research-article

Power Adjusting and Bribery Racing: Novel Mining Attacks in the Bitcoin System

Authors:

Bin XiaoAuthors Info & Claims

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

Pages 833 - 850

https://doi.org/10.1145/3319535.3354203

Published: 06 November 2019 Publication History

Abstract

Mining attacks allow attackers to gain an unfair share of the mining reward by deviating from the honest mining strategy in the Bitcoin system. Among the most well-known are block withholding (BWH), fork after withholding (FAW), and selfish mining. In this paper, we propose two new strategies: power adjusting and bribery racing, and introduce two novel mining attacks, Power Adjusting Withholding (PAW) and Bribery Selfish Mining (BSM) adopting the new strategies. Both attacks can increase the reward of attackers. Furthermore, we show PAW can avoid the "miner's dilemma" in BWH attacks. BSM introduces a new "venal miner's dilemma", which results in all targets (bribes) willing to help the attacker but getting less reward finally. Quantitative analyses and simulations are conducted to verify the effectiveness of our attacks. We propose some countermeasures to mitigate the new attacks, but a practical and efficient solution remains to be an open problem.

Supplementary Material

WEBM File (p833-xiao.webm)

Download
113.17 MB

References

[1]

Lear Bahack. 2013. Theoretical Bitcoin Attacks with Less than Half of the Computational Power (draft). In arXiv preprint arXiv:1312.7013 .

[2]

Joseph Bonneau. 2016. Why Buy When You Can Rent?. In Proc. of the International Conference on Financial Cryptography and Data Security (FC). Springer.

[3]

Danny Bradbury. 2013. The Problem with Bitcoin. In Computer Fraud & Security. Elsevier.

[4]

Miles Carlsten, Harry Kalodner, S Matthew Weinberg, and Arvind Narayanan. 2016. On the Instability of Bitcoin without the Block Reward. In Proc. of the ACM Conference on Computer & Communications Security (CCS). ACM.

Digital Library

[5]

Nicolas T Courtois and Lear Bahack. 2014. On Subversive Miner Strategies and Block Withholding Attack in Bitcoin Digital Currency. In arXiv preprint arXiv:1402.1718 .

[6]

Christian Decker and Roger Wattenhofer. 2013. Information Propagation in the Bitcoin Network. In Proc. of the IEEE International Conference on Peer-to-Peer Computing (P2P). IEEE.

[7]

Ittay Eyal. 2015. The Miner's Dilemma. In Proc. of the IEEE Symposium onSecurity and Privacy (Oakland). IEEE.

Digital Library

[8]

Ittay Eyal, Adem Efe Gencer, Emin Gün Sirer, and Robbert Van Renesse. 2016. Bitcoin-NG: A Scalable Blockchain Protocol. In Proc. of the USENIX Symposium on Networked Systems Design and Implementation (NSDI). USENIX.

[9]

Ittay Eyal and Emin Gün Sirer. 2014. Majority is not Enough: Bitcoin Mining is Vulnerable. In Proc. of the International Conference on Financial Cryptography and Data Security (FC). Springer.

[10]

Arthur Gervais, Ghassan O Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun. 2016. On the Security and Performance of Proof of Work Blockchains. In Proc. of the ACM Conference on Computer & Communications Security (CCS). ACM.

Digital Library

[11]

Ethan Heilman, Alison Kendler, Aviv Zohar, and Sharon Goldberg. 2015. Eclipse Attacks on Bitcoin's Peer-to-Peer Network. In Proc. of the USENIX Security Symposium (Security). USENIX.

[12]

Ghassan O Karame, Elli Androulaki, and Srdjan Capkun. 2012. Double-Spending Fast Payments in Bitcoin. In Proc. of the ACM Conference on Computer & Communications Security (CCS). ACM.

Digital Library

[13]

Yujin Kwon, Dohyun Kim, Yunmok Son, Eugene Vasserman, and Yongdae Kim. 2017. Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin. In Proc. of the ACM Conference on Computer & Communications Security (CCS). ACM.

Digital Library

[14]

Yujin Kwon, Hyoungshick Kim, Jinwoo Shin, and Yongdae Kim. 2019. Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash?. In Proc. of the IEEE Symposium onSecurity and Privacy (Oakland). IEEE.

