Looking at the graphs on blockchain.info, ghash.io has an estimated 37% of the hashing power for the past 24 hours. They have been growing rapidly, and were at less than 25% a month ago. If they continue to grow at this rate, it's highly possible they could control 51% of the network. They show no signs of stopping, and they've been known to use their power maliciously to double spend. I know pessimistic posts are usually frowned upon in this subreddit, but I"m just wondering what can be done about this. Ghash.io poses a threat to bitcoin, and they can potentially destroy the whole decentralization of the currency, which is exactly what Bitcoin is about. Considering their bad history of double spends and other things, I'm a bit worried. Is there any way to stop them, besides people attempting to mine for other small pools? Mining is out of the control for most people since decent ASICs are extremely expensive and mostly unprofitable. The proof of work algorithm used for Bitcoin is unlikely to change due to how difficult it would be to get everyone to adapt and for it to go smoothly. How can this be dealt with? I'm highly afraid for the future of Bitcoin.
https://preview.redd.it/jcgmn1wf4o251.png?width=1400&format=png&auto=webp&s=55aa66f3a02fb3aefbbd2cc0fec1468645ab24cd What is double-spending? To understand what double-spending means, we must first understand how a blockchain network works. All cryptocurrencies use what is known as a blockchain. It is essentially a chain of blocks where each block is made up of digital information about transactions. Bitcoin and other cryptocurrencies cannot be forged because the blockchain is public and immutable. Because of a consensus algorithm each chain has, it is almost impossible for someone to form a transaction or block. Picture this, James sends Kate 4 Bitcoin. This transaction is made public, and everyone receives information about it. Also, the transaction has to be verified. If James doesn’t have 4 Bitcoin, the verification will fail, and Kate will not receive any Bitcoin. The verification process happens through the consensus algorithm.
Can Double-Spending Really Happen?
Double-spending happens when an attacker spends the same funds twice. For example, if James sends 4 Bitcoin to Kate and also to Alex at the same time, only one of the transactions will be confirmed. This problem is easier to solve on centralized systems; if there is a central institute like a bank, it can take charge of the problem. However, since blockchain is decentralized, there is no specific one responsible for the double-spending attack. Even though the consensus algorithm partly prevents double-spending, unfortunately, this cannot be the final solution as the problem can still occur. Theoretically, if someone were able to hold more than 50% of the mining power available, he or she would have the ability to overturn network transactions and may make double-spending valid. Although this might seem unlikely, it can happen for real. In 2014, the mining pool Ghash.io obtained 51% of Bitcoin’s hashing power but capped their power at 39.99% to increase the trust in the network. However, this event raised significant concerns about the safety of the network, as most mining power seems to be in control of a few parties only. Other cryptocurrencies have suffered 51% attacks, Bitcoin Gold, for example, was hit by a 51% attack in 2018 and just recently in 2020.
The Final Solution for Double-Spending, FLETA
FLETA is a blockchain-based platform for the creation of decentralized applications. FLETA employes an innovative sharding model where each shard operates individually and independently. Each DApp on the FLETA network operates independently and doesn’t rely on other DApps as it has its own sub-chain. Because each chain operates independently in a parallel structure, data is not shared between the chains, and chains are not affected by each other. For this reason, double spending is not feasible and provides a high transaction speed. Also, FLETA’s consensus algorithm, PoF(Proof-of-Formulation), prevents the double-spending problem. Its mining node, Observer Node, confirms a generated block real-time, and confirmation of 3 out of 5 observer nodes is necessary. This system eliminates the possibility of double-spending.
Although the initial consensus mechanism works, it is not entirely secure against double-spending attacks. A 51% attack has been shown to be achievable even in cryptocurrencies. FLETA has been able to create an innovative sharding model that allows each chain to operate independently. Moreover, its PoF consensus algorithm confirms a block systematically in real-time. Thanks to them, FLETA is free from the double-spending issue.
Right on schedule, the frontpage is full of network takeover warnings and discussion. Happy 51% day! ... on a more serious note, please, for the love of Satoshi, stop using centralized mining pools and especially stop using "cloud mining" services. It's just asking for trouble. This really shouldn't have to come up every few weeks. Use P2Pool instead. I get it, documentation is insufficient, and so on and so on. It doesn't matter. Invest an hour in figuring out P2Pool, the network will thank you for it later.
