. I don't want
| such an alternative to subject to any kind of geopolitical
| mood.
| core-questions wrote:
| Yes. Much like mutually-assured-destruction with WMDs, we
| need to try to keep China to <50% of the mining pool,
| otherwise they can do as they wish with it.
|
| Maybe the US government doesn't mind that? Maybe they hope it
| will die, and send everyone flocking back to the dollar?
| fanciestManimal wrote:
| Yea I can't see a power like China controlling bitcoin to be
| a good thing. I also can't see myself maintaining a
| substantial fraction of my wealth in a unit of value subject
| to the whim of a totalitarian government.
|
| It's not inconceivable (to me at least) that leaders could
| decide it's personally beneficial to them (or politically
| beneficial) to damage Bitcoin, even if it cost a ton of their
| tax payers money.
| Udik wrote:
| No power controlling Bitcoin is a good thing (at least for
| Bitcoin). That's true for China, who could force its miners
| to do what it wants, as it is for the US, which could make
| it arbitrarily hard to transact or hold BTC (and which also
| has the habit if imposing sanctions on other states'
| entities).
| thatfrenchguy wrote:
| > China gains no benefit from destroying Bitcoin; they can just
| continue to let it exist and tax all the Bitcoin miners in
| China, generating revenue for themselves and their citizens and
| continuing to be a thorn in the side of dollar hegemony
|
| CO2 emissions is probably why I'd do it if I were the Chinese
| government frankly.
| throwaway1777 wrote:
| Environmental virtue signaling compared to other co2 emission
| sources in China.
| unyttigfjelltol wrote:
| The entire multi-billion BTC ecosystem is built on software that
| still hasn't reached "Version 1.0"? Bitcoin Core 0.21? A
| development beta? LOL.
| xiphias2 wrote:
| It may be 0.21 but it is one of the best reviewed software in
| tbe worls for security issues. Also there's a trillion dollar
| bounty especially on the public signature infrastructure.
| davidw wrote:
| > via a wargame
|
| Oh, I know, I know! "The only winning move is not to play"
| stale2002 wrote:
| Ehh, this blog posts focuses way too much on technical tricks
| that are, in reality, not really the main risks to the bitcoin
| network.
|
| For example, the blog posts focuses on things like 51% attacks to
| either reorg the chain, or prevent transactions from being
| published. This is not really as big of a deal. When 51% attacks
| happen, it certain disrupts crypto networks in the short term.
| But the defenders always have the nuclear option in their back
| pocket, which is to change the proof of work algorithm, and force
| the attackers to spend a bunch of money building their attack
| infrastructure up again.
|
| Threats to change the POW algorithm, were thrown around during
| the 2017 blocksize debate, when things got really heated, and
| parties involved were threatened what amounted to 51% attacks. So
| it is already established that this is something that devs
| consider doing.
|
| The only real avenue of attack against crypto networks, is simply
| the social one. You simply arrest anyone who does anything at all
| related to crypto, and hope the threat of government violence is
| enough to make it so most people dont use crypto.
|
| Those social attacks would be the most likely to succeed, IMO,
| but they also have the problem of being difficult to implement.
| You know, because we living in a society, with a court system,
| and elections, and people that care about not living in a
| totalitarian hellscape, so any attempt by the government to
| simply arrest everyone, will likely be punished politically.
|
| So sure. The blog post is correct that if the government simply
| arrests or kills everyone who has anything to do with bitcoin,
| then they could stop crypto. But the counter argument to that, is
| such recommendations are completely out there, and extreme, and
| society wouldn't let that happen and would punish the people
| doing that.
|
| The actual attack vectors that matter, are not some fantasy land
| conspiracy, of every world government becoming a dictatorship.
| Instead, the attack vectors that matter would instead be every
| day bad actors, that seek to defraud people, in secret, and are
| not willing or able to kill/arrest everyone in the world who
| opposed it.
| AffableSpatula wrote:
| I don't think China being a dictatorship is much of a
| conspiracy. That's where a lot of ASICs are deployed, as well
| as the majority of the fabrication of the hardware itself.
