A newly published
Dishonest mining
The paper, which is partly funded by the SWIFT Institute, examines the consequences of a block withholding attack in an environment with competing mining pools. In a block withholding attack, an individual miner makes it seem as if he is working for the pool by contributing hashing power in order to help the pool find a new block on the blockchain.
In reality, however, the individual miner is not supplying any calculations that are actually useful for the pool. But because it is impossible for the mining pool to tell the difference, the miner will still be rewarded for his work. As such, all other miners – the ones that did actually help find a new block – will have to share the reward with the dishonest miner, hence earning them less bitcoin.
The block withholding attack is not new, but it has long been believed that there was no real incentive to launch such an attack. Since the attacking miner does need to actually invest time and energy, it makes more sense to contribute useful hashing power. Eyal's paper, however, suggests that this is not always the case.
Speaking to Cointelegraph, Eyal explained:
“For a long time the block withholding attack was considered a sabotage-only attack. It would cost money to cause damage to another pool. But it turns out that it's not just useful for sabotage. One pool can actually increase its own revenue by attacking a competitor.”
According to Eyal's paper, it makes sense for any mining pool to invest a specific fraction of its hashing power into attacking another pool. Doing so would yield several benefits. For one, mining in another pool would – of course - still yield some rewards, as described above. And additionally, bad performance for a competing pool translates into improved performance for all other pools, including the attacking pool.
Prisoner’s dilemma
But these advantages disappear, of course, if all miners start attacking each other in this fashion. As such, Eyal argues, the system is currently faced with a version of the classical prisoner’s dilemma. It would be better for all pools to not attack each other, as no hashing power would get wasted on attacks in that case. But it is better for all individual mining pools to carry out the attack if they are the only one doing so. However, it is unsustainable to be attacked and not launch a counterattack – logically leading to all pools attacking each other.
It would therefore make sense, according to the paper, if all miners made a pact not to attack each other. However, in an environment with anonymous users, this seems unsustainable, since there is no way to check if the pact is upheld by all parties.
The only other solution might therefore be a very positive outcome for Bitcoin as a whole, Eyal explained:
“The way to overcome this problem is to mine with a private pool. This can be a group of trusted friends, or a pool can adopt a very strict policy of whom can join. The result of that should be that pools will become much smaller. That is of course good news for Bitcoin, as it would make for a more decentralized, and therefore more robust and a much safer ecosystem.”
Eyal has previously published a paper on selfish mining and the vulnerabilities of Bitcoin’s mining protocol in an ecosystem with large mining pools.