ben at links.org
Fri Dec 19 00:01:32 GMT 2014
On 18 December 2014 at 21:55, Peter Fairbrother <zenadsl6186 at zen.co.uk> wrote:
> On 05/12/14 20:47, Ben Laurie wrote:
>> Consider the following thought experiment. I am an Evil Genius, with a
>> Lot of Computers.
>> I go away for a year and mine bitcoins on my own version of the chain.
>> Because I have a LoC, I can do this faster than the rest of you.
>> When the year ends, I present my longer chain, and under the Holy Rules
>> of Bitcoin, all of the last year of mining and transactions goes away.
> In theory. However that is not an economic attack.
So what? Unlike most Evil people, I'm not interested in profit.
> Let me explain: You buy LoC - actually you are already screwed, because
> computers can't keep up; there is no way all the computers in the world
> could calculate hashes faster than the bitcoin mining network, as it uses
> dedicated ASICs and is currently operating at about 2^74 hashes per day.
> But let's suppose you buy the latest asics, and set them to work for a year,
> spending say the value of all bitcoin mining in a year on asics and
> electricity. You won't make a profit that way, even if it works, but you
> might break even.
> Ah, but at the end of the year you find your chain is shorter than the
> community chain. At the end of the year you can't do it faster than the rest
> of us any more - your asics are now pants compared to the latest asics (yes
> the technology does change that fast), and we have a lot more of them (yes,
> the mining network grows that fast too).
Sure I can - I'm not the impoverished Evil Genius you think I am - I
can afford more asics than all of you put together (though note that I
don't actually need to, but that's beside the point).
> So you end up with year-old mining gear after spending £££ on new mining
> gear and electricity - it would be better to mine following the community
> chain, that way you will end up with a lot of mined bitcoins.
Why would it be better? My Evil Goal is not to make money, it's to
screw up bitcoin.
>> Clearly this situation is untenable. The solution? Checkpoints.
> But let's suppose your chain is longer, and you have you have a year's worth
> of mined bitcoins (the mining reward is set so that coins are mined at a
> fixed rate).
> It will quickly become obvious that your chain is bogus, so you won't be
> able to gain on transactions - very rapidly, nobody will accept bitcoins
> based on your chain.
In what sense is it bogus?
> No-one will accept your mined bitcoins either, as they will also be based on
> your chain.
> And more, as the mined bitcoins weren't authorised by the community which
> sets the mining rate, the major players, who hold most of the bitcoins,
> won't accept them for that reason either.
i.e. the central authority.
>> Those who set the checkpoints are the central authority.
>> In short.
> Yes, roughly speaking - it's a belt-and braces situation, the community
> isn't going to go back and wipe out a year's worth of transactions just
> because someone has a longer chain.
Then the community is not using the system that is held out as being
the bitcoin system.
> In practice it isn't going to wipe out a chain that's more than six hours
> old - you have six hours to enter a longer chain, starting from the
> generally-accepted six-hour-old chain, or tough titties, holy rules
> However while I'd call the community the authority, I'd have qualms about
> calling them the central authority. They aren't terribly centralised.
They aren't terribly decentralised, either.
More information about the ukcrypto