Could Smart Contract-Based Bribes Threaten Bitcoin Mining Pools?

Could bribery payments issued via smart contract undo the bitcoin mining pool model?

AccessTimeIconMar 8, 2017 at 9:26 p.m. UTC
Updated Sep 11, 2021 at 1:08 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Could bribery payments issued via smart contract undo the bitcoin mining pool model?

A new research paper outlines a kind of attack against pools in which a malicious actor uses smart contracts, or agreements hard-coded onto a blockchain, to pay miners to essentially stymie their own efforts to solve the cryptographic puzzles at the heart of mining. Mining is an energy-intensive – and competitive – process by which parties race to add the next block of transactions to the network.

The paper, entitled "Smart Contracts Make Bitcoin Mining Pools Vulnerable", was penned by Yaron Velner of the Hebrew University of Jerusalem; Jason Teutsch of the University of Alabama and Birmingham; and Loi Luu of the National University of Singapore's School of Computing.

on 7th March, the research posits that, in the right scenario, someone could use smart contracts to guarantee payments to miners who, in that case, would then withhold information from the pools (or large conglomerations of miners) to which they are connected.

By doing so, the malicious actor effectively increases their share of any profits relative to the pool's total hash rate. Conversely, this attack could be deployed to break up an opposing pool to the benefit of another.

Yet the key is the use of a smart contract, the authors say, who go on to explain:

"The use of smart contracts is crucial in order for the attack to be successful. Indeed, it is unlikely that miners would collaborate with such an attack unless their payment is guaranteed. Moreover, rewarding via smart contracts makes it possible for the attackers to remain anonymous, and prevent other parties from targeting the attacker (e.g., with a denial of service attack) and shutting him down."

Why take this route? Those who mine on their own without a significant amount of hashing power run the risk of burning all that electricity with no profits to show for it.

So, miners congregate around pools, which concentrate that hashing power onto one point, splitting the block rewards received (if any) and distributing those bitcoins to the miners miner based upon the hash rate they contribute.

With a block withholding attack, a miner who has a big amount of hashing power divides it between two pools, withholding full proof-of-work solutions from one of them.

Yet according to the authors, it wasn’t until the development of smart contracts that this type of coordinated internal mining attack was possible.

Still, the attack isn't guaranteed, as some miners – particularly those guided by ethical considerations and those who don't want to rely on a smart contract to get paid (given that those contracts have failed due to flaws in the past) – might not want to participate, according to the researchers.

Read the full paper here.

Image via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.