GHash.IO reached 5 Ph/s today and shows no sign of slowing down. A few days ago during the panic, they were at about 4.6 Ph/s. Miners, please do yourselves and all the Bitcoin community a favor and switch to P2Pool before it's too late. If people cannot trust the network, Bitcoin becomes worthless.
I'm a Bitcoin maximalist but we need to talk about 51%.
Recession happened, the USD failed and all major fiat followed. Bitcoin has finally been considered a global payment system and was adapted by the general population. Anyone who owns a complete Bitcoin is featured in a wealthy people's list. Now government does not have the power they used to have over people and it drove them crazy to the point where they decided to construct a plan of attack against the Network. All they need is 51% ownership of the network, Bitmain has 40% and governments can easily accuse this company of running a scheme to facilitate money laundering operations through BTC production. Therefore taking the company down and using their hash power and do the same with other mining company till they reach 51%. Creating a documented flaw in the Bitcoin network and potentially causing the double spending that blockchain was developed to avoid. People start to lose faith in this form of money and get back to government's newly established and regulated digital payment system or whatever. I once read that 15 billion USD is enough to produce the power needed to overcome the network, that's nothing to governments if they decided to "regain control" I think we can all agree that if a government does not have control over people's money, they don't have any kind of control. "Give me control of a nation's money and I care not who makes its laws." To say that 51% is impossible is naive, imagine what would have happened if Ghash.io decided not to reduce its share of the network back in 2014. Bitcoin might not be what it is today. drop your thoughts please.
A lot of focus has been on GHash.IO and the 51% problem. Let's suppose for a moment that we can prove that GHash.IO is a benelovent agent, and although they have 51% we can be certain they will only ever mine by the rules that the bitcoin community set. This will bring several advantages:
Bitcoin is becomes immune to 51% attacks - only GHash.IO could perform them and we know they won't.
Any transaction confirmed by a GHash.IO block is known to be final. No need to wait for more confirms.
Potentially Instant confirms - GHash could provide a service that confirms your transaction you know it will be included in their next block and no competing transaction can be included.
Far easier to roll out bitcoin improvements, particularly hard forks, since you only really need to get one agent on board.
How could we be certain GHash.IO are benelovlent? This is a tricky problem! They could be open source but it would be hard to prove that the code they run is the code they post. They could open themselves up to audit by trusted members of the community. The best thing is to make sure that the economic insentives line up. The GHash.IO investors are no doubt heavily invested in bitcoin (something we could veify). We can then assume they won't try any attack on the bitcoin network as it will hurt their investment. Double spends are easy to spot for example, and I think any sort of DOS attack would be spotted to. Even if GHash.IO ignored other people's blocks it would be fairly obvious. Ultimately they are still beholden to the community to a large extent, so could easily be usurped if they start misbehaving. I appreciate there are definitely ideological concerns with this scenario, but in practice would it be so bad? Perhaps we should start considering it seriously?
In regards to the 51% problem: ELI5 What would a hard fork look like to an average (non-miner) bitcoiner?
Talks about Hard-Forking the bitcoin blockchain to include security features against a 51% percent attack seem very political and almost impossible based off of conversation. It requires 51% of the bitcoin mining network to start working on the new chain with updated rules, is this correct? Does that mean users on coinbase, or those with savings in their electrum wallets; would have to do anything? Or is this a change purely miners have to worry about? What would be involved with a hard-fork, and what are some worst-case scenarios?
The Shame of ChainLocks: Dash Forced To Abandon Nakamoto Concensus
Sorry Dash. I have some bad news. Proof-of-work isn’t suitable for small cryptocurrencies. It seems that while PoW works for Bitcoin, it doesn't always work for smaller cryptocurrencies. It seems that proof-of-work (PoW), the consensus protocol behind Bitcoin, isn’t ideal for smaller cryptocurrencies, because they’re far more vulnerable to what are called 51 percent attacks. At least five PoW digital currencies have been affected by such attacks in the last two months. Dash suffered 51 percent attacks last month causing a theft of more than a million dollars. On Tuesday, Dash suffered another attack of the same kind — resulting in a theft of more than 35 million Darkcoins worth over $1.7 million at the time. Dash Masternodes reportedly continues to suffer from a 51 percent attack as well, and has already resulted in a theft of over $100,000 so far. 51 percent attacks occur when one entity gains control over 51 percent of the network hash-rate. This entity can now both prevent valid transactions from occurring as well as reverse already occurred transactions on the blockchain. A single coin can even be spent twice from the same origin with this sort of control, in what’s called a double-spend. PIVX, a hard fork of Dash with no embarrassing Instamine, also suffered a double-spend attack last week. Their control over the blockchain allowed them to make off with more than $35 million worth of PIVX. The fact that all of these cryptocurrencies utilize the X11 PoW consensus protocol of Dash raises some doubt over the suitability of the protocol. It’s virtually impossible for Monero's or Bitcoin’s blockchain to be compromised by a 51 percent attack because it will require a lot of hashing power to gain more than 50 percent control over it — although Ghash.io, a Bitcoin mining pool, has come close; not once, but twice. But, is carrying out a 51 percent attack on smaller cryptocurrencies easier? We asked Bitcoin developer Peter Todd:
If PoW is used naively, yes. PoW relies on being able to outspend your attacker; a smaller currency with its own PoW chain has fewer resources that it can afford to devote to defence, so it’s less secure.