| stale2002 wrote:
| > I don't think China being a dictatorship is much of a
| conspiracy.
|
| But china enacting authoritarian measures isn't good enough.
| The blog post did not suggest that the attack vector to worry
| about was a single country banning crypto.
|
| Instead, the blog post said that the attacks would only
| happen if every major country in the world colluded together,
| to all being authoritarian, and banning crypto everywhere.
|
| If only China decides to take over crypto, the solution is
| relatively simple. The developers of bitcoin/whatever simply
| change the proof of world algorithm, and turn all of china's
| ASICs into space heaters.
|
| That would be disruptive to crypto, sure. But lots of
| disruptive things have happened in the space. People would
| move on. And if china spent another X billion dollars
| building even more asics, then the algorithm could be changed
| again.
| AffableSpatula wrote:
| Changing the hash function doesn't solve the problem. The
| mining game doesn't remonitise becuase everyone knows where
| it ends (denial of service and collapse, rendering mining
| hardware valueless).
| stale2002 wrote:
| > (denial of service and collapse, rendering mining
| hardware valueless).
|
| No, actually. China being able to DDOS every internet
| service that it does not like is already something that
| they provably are unable to do in the current day world.
|
| There are lots of things that China would like to DDOS
| off the internet, right now, and yet they aren't able to
| succeed at doing that.
|
| A crypto service isn't any different than anything else
| that China is attempting to, and failing at, DDOSing off
| of the internet right now.
|
| What is china going to do? Take out cloudfare and aws and
| any other major web hosting platform in the world? C'mon.
| Lets enter back into the real world. If the US is
| refusing to cooperate with china, then there are many
| ways of defending against something as simple as a DDOS
| attack.
| paulgb wrote:
| The linked Medium posts have a bit more content
| https://joekelly100.medium.com/how-to-kill-bitcoin-part-1-is...
|
| Note that this is from last July, when the price of BTC was
| significantly lower and thus the price of the attack is likely
| higher now. That said, this becomes more feasible in the long-run
| when mining is purely funded by transaction fees.
|
| Something I don't see talked about much is the fact that,
| although Bitcoin is intended to be non-inflationary in the long
| run, the mining network that keeps it secure is currently 80-90%
| subsidized by inflation.
| WJW wrote:
| I always wondered about that and perhaps someone here can
| explain. After bitcoin reaches its "full" volume, mining
| rewards will go away and the only way miner income can stay the
| same is if transaction fees rise to match. Since the
| competition of miners basically converges to "block reward is
| equal to electricity cost equivalent", this would mean
| transaction costs increase to an insanely huge amount. Not
| paying the larger transaction costs would lead to the less
| efficient miners being squeezed out of the pool of miners,
| leading to less hashing power overall and thus an increased
| vulnerability to attack.
|
| How does the system intend to keep up miner income after all
| bitcoins have been mined?
| gfody wrote:
| > basically converges to "block reward is equal to
| electricity cost equivalent"
|
| the electricity cost falls significantly with the difficulty,
| see: https://en.bitcoin.it/wiki/Difficulty
|
| ..and: https://breakermag.com/difficulty-adjustment-is-why-
| bitcoin-...
| pitaj wrote:
| BCH addresses this by increasing the number of transactions
| per block. This decreases the fee per transaction.
| cloudhead wrote:
| There are a couple answers to this question, but the truth is
| we have ~100 years to figure this out, and the world will be
| a very different place then.
| fanciestManimal wrote:
| It's an unsolved problem, and all solutions would require a
| majority of the mining pool to get on board.
|
| You could periodically increase the block size, splitting the
| transaction fee among more transactions. Although larger
| blocks make it more difficult to produce hashes, so more
| power would be consumed, thus increasing the transaction fees
| further.
|
| You could change the block reward such that there's a larger
| block reward or even some kind of sustained rate of
| inflation. The cap of 21 million bitcoin isn't a fundamental
| unit, it can be changed if a majority of the mining pool
| decides to.