[15]

Kevin Liao and Jonathan Katz. 2017. Incentivizing Blockchain Forks via Whale Transactions. In Proc. of the International Conference on Financial Cryptography and Data Security (FC). Springer.

[16]

Loi Luu, Ratul Saha, Inian Parameshwaran, Prateek Saxena, and Aquinas Hobor. 2015. On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining. In Proc. of the IEEE Computer Security Foundations Symposium (CSF). IEEE.

Digital Library

[17]

Patrick McCorry, Alexander Hicks, and Sarah Meiklejohn. [n.d.]. Smart Contracts for Bribing Miners. Cryptology ePrint Archive, Vol. 2018.

[18]

A Miller. 2013. Feather-Forks: Enforcing a Blacklist with Sub-50% Hash Power .

[19]

Andrew Miller, James Litton, Andrew Pachulski, Neal Gupta, Dave Levin, Neil Spring, and Bobby Bhattacharjee. [n.d.]. Discovering Bitcoin's Public Topology and Influential Nodes .

[20]

Satoshi Nakamoto. 2008. Bitcoin: A Peer-to-Peer Electronic Cash System .

[21]

Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, and Steven Goldfeder. 2016. Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction. Princeton University Press.

Digital Library

[22]

Kartik Nayak, Srijan Kumar, Andrew Miller, and Elaine Shi. 2016. Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack. In Proc. of the IEEE European Symposium on Security and Privacy (Euro S&P). IEEE.

[23]

Antpool. 2019. Antpool. https://www.antpool.com/.

[24]

Bitcoin Wiki. 2019. Proof of Work. https://en.bitcoin.it/wiki/Proof_of_work .

[25]

Bitfinex. 2019. Cloud Mining. https://www.bitfinex.com/.

[26]

Bitinfocharts. 2019. Bitcoin Hash Rate. https://bitinfocharts.com/comparison/bitcoin-hashrate.html .

[27]

BTC-pools.com. 2019. BTC.com Pool. https://btc-pools.com/.

[28]

CEX.IO. 2019. Cloud Mining. https://cex.io/.

[29]

Coinbase. 2019. Bitcoin Exchange Rate. https://www.coinbase.com/charts .

[30]

Dogecoin Project. 2019. Dogecoin. http://dogecoin.com/.

[31]

Litecoin Project. 2019. Litecoin. https://litecoin.org/.

[32]

Pow88. 2019. Cloud Mining. http://pow88.com .

[33]

Slush. 2019. Slush. https://slushpool.com/home/.

[34]

Wikipedia. 2019. Merkle Root. https://en.wikipedia.org/wiki/Merkle_tree .

[35]

wizkid057. 2014. BWH Attacks against Eligius. https://bitcointalk.org/?topic=441465.msg7282674 .

[36]

J Ben Rosen. 1965. Existence and Uniqueness of Equilibrium Points for Concave n-Person Games. Econometrica: Journal of the Econometric Society .

[37]

Meni Rosenfeld. 2011. Analysis of Bitcoin Pooled Mining Reward Systems. In arXiv preprint arXiv:1112.4980 .

[38]

Ayelet Sapirshtein, Yonatan Sompolinsky, and Aviv Zohar. 2016. Optimal Selfish Mining Strategies in Bitcoin. In Proc. of the International Conference on Financial Cryptography and Data Security (FC). Springer.

Cited By

Liu SXu YYang XHui BHu F(2024)Variable-State-Trigger: A Formal Model of Smart Contracts Based on Conditional Response and Finite State Automata and Its ApplicationElectronics10.3390/electronics1323468013:23(4680)Online publication date: 27-Nov-2024
https://doi.org/10.3390/electronics13234680
黄超(2024)Researcheson Security Issues of L-Stubborn Strategies in the Blockchain SystemModeling and Simulation10.12677/MOS.2024.13105613:01(576-587)Online publication date: 2024
https://doi.org/10.12677/MOS.2024.131056
Deng ARen QWu YLei HChen B(2024)Proof of Finalization: A Self-Fulfilling Function of BlockchainIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.345135519(8052-8065)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3451355
Show More Cited By

Index Terms

Power Adjusting and Bribery Racing: Novel Mining Attacks in the Bitcoin System
1. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Economics of security and privacy
  2. Systems security
    1. Distributed systems security