Todd notes that in cases such as Dash, it is the technical glitches with their blockchains that allow these cryptocurrencies to be compromised so easily. But even if these flaws are fixed, it won’t exactly solve the problem of 51 percent attacks on their blockchains — for PoW to work in the way it is intended, you still need to be able to outspend your attacker. Todd explains that, all of these cryptocurrencies that suffered the attack have chosen the naivest possible technical architecture : to have an entirely separate PoW chain for each of their currency.
The smart way to implement what they’re attempting to do is to share the security of an existing PoW chain. There’s quite a few ways to do this, including the embedded consensus mechanism that the OMNI protocol pioneered. Tether as an example happens to use OMNI on Bitcoin, so if you wanted to attack Tether, you’d have to do a 51 percent attack on the entire Bitcoin ecosystem.
“The important thing to note with all those currencies is they’re just copy-cat clones of existing stuff, created in pump and dump schemes,” Todd notes of the attacks. “I suspect the coins that have been attacked recently use that technology simply because it’s easier to copy and paste existing code rather than do the real work of technology development – they’re pump and dump schemes after all.” There are rising concerns over the number of cryptocurrencies that are simply cloning existing blockchains. As we reported earlier, Bitcoin alone has seen more than 44 hard forks since August last year, and most of them don’t bring anything new to the table. Despite being riddled with technical flaws, Dash used to be popular with traders many years ago. All four cryptocurrencies that have suffered 51 percent attacks in the last two months, are among the top 100 most traded cryptocurrencies in the world at the moment. Surely the digital cash community can do better.
And do you think many major retailers are going to start taking BTC payments with 51% attack risk in the air?
No one mentions this but the entire bitcoin economy collapses if there are double spends and reverse payments, etc. It coudl set bitcoin back 5 years..or just kill it entirely. I know some of you don't care if BTC dies but most of us do, and that's why we need to take this threat seriously. Boycott Ghash/cex.io and encourage others to do the same. and please save the posts about "why don't you just create another service to compete with them and then it won't be a problem". I don't have the resources to do that, and even if I do, there is not time. We have NO time...we must act now.
Rapid growth of GHash.IO mining pool, seen over the past few months, has been driven by our determination to offer innovative solutions within the Bitcoin ecosystem combined with significant investment in resource. Our investment, participation and highly motivated staff confirm it is our intention to help protect and grow the broad acceptance of Bitcoin and categorically in no way harm or damage it. We never have and never will participate in any 51% attack or double spend against Bitcoin. Still, we are against temporary solutions, which could repel a 51% threat. In any market, competition and innovation drives growth and that is particularly true in an emerging and disruptive environment such as Bitcoin. Successful and innovative companies cannot be expected to limit their growth or competitiveness as a direct result of their success. However, this is the situation we find ourselves in when faced with the community perception of the threat of a 51% attack on Bitcoin. Asking our users to not use our services or to use competing solutions is not conducive to fostering innovation. Implementing a pool fee to our pool contradicts principles of our operation from the very launch of GHash.IO. It also does not address the core issue only pushing the problem a few weeks or months down the road when another pool or perhaps GHash.IO again grows towards 51%. We do fully recognise the concerns and possible threat posed by an entity with malicious intent taking control of enough mining power to exploit the 51% scenario, but we also have confidence and agree with the views expressed by the Bitcoin Foundation that any such exploitation or attack ”would be obvious it was happening, and pretty easy to defend against. The transparent nature of the blockchain provides unprecedented insight for all to investigate and report such behaviours. We also recognise however that a long term preventative solution to the threat of a 51% attack does have to be found, the current situation we find ourselves in (essentially being punished for our success) is damaging not only to us, but to the growth and acceptance of Bitcoin long term, which is something we are all striving for. To that effect we are in the process of arranging contact to the leading mining pools and Bitcoin Foundation to propose a ‘round table’ meeting of the key players with the aim of discussing and negotiating collectively ways to address the decentralisation of mining as an industry. Our aim is to do this quickly with a possible date coinciding with the CoinSummit Conference in London.
