Bitcoin Hashrate Distribution

The one weakness that most people hear about when it comes to Bitcoin is the 51% attack. This is a possible attack vector that can appear when one entity has control over a large percentage of the overall network hashrate. Although the Bitcoin community tends to remain calm when it comes to the general topic of mining power centralization, everyone does usually freak out whenever a single mining pool approaches control of 51% of the network. Having said that, the number 51 may be getting too much attention in this context.

Do You Really Need 51% to Pull Off an Attack?

Blockstream Co-Founder Matt Corallo gave a talk at an SF Bitcoin Devs event where he covered some of the basics of what blockchains are and how they work. During the presentation, Corallo got into the topic of the 51% attack and how people need to understand that controlling 51% of the network hashrate is not some magic switch that makes double-spends and other nefarious activity possible. He made this point during his initial remarks on 51% attacks:

“I want to talk a minute about hash power attacks and what you actually can do with 51 percent hash power or, more specifically, what you can do with 40 percent, 45, and 51 . . . There’s this misnomer in the community that you need 51 percent [of the network hashrate] to pull this off. You really don’t, not even close.”

Corallo then pointed to Satoshi Nakamoto’s white paper where the creator of Bitcoin outlined how to calculate the probability that an attacker could conduct a double-spend through a 51% attack:

“[The Bitcoin white paper] has basic math for how to calculate the probability that someone can double-spend you with a given amount of hash power. At 45 percent hash power, their likelihood of winning — if they are trying to mine a fork or six blocks or whatever — is pretty damn high. It’s all just a probability. With 51 percent, you’re also still not guaranteed; you’re only guaranteed to win in the very long run — not for a very short fork.”

Bitcoin Users Should Do the Math

Corallo also discussed the idea that Bitcoin confirmations should not be taken at face value. In reality, a confirmation is not a black and white finalization of a transaction. The amount of work needed to reverse previous transactions simply becomes far greater and impractical over time (as more blocks are mined). Corallo warned that Bitcoin users should continue to do the math as the distribution of hashing power on the network continues to evolve:

“If you’re someone who is currently accepting coins with one block, you should reconsider that. If you’re currently accepting coins with six blocks of confirmations, you should sit down and do the math with today’s mining pools . . . It’s not as cut and dry as 51 percent [versus] 50 percent; it’s not at all.”

Don’t Be Scared, Just Be Aware

One final point Corallo made in relation to 51% attacks was that he wasn’t trying to scare users away from Bitcoin. He simply wants people to be aware of the somewhat-fragile nature in which Bitcoin works. The Blockstream Co-Founder explained:

“I’m not trying to present this as like, ‘Oh, Bitcoin isn’t secure, and we should all be waiting for 20 confirmations.’ Six is probably fine . . . and that’s why six was chosen. It’s a reasonable tradeoff. For reasonable amounts of money, it’s going to be secure — even with [the] current hashing power distribution. People should be very aware of this. Don’t just blindly follow what’s happening.”

3 COMMENTS

  1. Also, there is a big difference between a 51% attack performed for the purpose of censoring transactions (rejecting all blocks from others, or even just blocks that include certain transactions) and a 51% attack performed to attempt to defraud / double spend.

    A pool with 51% or cartel of pools and miners with 51% can censor. That's undeniable.

    Bu a pool or cartel of pools cannot double spend without taking that hashing capacity offline to mine a private fork of the blockchain. Since most pools do not own their own equipment they risk having those mining there defect once the miners realize the pool's "luck" has changed (from no longer finding any blocks on the public Bitcoin blockchain). If enough defect, that cartel no longer has 51% and the attack fails. Thus the "OMG, ghash.io has 51%" was simple ignorance of what they could do with their users's hashing capacity.

    Additionally a double spend is of no consequence until the recipient has delivered non-reversible value to the attacker. Most exchanges don't allow large withdrawal requests to be processed immediately due to the use of cold storage — making it necessary for the attacker to wait much longer than six confirmations to do any significant damage.

    So there's really little economic incentive to performing a 51% attack.

    About the biggest risk is if a manufacturer were to develop chips that have such an enormous performance advantage over existing tech (like an order of magnitude more) such that they could bring down the cost of the attack such that the attack could be performed profitably. The protection against that is that the manufacturers are competitive.

    Maybe there had been a chance of this happening when we went from FPGA&GPUs to ASICs, but nowadays the manufacturers are having to battle physics (e.g., 16nm chips) to see any significant performance gains but those gains just don't give the manufacturer the needed boost such that attacking is more profitable than either selling the chips to others or mining themselves.

    tl;dr: The 51% attack is not Bitcoin's weak spot.

  2. Why risk our hard-earned money to some chance that it may/may not happen?
    Everytime it happens, bitcoin value will drop, and we will lose value. Every time we have to move our money in and out of the bitcoin because of our fear. The financial brokers love to see that because every time we move our money, they get a percentage of our money. The implication of 51% attack is bad. Values will be lost over and over again. In the end we will be slaves to the biggest financial institutions: the banks.

    Why don’t we convert our currency to Peercoin? As simple as that. I am just starting to.

    PEERCOIN is shielded from 51% attack, and it encourages decentralization
    by giving minting incentives. It does not consume much electricity too
    because it uses a genius Proof of Stake system. (No one will be
    motivated to kill the network if they have 51% of the stake in it. It
    will be stupid to stab himself.)

    Their design has successfully slowed down the blockchain size increase to 0.6GB after 5 years, compared to 110 GB for bitcoin. This will also make bitcoin more centralized in the future because a full node will need a lot of hard drive space.

    Read this forum discussion to understand more about PEERCOIN: (At first I was also skeptical)
    https://talk.peercoin.net/t/suggestion-for-better-ppc-better-system-for-reward-less-transaction-fee-when-trading-one-that-will-make-ppc-better-than-bitcoin-for-sure/4504/16

  3. Why would stores require 6 confirmations? Like every customer has 51% (or close) of the hashrate. xD No hashing pool is even close, so even if the owner of the biggest hashing pool buys something in your store, you have nothing to worry about. And that’s IF he’s corrupt, which he probably isn’t.

LEAVE A REPLY

Please enter your comment!
Please enter your name here