|
| You could switch to Proof of Work, which doesn't use nearly
| as much electricity. Given how long this has taken Ethereum,
| this would probably be a multi year effort.
|
| If the Lightning network were to take off, it might also help
| with this for day to day users. I'm not super confident about
| that though. I don't think a Layman is going to deal with the
| Lightning network, personally. Especially with the current
| narrative of bitcoin being a "store of value" rather than a
| currency. Bitcoin proponents don't seem to be advocating
| using it as a day to day payment tool.
|
| Of course, there could also just never be any consensus on
| the direction to take, the network could be attacked, people
| could bail on bitcoin for other cryptocurrencies or just
| abandon cryptocurrencies all together and it could become a
| relic of history.
| AffableSpatula wrote:
| Hey, author here - I think you're absolutely right that there
| is a risk that demand for blockspace doens't generate
| sufficient block reward to provide useful security guarantees.
| If that is the case, it could cause the price of BTC to fall
| which could create a negative feedback loop. This would, at
| best, create an end of the 21m cap and at worst trigger a
| collapse of the game entirely.
| jpsalm wrote:
| Yea that's what I don't understand either.
|
| Is the plan to secure a fully-mined chain just rampant value-
| inflation in a way that is completely detached from supply
| and demand? Today my 1e-1000 bitcoin is worth 10 carrots,
| tomorrow it is worth 20 everything else held equal? How does
| that even work in practice?
|
| Alternatively you need transactions to pay entirely for the
| security of the chain. This doesn't seem feasible when chain
| security costs rise everyday as the cost of energy deceases.
| And if transaction fees increase to compensate and people
| transact less the whole thing blows up.
| janandonly wrote:
| A very simple way to increase block rewards is making blocks
| SMALLER.
|
| It is game theory: If you really want your transaction to be
| on-chain, you pay for it. And smaller blocks means less
| transactions will fit in one block. So fees will need to go
| up.
| AffableSpatula wrote:
| In theory... but demand has elasticity. If the market has
| no way to equilibrate at a state that produces sufficient
| returns, there's no constraining of supply that can produce
| the returns needed. And that is the risk/unknown.
| treve wrote:
| You probably mean deflation, right? In inflation the cost of
| goods and services are higher, because the currency is losing
| value.
| rspeele wrote:
| The reward paid to miners is mostly newly minted BTC.
|
| Presently 6.25 BTC newly created with each block, about 1-2
| BTC in fees. Mining has been paid for by increasing the BTC
| supply, for all of Bitcoin's history so far. Eventually that
| will have to change as the reward keeps halving. At some
| point there is no block reward and it's all fees. Will people
| pay enough in fees to sustain mining at a rate that's
| impossible for a large actor to 51%?
| WJW wrote:
| No he means inflation. New coins are being mined all the
| time, causing existing coins to lose value. This does not
| really matter yet since total demand for bitcoins has been
| increasing faster than the total supply, leading to an
| increase in price.
| paulgb wrote:
| Thanks, but I mean inflation: miners were paid a subsidy in
| new Bitcoin for their contribution to the network. This has
| an inflationary effect on Bitcoin, although it was
| overshadowed by increased demand over the same period.
| FabHK wrote:
| GP might be referring to the fact that currently, 80-90% of
| the miners' reward is "coinbase", ie newly minted coins
| (which expand the money supply and could be considered
| inflationary), while only 10-20% of the mining reward is from
| fees, ie cut on the transactions.
| mumblemumble wrote:
| I would assume that the author meant to mean "growth in the
| supply of bitcoin." Which seems like a reasonable error to
| make, because printing money typically has an inflationary
| effect, even if it isn't technically synonymous with
| inflation.
|
| Maybe dilution is a better term? If all other factors could
| be held equal, then the real value of the ~6BTC reward for
| mining a block would, in effect, come from a tiny reduction
| in the real value of everyone else's BTC assets that would
| result from the supply of BTC having increased.