I understand we're tired of these posts, but please listen. If a 51% attack occurs, all trust in Bitcoin could be lost forever. If 50% of hashing power is obtained, the controller of that power can double spend, even after multiple confirmations. If Ghash.IO reaches 50%, and someone hacks them or the operator decides to abuse it, Bitcoin could actually die. Thousands of coins could be sent to an exchange and double spent, resulting in false coins being sold or swapped out for different legitimate coins, and exchanges going bankrupt(causing a similar situation to MtGox, except it wouldn't be the exchanges' fault). With exchanges failing due to double spends, payment processors such as Bitpay and Coinbase would also fail. Without these, no merchant could accept Bitcoin reliably. If such an attack occurred, all merchants would lose trust in the protocol. There's already enough controversy behind Bitcoin, but the technology itself failing is enough for trust in Bitcoin to forever be destroyed. Even if everyone moved their hashing power AFTER the attack, the damage would be far too much for any major merchant to even consider trusting it again. Miners, I understand you may consider Ghash.IO to be the most profitable, or the most convenient, etc, but the integrity of Bitcoin is at stake. If Bitcoin fails, your ASICs lose their value, and your profits decline far more. I hope the value and integrity of Bitcoin is more important than the slight convenience or lower fees you may get at GHash.IO. Thanks.
There seems to be a lot of major misunderstandings going on in regards to transaction confirmations (in particular, PoS sales)
So iv been reading posts/comments on here lately and it seems like there is some serious misunderstandings by alot of people in regards for the time it takes for a transaction to get confirmed on the blockchain, especially in the use case of merchant PoS sales. You guys are comparing apples to oranges here The time it takes for one confirmation is how long it takes for a transaction to be CLEARED. As in, verified, confirmed, 100% complete and irreversible transaction of bitcoins. In comparison, the transaction clearing time for credit cards is something around 30 - 60 days. At any point during that 30-60 period, you could find out that the credit card you used was actually stolen and the money gets reversed, plus you are out of pocket already from providing the product/service. In bitcoin, this same window is about 10 minutes to an hour. If you see an incoming transaction to your address, you can be 99.9% sure that its legit and will eventually confirm. You absolutely do not need to force your customer to wait 10 or more minutes just to confirm their payment. Just give them the damn coffee and let them be. Would you make your customer wait in store for an 2 entire months just to make sure they dont call up their bank and make a chargeback? In order to actually pull off a 0-confirmation double spend attempt, I believe it goes something like this (someone correct me if im wrong):
Send a payment to the merchant
At almost the exact same time, send out a transaction using the same inputs but going to one of your own addresses, and pay a much higher miner fee
Hope that both a) your second transaction will propagate much faster than your first one, while the first one still propagates enough to be seen right away by the merchant b) your second transaction to yourself doesnt immediately get dropped due to the attempted spending of the inputs being seen and c) miners choose to pick up and confirm your transaction to yourself instead of the one to the merchant.
So basically, its a combination of capability (not many people know how to manually create transactions, relatively), timing, alot of luck and also having the balls to attempt it in person. Its not something thats a garunteed success rate. However if you happen to control > 50 % of the mining hash power, then it suddenly starts to become alot easier, which is why its important to keep our mining distributed (and why everyone freaked out in january over ghash.io) Just think for a second how many tens of thousands (millions..?) of fraudulent credit card and bank transactions happen every single day... and not to mention how retard-edly easy it is to scam peoples credit card numbers tl;dr it's very reasonably safe to accept 0 confirmation payments in most use cases. just dont do it for transactions where some serious cash is in play (have patience and wait the short amount of time instead)
Some of this data is from bitcointalk, I'll attribute the authors as I go
A possible explanation for the high "luck" factor from GHash.IO is that the operators control miners in other pools; Their software sends solved blocks back to their pool hops pools back to ghash.io as needed. (They make their own luck ... More on luck here)
There are many implications: GHash.IO could secretly have >51% of all processing power and target certain transactions for double spends without causing apparent/widespread negative effects.
