[Cryptography] Another Bitcoin issue (maybe) (was: BitCoin bug reported)

Sat Feb 15 03:33:48 EST 2014

On 15 Feb 2014, at 0:22 , Phillip Hallam-Baker <hallam at gmail.com> wrote:
> 
> There is a similar risk in that the mining guilds have a network effect and it is better to be part of the biggest guild with the best tools. So the Ukrainian guild recently had to voluntarily shed members to avoid getting up to 51%.
> 
> But there is nothing to stop a collusion under the table between the miners. And given the interest organized crime has taken in mining, that collusion can be coerced. We lost a couple of guys who are presumed murdered by the Russian mob a couple of years back and Ulrich is on charges of attempted murder. So a scenario in which the mob works out who controls the machines coordinating the mining rigs and literally puts a gun to their kids heads if they don't help them steal a few tens of millions seems very likely to me.

A practical protection for the BTC community is that BTC would become worthless as soon as it became known that a 51% attack was underway, or even that someone could do it, because everyone else would know that their bit coins could vanish at the drop of a hat. This means that using a 51% attack is only worthwhile if it is kept to a low enough level that it remains unnoticeable, and that in turn would reduce the motivation for performing such an attack. (ISTM that it might be more useful as a one-shot method of collapsing the market in some form of short-sellign scam, but even then it would be difficult to figure out a way of doing it and getting away with it.) Working out the economics of a 51% attack it would be an interesting problem, but since it depends on the price of electricity and mining hardware, the rewards for honest mining, the number of miners, and the BTC exchange rate, it is probably infeasible to work out.

>  
> Another area where cheating looks possible is in these 'proven secure' bitcoin gambling sites. 
> 
> Most of the sites tell you that they aren't cheating and for most Bitcoiners, that is enough. Though some are careful enough to look at the 'I'm not cheating page' where you can press buttons that tell you the site isn't cheating, honestly. Or if you are really paranoid you can download an open source program provided by the site owner and run it. And that will tell you that the site owner isn't cheating.
> 
> Hows that for confidence building?

In practice, it is the same trust model as most illegal business - users trust those sites for the same reason they trust illegal IRL casinos, or why they trust the drugs they’re buying: it can be worth ripping off customers and plenty of people do it, but plenty of people prefer a steady income from providing an honest (or at least consistently dishonest) service.

> I can't see any specifications or explanations on the sites I have visited so I can't see if the protocols are vulnerable to other forms of attack. I am pretty sure that there are attacks that are going to be possible if the site owner colludes with the miners. One easy way to cheat would be to only include losing bets in the blockchain. Which would be visible in the results of course. Unless the site owner made sure to only cash out by making an equal number of known winning bets.
> 
> 
> The idea of getting close to a currency being used by people with lots of guns and a history of using them on other people seems like a very bad plan to me…

The geographic distribution of users helps somewhat here: a local gang boss can have you roughed up or killed easily enough, but the level of effort in tracking down and killing someone on the other side of the world raises the threshold of what’s worth dealing with. Also, they want ordinary users - if no-one but gangsters use bit coin, they become worth much less, and much more dangerous to hold.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 243 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140215/be7f91dd/attachment.pgp>