|
| It creates an interesting situation. Right now, the cost of
| actually operating the BTC network is largely supported by
| every single person who owns BTC, proportionally to how much
| BTC they actually have. As the mining reward continues to
| taper off, that is going to shift toward the cost primarily
| being covered by transaction processing fees. That will
| change something fundamental about the economics of Bitcoin,
| although I'm not sure exactly how.
| flyGuyOnTheSly wrote:
| >There is currently no defense for this attack in Bitcoin, as the
| simulation demonstrates.
|
| The entire Bitcoin miner reward model is the defense for this
| attack.
|
| Nation states have powerful computers... but nowhere near as
| powerful as the decentralized Bitcoin mining network combined.
|
| Even if they did currently, the endgame for Bitcoin as envisioned
| by Satoshi Nakamoto was for everyone on the planet to be mining
| Bitcoin at the same time.
|
| If a Nation State could ever become more powerful than every
| single private processor on the planet combined... I think it
| would be game over for a lot more than just Bitcoin.
| PragmaticPulp wrote:
| I don't think the realistic attack vectors include nation
| states trying to out-compete the network on hash rate by
| building a competing network. If China wanted to make this a
| priority, for example, they'd just use military force to seize
| existing mining operations which are heavily centralized and
| easy to find.
|
| A more realistic attack angle would be a large mining
| corporation recognizing a financial opportunity to undermine
| Bitcoin. If some organization could position themselves as a
| superior alternative to Bitcoin, crashing the Bitcoin network
| with periodic mining attacks could be worth the cost.
| Alternatively, if an entity could amass a large enough short
| position on Bitcoin, attacking the network to drive down the
| price might be attractive. We'd have to run the math on the
| scenarios, which is the point of projects like this.
|
| > Even if they did currently, the endgame for Bitcoin as
| envisioned by Satoshi Nakamoto was for everyone on the planet
| to be mining Bitcoin at the same time.
|
| The amount of wasted energy would be insane if everyone on the
| planet was mining Bitcoin.
|
| Currently, it looks like we're on a trajectory where large
| mining operations will centralize a lot of the eventually
| custom mining hardware. Individuals will have less and less
| incentive to mine Bitcoin as the reward decreases.
| onlyrealcuzzo wrote:
| Who needs processors when you've got big guns?
|
| They don't need the processors - they can simply change the
| laws.
| dingus9 wrote:
| Right. The protections against this are already baked into the
| protocol.
|
| 51% attacks don't make sense because you're hurting yourself
| 51% and hurting everyone else 49%.
|
| And for this theoretical attack you'd probably need to sustain
| 90%+ hash power for a long time.
|
| Your first hurdle will be producing enough ASICs to surpass
| current hashrate by nearly 10x. Solve that problem and you'll
| need a massive amount of energy and you'll have to set up huge
| mining facilities in various locations to prevent crippling
| local power grids.
|
| This would take years to plan & execute. A lot of people would
| have to be involved. Good luck keeping it a secret. Network
| hash rate will continue to increase while you're building this
| infrastructure.
|
| If by some miracle you've pulled this off, Bitcoin users will
| switch to a fork of Bitcoin that uses a different mining
| algorithm and your entire investment is now completely
| worthless.
| AffableSpatula wrote:
| The protections aren't baked into the protocol because they
| don't account for external real world motives of nations
| states which could incent them to act in a "non-economic" way
| according to the internal rules of the Bitcoin game.
| AffableSpatula wrote:
| This isn't a temporary speeedbump, it's a permanent end to
| proof of work mining as an investable activity (and viable
| sybil resistance mechanism for bitcoin).
| dingus9 wrote:
| Remember UASF? If incentives align amongst users, nodes,
| merchants and exchanges Bitcoin absolutely will switch to
| another mining algorithm and now the attacker has to
| start from 0.
|
| If the attacker attempts to keep up the game of cat-and-
| mouse long enough they will eventually go bankrupt and
| will no longer be able to participate.
|
| And this theoretical discussion completely dismisses the
| fact that it's nearly impossible to execute an attack
| like this at this stage in the game anyway.