Recommendations

Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

In the Bitcoin system, participants are rewarded for solving cryptographic puzzles. In order to receive more consistent rewards over time, some participants organize mining pools and split the rewards from the pool in proportion to each participant's ...
BA-flag: a self-prevention mechanism of selfish mining attacks in blockchain technology
Abstract
Selfish mining is when a group of miners in a blockchain system work together to cheat and get more rewards by hiding their work from others. This attack makes the blockchain less secure by allowing miners to cheat together, leading to more fraud ...
FORTIS: Selfish Mining Mitigation by (FOR)geable (TI)me(S)tamps
The selfish mining (SM) attack of Eyal and Sirer allows a rational mining pool with a hash power (α) much less than 50% of the whole Bitcoin network to steal from the fair shares of honest miners. This attack has been studied extensively in various ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

November 2019

2755 pages

ISBN:9781450367479

DOI:10.1145/3319535

General Chairs:
Lorenzo Cavallaro
King's College London, UK
,
Johannes Kinder
Bundeswehr University Munich, Germany
,
Program Chairs:
XiaoFeng Wang
Indiana University, USA
,
Jonathan Katz
George Mason University, USA

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 November 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

HK ITF
HK RGC GRF

Conference

CCS '19

Sponsor:

SIGSAC

CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security

November 11 - 15, 2019

London, United Kingdom

Acceptance Rates

CCS '19 Paper Acceptance Rate 149 of 934 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

49
Total Citations
View Citations
1,161
Total Downloads

Downloads (Last 12 months)58
Downloads (Last 6 weeks)4

Reflects downloads up to 26 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Liu SXu YYang XHui BHu F(2024)Variable-State-Trigger: A Formal Model of Smart Contracts Based on Conditional Response and Finite State Automata and Its ApplicationElectronics10.3390/electronics1323468013:23(4680)Online publication date: 27-Nov-2024
https://doi.org/10.3390/electronics13234680
黄超(2024)Researcheson Security Issues of L-Stubborn Strategies in the Blockchain SystemModeling and Simulation10.12677/MOS.2024.13105613:01(576-587)Online publication date: 2024
https://doi.org/10.12677/MOS.2024.131056
Deng ARen QWu YLei HChen B(2024)Proof of Finalization: A Self-Fulfilling Function of BlockchainIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.345135519(8052-8065)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3451355
Wang QLi CXia TRen YWang DZhang GChoo K(2024)Optimal Selfish Mining-Based Denial-of-Service AttackIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.332638619(835-850)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3326386
Wang YLi CZhang YLi TNing JGai KChoo K(2024)A Detection Method Against Selfish Mining-Like Attacks Based on Ensemble Deep Learning in IoTIEEE Internet of Things Journal10.1109/JIOT.2024.336768911:11(19564-19574)Online publication date: 1-Jun-2024
https://doi.org/10.1109/JIOT.2024.3367689
Wang SYang MCao JLing ZTang QFu X(2024)CORE: Transaction Commit-Controlled Release of Private Data Over Blockchains2024 IEEE 44th International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS60910.2024.00038(322-332)Online publication date: 23-Jul-2024
https://doi.org/10.1109/ICDCS60910.2024.00038
Wang CRen YWu Z(2024)Multi‐Hop anonymous payment channel network based on onion routingIET Blockchain10.1049/blc2.12065Online publication date: 4-Feb-2024
https://doi.org/10.1049/blc2.12065
Biçer OKüpçü A(2023)FORTIS: Selfish Mining Mitigation by (FOR)geable (TI)me(S)tampsDistributed Ledger Technologies: Research and Practice10.1145/36163972:4(1-26)Online publication date: 14-Dec-2023
https://dl.acm.org/doi/10.1145/3616397
Li CPalanisamy BXu RDuan LLiu JWang WMeng WJensen CCremers CKirda E(2023)How Hard is Takeover in DPoS Blockchains? Understanding the Security of Coin-based Voting GovernanceProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623171(150-164)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623171
Zhang ZHong GLi XFu ZZhang JLiu MWang CChen JLiu BDuan HZhang CYang MMeng WJensen CCremers CKirda E(2023)Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the WildProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616677(326-340)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3616677
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents