Feeds

PoW! Academics KO Bitcoin mining mammoths

You're sorry GHash? You will be

Beginner's guide to SSL certificates

Researchers have scuttled Bitcoin mining mammoths such as GHash with a proposed system alteration that would end the money-making collectives and return fairness and stability to the crypto currency.

Cornell University academics (@IttalyEyal) Ittay Eyal and Emin Gün Sirer (@el33th4xor) say their "Two Phase Proof of Work (2P-PoW)" is a simple solution to de-incentivise large Bitcoin mining pools.

The problem the pair hope to address is the fact that big mining pools can cheat the system with selfish mining. The duo point out that pools with more than 25 percent of the total network could earn more than their fair share, more so for those with 33 percent. Even larger pools could 'double-spend' with low confirmations, while those with over 50 percent control, as in the case of GHash, were an "unmitigated disaster", they said.

The 2P-PoW scheme aims to make collective mining less attractive by making proofs of work delegation harder without erasing a miners' fortunes or negating their hardware investments.

The 2P-PoW platform was developed after the GHash behemoth collective was found to dominate Bitcoin mining by scooping about 51 percent of all coins uncovered to date. The feat was a breach of etiquette -- the pair dubbed it "armageddon" -- as it undermined the key decentralised feature of Bitcoin.

GHash apologised and promised never to repeat the "51 per cent attack", but not before the website was hit with distributed denial of service attacks.

Eyal and Sirer said their platform would help miners by slowing hardware obsolescence which they peg at an astonishing 99.3 per cent loss of value within 28 weeks, leading to a huge turnover of equipment.

The two phase PoW (see a full description here) introduced a second crypto-puzzle alongside the unmodified current quiz. Miners would continue the usual routine to solve the current puzzle but would then need to sign the block with the private key that controlled the payment address.

"This mechanism allows miners to use existing rigs, albeit with a lower difficulty value than the difficulty value currently in effect," the pair wrote on the HackingDistributed blog.

"This would enable miners to produce a lot more potential solutions; that is, headers that pass phase 1 (the existing puzzle) which we call half-solutions. For each such half-solution, miners use a second device, perhaps a CPU or a specialised card, to perform the second check until a full solution is found."

Mining pool kingpins would be prevented from cashing out on initial puzzle solving and simply solve their new quiz due to a requirement for a sign and hash the authors said was comparable in cost to the initial stage's double-hash.

That job could not be outsourced to any web denizen because anyone with the required private key could simply pilfer the pool's Bitcoins.

"Pool operators, being so vulnerable to being robbed, would not be able to admit untrusted individuals into their pools," Eyal and Sirer said.

An individual millionaire could still rule the 2P-Pow Bitcoin roost if they had a huge number of mining equipment each entrusted with private keys. However this would be a feat within the grasp only of state actors, the academics said.

GHash was said to own a quarter of the pool's resources, well below the requirement to again dominate under the proposed system.

The system could be smoothly introduced over 12 months, they claimed. ®

Remote control for virtualized desktops

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Choosing a cloud hosting partner with confidence
Download Choosing a Cloud Hosting Provider with Confidence to learn more about cloud computing - the new opportunities and new security challenges.