| AffableSpatula wrote:
| UASF effectively became a negotiation between honest
| miners and fullnodes. Honest miners are incentivised to
| close off conflicts because it risks devaluing their
| future rewards. In this scenario the attacking miner is
| acting "non-economically" so it's nothing like UASF.
| dingus9 wrote:
| It's baked into the incentivization structure, if you
| prefer it worded that way. Investing hundreds of billions
| of dollars and years of work to place a temporary speed
| bump in front of Bitcoin's growth doesn't make sense.
| AffableSpatula wrote:
| ASIC chip fabrication is centralised in China. The government
| could seize the means of production, as well as the centralised
| mining operations that they've attracted by subsidising
| electricity.
| reitzensteinm wrote:
| If a handful of governments that control fabs agree Bitcoin
| has to go, the efficiency of ASIC mining becomes a big
| threat.
|
| Governments can purchase large runs of ASICs while other
| mining will revert to GPU. Controlling 51% of the hash rate
| in this manner isn't as outlandish.
|
| Further, you're not limited to double spend attacks. If
| you're the government with a decent advantage, you just treat
| your own chain as true and never accept blocks from other
| miners. The reward for mining will collapse, since even if
| you produce a valid block it'll not be on the longest chain
| once government miners catch up.
|
| And once the reward for mining collapses you can probably
| even power down some of the ASICs.
|
| There are counter measures, but combined with attacking the
| financial onramps and making possession criminal, it's hard
| for me to believe that BTC would survive an attack like this.
|
| But of course, it's predicated on large governments agreeing
| it's worth seriously attacking. I don't know how likely that
| is.
| flixic wrote:
| Nation state wouldn't need to become more powerful than all
| miners if most miners (more accurately, vast majority of hash
| power) were located in one, authoritarian country with a
| penchant of controlling "private" businesses.
| xur17 wrote:
| I also imagine that after a few days of the network being
| jammed up, getting social consensus to fork the network to use
| a different hashing function would be fairly viable.
| dingus9 wrote:
| Right. And now this theoretical actor that controls 10x the
| hashrate of the rest of the world has lost 10x the amount of
| capital invested compared to the rest of the mining world.
|
| It's the equivalent of shooting a bullet through your chest
| to shoot your enemy in the finger.
| AffableSpatula wrote:
| The purpose of this project is to have people be specific
| about what ruleset they would fork to which could prevent
| this kind of attack.
| playingchanges wrote:
| Right, it seems like there would be plenty of gamers more than
| willing to replace those ASICS given the opportunity.
| trevelyan wrote:
| Distributed Proof-of-Work is not vulnerable to this:
|
| https://org.saito.tech/eliminating-51-attacks-in-proof-of-wo...
|
| The community of users simply attaches harder cryptographic
| proofs to their transactions, forcing up the cost of producing
| empty blocks. The approach is capable of bankrupting nation-
| states as a side-effect of eliminating 51% attacks.
| nine_k wrote:
| Why won't it make transactions prohibitively expensive? Each
| transaction needs a trustless agreement of many, many nodes.
| darig wrote:
| I never understood why empty blocks is allowed... you can start
| immediately and get a head start over other mining pools. Granted
| it is just the time to load in transactions from the mempool and
| hash the result of appending them to the blockchain, but still...
| if you're in a race, why not take any advantage you can get?
|
| I've monitored the chain for years, and empty blocks are very
| very common. I know there is a civil war of people that want to
| make the block size larger vs keep it the same... I think at this
| point it they would both agree that every block should at least
| be 90%+ full before it is accepted. That seems like a simple fix.
|
| The attackers would then like just fill up the blocks passing a
| tiny amount of bitcoin between all their wallets, but at that
| point they might as well just use the mempool.
|
| In the end, if you have mining dominance, you win. No point
| denying that. If you want to "ban" miners, or rewrite history,
| bitcoin is no longer decentralized.
| Geee wrote:
| The defense is that there are thousands of other cryptocurrencies
| that would take Bitcoin's place. So the attackers wouldn't gain
| anything in the end.
| atemerev wrote:
| What a great idea. The attack described there is plausible, and
| experimenting in the means of defence before it happens is
| crucial for the continuity of cryptocurrncies.