There is evidence (see below) that operators or miners using GHash.IO tested this on a small scale last September
"getblocktemplate moves block creation to the miner, while giving pools a way to set down the rules for participation. While pools can do just as much as they could before by expressing it in these rules, miners can not be kept in the dark and are enabled to freely choose what they participate in mining. This improves the security of the Bitcoin network by making blocks decentralized again."
A risk that is difficult to assess is whether the large mining pools validate coinbase tx content included by miners in their pool. (To test, you "just" need to be the member of a pool who successfully solves a block; and also write a custom miner to include a specific coinbase tx that the pool did not ask you to provide. (Credit to bee7 here for this idea). It's possible that the GHash.IO operators control (or are colluding with) a significant portion of the mining capacity of Elgius and Slush (I picked those two pools because of their abysmal orphan (luck) rate); This hypothesis is supported by the data in this post. There are, of course, other very reasonable explanations for the "luck variance" observation:
Inefficient pool software choosing which coinbase txns to include in the next block
Mining optimization that is not yet common knowledge (to Elgius and Slush anyway)
...but there is also additional circumstantial evidence that GHash.IO have bad actors:
Not closing registration as their pool is approaching a (visible) 51%
Not charging fees to incentivize more pool diversity
In September I witnessed a lot of double-spending against BetCoin Dice. It happened between 25th and 27th Sept. The mechanism was simple: send betcoin a tx with 0 fee, then wait for a result tx, if your bet is a win, then confirm your tx, otherwise double-spend it.
Ok smarties: Any other thoughts/theories/criticisms to these hypotheses? Post below if you're considering changing pools now. 2014-Jun-03 11:18PM PDT edit: Fixed formatting issues 2014-Jun-03 11:25PM PDT edit: Clarified negative effect in TL;DR 2014-Jun-04 01:40PM PDT edit: Clarified point about pool hopping
GHash.io claimed they had investigated and found a rogue employee who had been doing the double spending, who was fired. However no evidence supporting this was provided and the incident left a permanent cloud hanging over the pool. Regardless, it didn’t seem to hurt their market share much: most miners probably never heard about the incident at all. GHash.IO is one of the largest Bitcoin mining pools, which entered the mining market in July 2013 and contributes to over 30% of the overall hashing power making it the #1 pool in the Bitcoin network. GHash.IO charges 0% pool fee and provides 24/7 technical support for its users. October 2016, GHash.IO pool officially closed. The team behind GHash.IO offers development of custom-built pools ... The transactions become more irreversible as the number of confirmations rises, meaning that to be able to double spend that coin, the sender has to go back and reverse all transactions in the 6 blocks that have been added after their transaction, which is computationally impossible. The sole incident on double spending was in November 2013, when it was discovered that the GHash.io mining pool ... To double spend against confirmed transactions, Ghash.io would need to have that 51% mining a private fork and then release those blocks once they've got the double spending completed. Therefore, as long as you are still seeing Ghash.io blocks then you'll know that they haven't sent all their hashing capacity to a private fork. Double spending in the real world GHash.io. There are several ways to do double spending in Bitcoin. One is to get a miner to unwittingly help you commit fraud. Another is to actually be such a miner.
Bitcoin Core's Feature Proved to be Easy to Exploit, Coinbase CEO Patents Emailing Bitcoin and More
Bitdouble.io : A new way to get double your Bitcoin Feel Good. Loading... Unsubscribe from Feel Good? ... What is Double Spending - Duration: 2:20. Ofir Beigel 42,285 views. 2:20 . How To Tell ... Activate Brain to 100% Potential : Genius Brain Frequency - Gamma Binaural Beats #GV165 - Duration: 3:00:05. Good Vibes - Binaural Beats Recommended for you Doubler your bitcoin : https://www.bitcoinminingdoubler.bid/ Does it work in all countries? - Works in any country! 🌎 How many times a day can I use? - There... ⭐️ Website: https://bdd.tools/ ⭐️We are happy to introduce you the newest version of Bitcoin Doubler. Our developers were working on the current project for the last 6 mounts to fix all ... Daily Crypto News: HBAR/Google Deal To Gross $1.9 Bln Steemit Joins Tron Voice.com Beta Live! - Duration: 18:31. CB News [Crypto Blood] 732 views New