This story is over 5 years old
Tech by VICE

Bitcoin Isn’t Broken, Despite a Potential Flaw

Cornell University researchers claim to have discovered a potential new vulnerability, but users appear unconcerned.

Nov 7 2013, 1:50pm
Bitcoin is another another tear, despite new research that says the currency has a previously-unknown vulnerability. Screenshot from Bitcoinity

Cornell University researchers claim to have discovered a potential new vulnerability within the Bitcoin protocol, but with the virtual currency trading at over $300, an all-time high, users appear unconcerned.

Until now, the primary known vulnerability to the growing Bitcoin ecosystem was the so-called “51% attack,” a scenario in which a single miner or group of miners commanded a majority of Bitcoin’s computing power, allowing them to essentially take over the system.

The 17-page research paper, which has yet to be peer reviewed, describes a potential scenario where malevolent miners could wreak havoc on the system with only one-third of total mining power, a lower threshold that raises a worrying question. Is the Bitcoin protocol significantly less secure than previously believed?

As it stands, the described vulnerability can now be exploited regardless of computing power, according to the researchers, leading them to boldly claim that “bitcoin is broken.”

“And not just superficially so, but fundamentally, at the core protocol level,” computer science professor Emin Gün Sirer and post doctoral associate Ittay Eyal wrote in a blog post Monday. “Specifically, in a paper we placed on arXiv, Ittay Eyal and I outline an attack by which a minority group of miners can obtain revenues in excess of their fair share, and grow in number until they reach a majority. When this point is reached, the Bitcoin value-proposition collapses.”

All transactions in the Bitcoin universe are processed and recorded within the blockchain, which is powered by miners. For their trouble, whenever miners complete a new block by solving a complex mathematical equation, they’re rewarded with a preset number of bitcoins. In other words, every block is a brute force race. Only the winning miner receives the bounty, which currently stands at 25 BTC, worth about $7500 at current rates. This is also why mining success is directly correlated with pure processing power. The faster your computer (or pool of computers), the more likely you’ll finish first.

It’s also why Bitcoin’s most famous flaw, the 51% attack, has always been fairly intuitive. If you control mining, you control the system.

The vulnerability outlined by Sirer and Eyal is a bit more novel, involving a strategy they call “Selfish Mine.” In this case, a selfish miner that completes a block chooses withhold it from the rest of the network. Instead, he or she keeps it secret and immediately starts on the next block. Then, just as other “honest” miners are about to finish the same block, the selfish miner releases the previously withheld block. In this case, the selfish miner not only wins the initial bounty, they’ve wasted the computing power of honest miners while giving themselves a head start on the next block.

Part of the elegance of the Bitcoin model is that, in theory, it works when all participants act first and foremost in their personal self interest. But the “Selfish Mine” strategy could undermine this win-win equilibrium. “We're the first to discover that the Bitcoin protocol is not incentive-compatible,” the researchers write. Call it the Lance Armstrong effect. Once miners start to game the system to get any kind of edge, others eventually join in. In fact, it takes far fewer cheaters than honest miners to potentially unravel the entire system. “If a selfish-mining pool were to command 1/3rd (33%) of mining power, it'll always be in a position to make excess revenues over honest miners,” the authors write From there, it's only a matter of time before the selfish-mining pool takes over.

As it stands, there’s nothing in place within the Bitcoin protocol to deter such cheaters or deal with the possibility of a selfish-mining pool, according to the researchers. They do, however, propose a fix, but even that would only require a pool to command 25 percent of mining power before it could employ the Selfish Mine strategy and the threat of the 33 percent threshold would still exist.

But while claims of this previously undiscovered vulnerability may have mathematical merit, the idea that the cryptocurrency is consequently “broken” is a hyperbolic for some. “Bitcoin is a really big news story right now, and it is unfortunate (but entirely predictable) that the release of a not-yet-peer-reviewed paper generated so many sensationalistic headlines,” Gavin Andreesen, lead developer of the open source Bitcoin protocol, wrote in a blog post yesterday.

Andreesen, who is a board member of the Bitcoin Foundation, is also unfussed by the specifics of the reported flaw, though he declined to pinpoint “specific claims in the paper” that he disagreed with. He did, however, add that “the paper’s assertion of a fundamental flaw is based on some over-simplified assumptions about how the Bitcoin mining market works.”

In the view of Bitcoin’s “Chief Architect,” even if the math checks out, Sirer and Eyal may have failed to fully comprehend the market’s incentive mechanisms. It’s one of the reasons bitcoiners don’t give a second thought to the 51 percent attack: there’s no logical motivation for it, outside of pure terrorism. By compromising the system, any would-be attacker would incidentally sabotage the currency’s value.

While the Selfish Mine strategy isn’t as clear cut, the ultimate doomsday scenario rests on the assumption that the Bitcoin community would fail to respond if such an attack were to occur. “In the grand scheme of things, it’s not very significant,” Andreesen told Forbes. “The fear is that this would go unchecked for a long time and one mining pool would get too much power and then be able to control all transactions. But that rests on a series of bad assumptions: that they would do this, that no one would notice, and they would get away with it for a long time.”

This wouldn’t be the first time a major bug has been discovered in Bitcoin’s code. An early bug, which was fixed before it was exploited in a meaningful way, allowed users to spend other peoples’ bitcoins. Other vulnerabilities also exist, such as the Sybil Attack, which the researchers mention in their paper. As the glare of widespread of attention shines ever brighter, which now includes the focus of Ivy League academics, the surprising resilience of the Bitcoin concept and the code behind it will only be further tested.

And if the Selfish Mine strategy is indeed possible, it’s only a matter of time before ambitious miners attempt to implement it, given the money at stake. Meanwhile, the price of Bitcoin continues its upward surge.


Selfish Mine