Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Mining Power Destruction Attacks in the Presence of Petty-Compliant Mining Pools

Roozbeh Sarenche, Svetla Nikova, Bart Preneel

TL;DR

The paper investigates mining power destruction attacks in Bitcoin when honest mining power is partitioned into petty-compliant pools. It introduces three attack classes—selfish mining, bribery, and a novel mining power distraction attack—analyzing their profitability under a semi-rational framework that accounts for pool decentralization via centralization factors. Key theoretical results show that selfish mining can be more damaging when non-adversarial pools are decentralized, and that bribery can be profitable even for small adversaries, with smart-contract-based variants and known/unknown-miner settings explored. The work highlights the limitations of the current difficulty adjustment mechanism in deterring such attacks, discusses possible mitigations, and motivates further study of DAM designs and transaction-fee dynamics in a more realistic semi-rational, multi-agent setting.

Abstract

Bitcoin's security relies on its Proof-of-Work consensus, where miners solve puzzles to propose blocks. The puzzle's difficulty is set by the difficulty adjustment mechanism (DAM), based on the network's available mining power. Attacks that destroy some portion of mining power can exploit the DAM to lower difficulty, making such attacks profitable. In this paper, we analyze three types of mining power destruction attacks in the presence of petty-compliant mining pools: selfish mining, bribery, and mining power distraction attacks. We analyze selfish mining while accounting for the distribution of mining power among pools, a factor often overlooked in the literature. Our findings indicate that selfish mining can be more destructive when the non-adversarial mining share is well distributed among pools. We also introduce a novel bribery attack, where the adversarial pool bribes petty-compliant pools to orphan others' blocks. For small pools, we demonstrate that the bribery attack can dominate strategies like selfish mining or undercutting. Lastly, we present the mining distraction attack, where the adversarial pool incentivizes petty-compliant pools to abandon Bitcoin's puzzle and mine for a simpler puzzle, thus wasting some part of their mining power. Similar to the previous attacks, this attack can lower the mining difficulty, but with the difference that it does not generate any evidence of mining power destruction, such as orphan blocks.

Mining Power Destruction Attacks in the Presence of Petty-Compliant Mining Pools

TL;DR

The paper investigates mining power destruction attacks in Bitcoin when honest mining power is partitioned into petty-compliant pools. It introduces three attack classes—selfish mining, bribery, and a novel mining power distraction attack—analyzing their profitability under a semi-rational framework that accounts for pool decentralization via centralization factors. Key theoretical results show that selfish mining can be more damaging when non-adversarial pools are decentralized, and that bribery can be profitable even for small adversaries, with smart-contract-based variants and known/unknown-miner settings explored. The work highlights the limitations of the current difficulty adjustment mechanism in deterring such attacks, discusses possible mitigations, and motivates further study of DAM designs and transaction-fee dynamics in a more realistic semi-rational, multi-agent setting.

Abstract

Bitcoin's security relies on its Proof-of-Work consensus, where miners solve puzzles to propose blocks. The puzzle's difficulty is set by the difficulty adjustment mechanism (DAM), based on the network's available mining power. Attacks that destroy some portion of mining power can exploit the DAM to lower difficulty, making such attacks profitable. In this paper, we analyze three types of mining power destruction attacks in the presence of petty-compliant mining pools: selfish mining, bribery, and mining power distraction attacks. We analyze selfish mining while accounting for the distribution of mining power among pools, a factor often overlooked in the literature. Our findings indicate that selfish mining can be more destructive when the non-adversarial mining share is well distributed among pools. We also introduce a novel bribery attack, where the adversarial pool bribes petty-compliant pools to orphan others' blocks. For small pools, we demonstrate that the bribery attack can dominate strategies like selfish mining or undercutting. Lastly, we present the mining distraction attack, where the adversarial pool incentivizes petty-compliant pools to abandon Bitcoin's puzzle and mine for a simpler puzzle, thus wasting some part of their mining power. Similar to the previous attacks, this attack can lower the mining difficulty, but with the difference that it does not generate any evidence of mining power destruction, such as orphan blocks.

Paper Structure

This paper contains 42 sections, 16 theorems, 45 equations, 7 figures, 6 tables.

Table of Contents

  1. Introduction
  2. Preliminaries and System Model
  3. Selfish Mining Attack
  4. Theoretical Analysis
  5. Bribery Attack
  6. Bribery Attack Under the Assumption of Known Miners
  7. Description of Bribery Attack Using Smart Contracts
  8. Discussion
  9. Conclusion
  10. Parameters Involved in Semi-Rational Fork Choice
  11. Our System Model Limitations
  12. Selfish Mining Attack: Supplementary
  13. Whale Transactions As a Bribe
  14. Proof of Lemma \ref{['lemma: selfish_mining_advantage']}
  15. Selfish Mining Strategy
  16. ...and 27 more sections

Key Result

lemma thmcounterlemma

Consider a fork race within an $\epsilon$-semi-rational environment, where the length of both semi-rational and adversarial forks is equal to 1, and a normalized bribeThe normalized bribe is defined as the amount of bribe divided by the block reward. of $\texttt{br}=\epsilon$ is available on top of

Figures (7)

  • Figure 1: Mining share distribution between forks in a block race. The adversarial block, denoted in red, is published later than the rival block in the block race. We denote by $\alpha_\mathcal{A}$, $\alpha_i$, and $\alpha_\mathcal{A}^\texttt{fork}$ the mining shares of the adversarial mining pool, mining pool $p_i$, and all mining nodes extending the adversarial fork, respectively.
  • Figure 2: Periods of profitable selfish mining. According to Theorem \ref{['theorem_D=inf_selfish']}, selfish mining becomes more profitable than honest mining when the selfish mining advantage of a mining pool (defined as the right-hand side of inequality \ref{['eq:selfish_profitability']}) surpasses its residual centralization factor (defined in Definition \ref{['def:residual_CF']}).
  • Figure 3: The adversarial reward share obtained from different attacks.
  • Figure 4: The normalized revenue advantage of the bribery attack over time.
  • Figure 5: The normalized revenue advantage of selfish mining over time (adversarial mining power share: $0.29033$).
  • ...and 2 more figures

Theorems & Definitions (44)

  • definition thmcounterdefinition: Time-averaged profit
  • definition thmcounterdefinition: Honest mining pool
  • definition thmcounterdefinition: Chain expected return
  • definition thmcounterdefinition: Semi-rational fork choice rule
  • definition thmcounterdefinition: Petty-compliant mining pool
  • definition thmcounterdefinition: Adversarial mining pool
  • definition thmcounterdefinition: Semi-rational environment
  • definition thmcounterdefinition: Normalized bribe
  • definition thmcounterdefinition: Centralization factor
  • definition thmcounterdefinition: Residual centralization factor, Pool advantage
  • ...and 34 more