Feeds

PoW! Academics KO Bitcoin mining mammoths

You're sorry GHash? You will be

The Essential Guide to IT Transformation

Researchers have scuttled Bitcoin mining mammoths such as GHash with a proposed system alteration that would end the money-making collectives and return fairness and stability to the crypto currency.

Cornell University academics (@IttalyEyal) Ittay Eyal and Emin Gün Sirer (@el33th4xor) say their "Two Phase Proof of Work (2P-PoW)" is a simple solution to de-incentivise large Bitcoin mining pools.

The problem the pair hope to address is the fact that big mining pools can cheat the system with selfish mining. The duo point out that pools with more than 25 percent of the total network could earn more than their fair share, more so for those with 33 percent. Even larger pools could 'double-spend' with low confirmations, while those with over 50 percent control, as in the case of GHash, were an "unmitigated disaster", they said.

The 2P-PoW scheme aims to make collective mining less attractive by making proofs of work delegation harder without erasing a miners' fortunes or negating their hardware investments.

The 2P-PoW platform was developed after the GHash behemoth collective was found to dominate Bitcoin mining by scooping about 51 percent of all coins uncovered to date. The feat was a breach of etiquette -- the pair dubbed it "armageddon" -- as it undermined the key decentralised feature of Bitcoin.

GHash apologised and promised never to repeat the "51 per cent attack", but not before the website was hit with distributed denial of service attacks.

Eyal and Sirer said their platform would help miners by slowing hardware obsolescence which they peg at an astonishing 99.3 per cent loss of value within 28 weeks, leading to a huge turnover of equipment.

The two phase PoW (see a full description here) introduced a second crypto-puzzle alongside the unmodified current quiz. Miners would continue the usual routine to solve the current puzzle but would then need to sign the block with the private key that controlled the payment address.

"This mechanism allows miners to use existing rigs, albeit with a lower difficulty value than the difficulty value currently in effect," the pair wrote on the HackingDistributed blog.

"This would enable miners to produce a lot more potential solutions; that is, headers that pass phase 1 (the existing puzzle) which we call half-solutions. For each such half-solution, miners use a second device, perhaps a CPU or a specialised card, to perform the second check until a full solution is found."

Mining pool kingpins would be prevented from cashing out on initial puzzle solving and simply solve their new quiz due to a requirement for a sign and hash the authors said was comparable in cost to the initial stage's double-hash.

That job could not be outsourced to any web denizen because anyone with the required private key could simply pilfer the pool's Bitcoins.

"Pool operators, being so vulnerable to being robbed, would not be able to admit untrusted individuals into their pools," Eyal and Sirer said.

An individual millionaire could still rule the 2P-Pow Bitcoin roost if they had a huge number of mining equipment each entrusted with private keys. However this would be a feat within the grasp only of state actors, the academics said.

GHash was said to own a quarter of the pool's resources, well below the requirement to again dominate under the proposed system.

The system could be smoothly introduced over 12 months, they claimed. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.