Feeds

PoW! Academics KO Bitcoin mining mammoths

You're sorry GHash? You will be

Protecting against web application threats using SSL

Researchers have scuttled Bitcoin mining mammoths such as GHash with a proposed system alteration that would end the money-making collectives and return fairness and stability to the crypto currency.

Cornell University academics (@IttalyEyal) Ittay Eyal and Emin Gün Sirer (@el33th4xor) say their "Two Phase Proof of Work (2P-PoW)" is a simple solution to de-incentivise large Bitcoin mining pools.

The problem the pair hope to address is the fact that big mining pools can cheat the system with selfish mining. The duo point out that pools with more than 25 percent of the total network could earn more than their fair share, more so for those with 33 percent. Even larger pools could 'double-spend' with low confirmations, while those with over 50 percent control, as in the case of GHash, were an "unmitigated disaster", they said.

The 2P-PoW scheme aims to make collective mining less attractive by making proofs of work delegation harder without erasing a miners' fortunes or negating their hardware investments.

The 2P-PoW platform was developed after the GHash behemoth collective was found to dominate Bitcoin mining by scooping about 51 percent of all coins uncovered to date. The feat was a breach of etiquette -- the pair dubbed it "armageddon" -- as it undermined the key decentralised feature of Bitcoin.

GHash apologised and promised never to repeat the "51 per cent attack", but not before the website was hit with distributed denial of service attacks.

Eyal and Sirer said their platform would help miners by slowing hardware obsolescence which they peg at an astonishing 99.3 per cent loss of value within 28 weeks, leading to a huge turnover of equipment.

The two phase PoW (see a full description here) introduced a second crypto-puzzle alongside the unmodified current quiz. Miners would continue the usual routine to solve the current puzzle but would then need to sign the block with the private key that controlled the payment address.

"This mechanism allows miners to use existing rigs, albeit with a lower difficulty value than the difficulty value currently in effect," the pair wrote on the HackingDistributed blog.

"This would enable miners to produce a lot more potential solutions; that is, headers that pass phase 1 (the existing puzzle) which we call half-solutions. For each such half-solution, miners use a second device, perhaps a CPU or a specialised card, to perform the second check until a full solution is found."

Mining pool kingpins would be prevented from cashing out on initial puzzle solving and simply solve their new quiz due to a requirement for a sign and hash the authors said was comparable in cost to the initial stage's double-hash.

That job could not be outsourced to any web denizen because anyone with the required private key could simply pilfer the pool's Bitcoins.

"Pool operators, being so vulnerable to being robbed, would not be able to admit untrusted individuals into their pools," Eyal and Sirer said.

An individual millionaire could still rule the 2P-Pow Bitcoin roost if they had a huge number of mining equipment each entrusted with private keys. However this would be a feat within the grasp only of state actors, the academics said.

GHash was said to own a quarter of the pool's resources, well below the requirement to again dominate under the proposed system.

The system could be smoothly introduced over 12 months, they claimed. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.