Shenyu is angry and exposes the "block deduction attack" in the mining circle, and the undercurrent in the mining pool world is surging

In the past two days, the news of the head-on competition between Gree and Aux Air Conditioners has grabbed the headlines of major media outlets.

Gree reported under real name that 8 models of air conditioners produced by Aux were falsely advertised and failed to meet energy efficiency standards. Aux claimed that the other party maliciously spread rumors and engaged in unfair competition.

On the 12th, two Weibo posts by Shenyu, the founder of the famous Chinese mining pool F2pool, stirred up waves in the mining industry. Shenyu said that Chinese competitors were muddying the waters, charging relatively low fees in name, but secretly adjusting the displayed computing power of the mining pool. They even offered low fees to attract computing power when miners first joined the mining pool, and later raised the fees dynamically under the guise of "manual functions", ranging up to 5%-10%, to deceive miners.

In addition, he also exposed a "black trick" in the mining circle. "Even worse, some people use computing power to carry out long-term block-withholding attacks on other mining pools. What's funny is that the total network computing power of a certain major currency (calculated based on difficulty) and the actual total network mining pool computing power have long been 1/4 different, which means that 1/4 of the computing power is used for block-withholding attacks, suppressing competitors, and causing other pools to lose money and go bankrupt." He said.

▲Picture from Weibo

However, Shenyu is not only angry about the attack itself, but also about assuming that this attack method is grafted onto Bitcoin. With the reduction of mining pools and the concentration of computing power, will Bitcoin still be safe? How far are we from the 51 attack?

Block withholding attacks, a shady trick used by mining pools

Block withholding attack. To date, there is very little public discussion about this operation.

In 2016, Babbitt columnist Huang Shiliang explained the block deduction attack. There are two types. One is also called "Finney attack", the purpose is to double spend. The other is, as Shenyu said, to attack competitors and cause financial losses to the other mining pool.

Simply put, a block withholding attack is when a miner does not broadcast a target block after mining it, and the mining pool is mining in vain.

The reason for this is that many mining pools (including F2Pool) currently use the PPS+ profit distribution method. Under this model, the mining pool estimates the daily profit based on the mining pool's computing power, and miners receive the estimated profit according to their computing power in the mining pool. In other words, no matter how the mining pool mines every day, the miners connected to the mining pool can get a stable income every day. The risk is on the mining pool side. If there are many blocks, the mining pool will have more income, and if there are few blocks, the mining pool may suffer losses.

Block withholding attacks are to make the attacker's computing power "take up the toilet without doing anything". They seem to be working for the mining pool, but in fact they do not produce blocks, but can continue to fleece the mining pool.

How big is the impact? Take Bitcoin as an example. If the fish pool is attacked by a block deduction attack once a day, one block is 12.5 BTC. Calculated at $8,000 per BTC, its actual income will be reduced by about RMB 790,000. The computing power of the fish pool accounts for about 13% of the entire network. The theoretical daily output of the entire network is 1,800 BTC. The expected output of the fish pool is 234, about 14.78 million. According to its 2.5% fee rate, the approximate income is RMB 370,000. In other words, the fish pool loses money in one block deduction attack. (Simply based on theoretical calculations)

For mining pools that do not use PPS profit-sharing methods, block withholding attacks will make the attacked mining pool appear "unlucky", thereby driving real miners to other mining pools, but this is a lose-lose situation.

Block deduction attack, mining pools are completely helpless no matter how painful it is

Block deduction attacks are very difficult to identify. Because the mining pool cuts in a batch of computing power, the mining pool cannot immediately detect that they do not produce blocks in the short term. If there is no block production for a long time, the mining pool can only guess that there is a problem with the computing power, but it is difficult to prove it. If the attacker divides the computing power into different accounts, the difficulty will be even greater. It is even more difficult to defend against the use of technical means to hide the identity of the attacking computing power. The mining pool can only take stop-loss measures such as deducting one day's salary or blocking the account.

Not only does the mining pool not feel anything, it may even think that its own skills are not good and its luck is too bad.

The industry has discussed this before. This is very similar to the prisoner's dilemma. When the mining pool cannot predict whether it will be attacked, the best option is to take the initiative.

According to Wang Peng, a senior mining industry insider, in the early days of mining pool development, different mining pools had many ways to fight against each other, including DDOS attacks, block deduction attacks, and rebates. However, from 2017 to 2018, the computing power grew massively, and the mining pools were busy attracting new customers, and the attacks gradually faded out of sight.

"The mining pool business has low profits, low barriers to entry, and very fierce competition. If companies without good reputation really use block-withholding attacks, they should be able to get the desired effect, at least to cheat people. As long as there is profit, anything can happen. Shenyu has finally achieved the scale of a leading mining pool, but it is often attacked. I can understand Shenyu's feelings." Wang Peng said.

Shenyu revealed on Weibo, "What's funny is that for a certain major currency, the total network computing power (calculated based on difficulty) and the actual total network mining pool computing power have long been 1/4 different. In other words, 1/4 of the computing power is used for block deduction attacks, suppressing competitors, and causing other pools to lose money and go bankrupt."

Wang Peng told Babbitt that the possibility of a block deduction attack on Bitcoin is small, Bitcoin mining is relatively stable, and the increase is basically the computing power of old customers, so this kind of thing is unlikely to happen. "The possibility is higher for small currencies," he said.

Zhu Yu, co-founder of Biyin, also believes that Asic miners do not have this problem, but he speculates that it is Ethereum or other small currencies. "The ecosystem is quite chaotic," he said.

Is Bitcoin still safe? How far is the 51 attack?

Babbitt called Shenyu, who said that by using the so-called low fee rate to attract computing power, build an attack advantage, and then attack the mining pool of other companies with block deduction attacks, this is very similar to an attack mode. Will it be applied to Bitcoin? According to Shenyu, they have observed increasingly rampant block deduction attacks in the past two years, and many currencies have them, including Bitcoin, but not as exaggerated as the currencies mentioned above.

“The attacker forces new competitors out of the game, and then controls the majority of the blockchain’s computing power through multiple brands. This could lead to a 51 attack, which would be very scary. This is contrary to the Bitcoin path that we early believers believe in.”

What’s worse is that the only solution to the block withholding attack is to modify the protocol hard fork. Pan Zhibiao, the founder of Biyin, told Babbitt that he had tried to submit an improvement plan, but it was difficult to push forward because it involved chips, which would affect the entire mining industry. Once modified, it would be equivalent to sentencing all mining machines to death. “It will take more than five years to implement this matter,” he said.

“Someone has to say it, but no one is saying it, no one is paying attention, and some mining pools are not mentally and technically prepared. If a bad incident really happens, the impact on the industry will be too bad. It will be meaningless to save it if it gets out of control.”

During the interview, Shenyu seemed very depressed. He hoped to speak out in advance to trigger discussions and encourage practitioners and even developers to discover, pay attention to and deal with problems.

Did a mining pool really have problems due to block deduction attacks? Some news pointed to Dpool. The founder of Dpool, Zhao Yingguang, denied the claim of being attacked. But he also said that mining pools are a very risky business, which has to bear huge lucky fluctuations. Opening a mining pool is like opening a bank. The larger the business scale, the greater the capital reserve capacity. "I think the operating risks of mining pools are far higher than profitability, so Dpool gave up large-scale expansion and turned to self-operation after a short adjustment. It does not pursue too high a scale, and mainly serves its own computing power and users who are accustomed to Dpool habits." He said.

Note: At the request of the interviewee, Wang Peng is a pseudonym.