Does difficulty adjustment exploiting selfish mining assume pool loyalty?

The 2018 paper "On profitability of selfish mining" by Cyril Grunspan and Ricardo Pérez-Marco [0] introduces a selfish-mining attack that relies on the difficulty adjustment algorithm. Their followup paper (same year) "On profitability of stubborn mining" [2] extrapolates this to attack variants.

It first explains how, when difficulty is constant, selfish-mining is less profitable than honest mining (see also [1]). But then it claims that the difficulty adjustment algorithm introduces a way to make profit. Before I even attempt to understand the math, I'm having a hard time making sense of this intuitively.

By temporarily withholding blocks in period N the attacker is increasing the stale block rate, both for themselves and for honest miners. This causes a drop in difficulty which makes mining in the next period more profitable. So far I follow.

But why would a lower difficulty in period N + 1 benefit the selfish pool more than its competitors? It seems to me all pools profit equally in period N + 1. But the selfish pool had to make an investment in period N, since we've already established that at constant difficulty this strategy is less profitable.

So as a neutral miner choosing between pools, you don't want to be in the attacker pool in period N when it's losing money. You also don't want to join it in period N + 1 because you can reap the same reward in any other pool.

So are they making an assumption about pool loyalty?

[0] https://arxiv.org/abs/1805.08281

[1] https://bitcoin.stackexchange.com/a/125844/4948

[2] https://arxiv.org/abs/1808.01041



from Recent Questions - Bitcoin Stack Exchange https://ift.tt/3W4SYAJ
via IFTTT

Popular posts from this blog

Future of Bitcoin encryption and security in a QC era

How will the advancement of quantum computing impact the security of Bitcoin, and what steps are necessary to protect the network from this emerging threat? What role could lattice-based encryption play in safeguarding Bitcoin, and which of the current algorithms are best suited for this purpose? How would the implementation of such encryption technology be integrated into the existing Bitcoin infrastructure, and what challenges might arise during this process? What happens to existing addresses that rely on elliptic curve cryptography? Is there a way to seamlessly transition old addresses to the new system, or would users need to actively transfer their funds to new, more secure addresses? How could such a transition be designed to ensure user security while maintaining trust in the network? from Recent Questions - Bitcoin Stack Exchange https://ift.tt/aZeY2fo via IFTTT
Read more

Possible rollback due to lazy reveal in BRC20?

Let's assume user A committed an inscription with {"op":"deploy", "tick": "test"} at block 100 (without revealing it yet). Then user B commits and reveals the exact same inscription at block 101. Because the indexer isn't aware that A's earlier commit was actually for "test," it recognizes B's "test" token as the official one. From blocks 101 to 199, users freely perform various "test" token transactions (e.g., "mint" , "transfer" ). However, at block 200, user A finally reveals their earlier commit. In that case, will the indexer roll back all "test"-related histories that happened between blocks 101 and 199? If so, can we really trust that all BRC20 tokens recognized by the indexer are "safely" the official ones? from Recent Questions - Bitcoin Stack Exchange https://ift.tt/CsYKVTa via IFTTT
Read more

A way to recover scammed Bitcoin investment

I have learned the hard way that even the most seasoned investors can fall prey to malicious actors. When my Investment was stolen, I felt a sense of betrayal and anger. But then, I discovered this FINANCE TEAM, and their professionalism and unwavering commitment gave me a renewed sense of confidence. From the moment I reached out to this Finance Team, I was impressed by their attention to detail and their deep understanding of the Stock and real estate ecosystem. They listened patiently to my story and carefully analyzed the transaction history, leaving no stone unturned in their investigation. Throughout the recovery process, This Finance Teamkept me informed of their progress, providing me with regular updates and answering my countless questions with patience and understanding. Their unwavering dedication and determination gave me a sense of hope during a time of great uncertainty. To my astonishment, This Finance Team was able to recover a significant portion of my stolen Investme...
Read more