| yrral wrote:
| I think under these circumstances, the economic majority of
| bitcoin users will fork to use, eg a new hash algorithm,
| rendering the seized mining farms useless. Remember, bitcoin is a
| collective trusted network based on agreement between users,
| miners and developers. If the miners turn, just switch to a set
| of new miners.
|
| You mention that this wouldn't work in your article. Can you
| explain why?
| pjfin123 wrote:
| Yeah it seems like the real defense of an obvious attack is
| "This Ethereum proof of stake chain with all of the wallets
| from right before the attack is the new Bitcoin".
| AffableSpatula wrote:
| In order for change in hash function to work, it would require
| remonitising to a significant hash rate. Why would anyone
| invest in mining equipment on that new hash function if they
| already know how the game ends? (ie. their equipment being
| written off)
| [deleted]
| yrral wrote:
| Theres no need to start at a huge hash rate. You can fork and
| then reset/reduce the difficulty, or adjust the difficulty in
| the way BCH does. You can also use POW algorithms that can be
| done only on commodity hardware like GPUs or CPUs so that the
| community can do it in a more distributed way.
| AffableSpatula wrote:
| If the difficulty is low then re-attacking the forked chain
| is inexpensive so you have exactly the same problem.
| Additionally, reducing the hashrate reduces the settlement
| assurances increasing the number of confirmations required
| to be sure your transaction is finalised.
| nostrademons wrote:
| Human beings already know how our game ends (we die), and yet
| we do all sorts of things on this earth in the ~80 years
| before that, even knowing that everything we do for ourselves
| becomes meaningless once we're gone.
|
| Time preferences are a thing. Lots of folks do things with a
| time horizon much lower than their equipment being written
| off. Whole companies are destroyed for quarterly earnings,
| relationships are destroyed for a promo that lasts only for
| the ~2-5 years that you've got remaining at the company,
| people get married even knowing that 50% of them end in
| divorce, parents birth children knowing that they'll leave
| the nest and develop their own opinions and say they don't
| love you and eventually die.
| doggosphere wrote:
| The same reason they got into it in the first place; you can
| make money by doing it.
| esotericn wrote:
| In the general case I don't think that majority miner attacks can
| be defended against without changing the hash algorithm.
|
| Specific cases like "empty blocks" could be addressed via a hard
| fork.
|
| But there's nothing stopping miners from faking transactions in
| blocks, sending amounts to themselves, filling the block with
| OP_RETURNs, or just doing the minimum possible to get around your
| "fix".
|
| PoW absolutely relies on >50% of miners being honest, always has
| done.
| safog wrote:
| Can't you do worse things if you have >50% hash power? It seems
| like DoS is pretty mild all things considered.
| esotericn wrote:
| It depends how rationally the market responds, I guess.
|
| A reorg attack and a DoS are equivalent in my mind - anyone
| who's capable of pulling off a lengthy DoS is also capable of
| performing a reorg attack, whether they actually do or not is
| kind of irrelevant.
| AffableSpatula wrote:
| The purpose of this project is to challenge people to be
| specific about the details of that hard fork. Currently there
| are no theoretical proposals, or concrete BIPs to address.
| muttantt wrote:
| My prediction is that Bitcoin will crash 50-80% in the next 12
| months due to insider/rogue employee hack at Coinbase, and/or
| some other event that will render wallets irrecoverable or the
| company insolvent.
| thysultan wrote:
| For the first attack listed you'd need to be the 99% of mining
| power at which point the 1% could also just fork and leave you to
| your endeavours.
| AffableSpatula wrote:
| The purpose of the project is to encourage people to be
| concrete in what their proposed ruleset changes are to defend
| the attack.
| mullingitover wrote:
| There's a much simpler endgame: China starts enacting export
| controls on ASICs.
| latchkey wrote:
| Good thing Global Foundries, Samsung and TSMC have their fabs
| in many countries. I'd worry about them before I'd worry about
| a single country.
___________________________________________________________________
(page generated 2021-02-19 23:00 UTC)