Why buy when you can rent? Bribery attacks on bitcoin-style consensus

Joseph Bonneau

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The Bitcoin cryptocurrency introduced a novel distributed consensus mechanism relying on economic incentives. While a coalition controlling a majority of computational power may undermine the system, for example by double-spending funds, it is often assumed it would be incentivized not to attack to protect its long-term stake in the health of the currency. We show how an attacker might purchase mining power (perhaps at a cost premium) for a short duration via bribery. Indeed, bribery can even be performed in-band with the system itself enforcing the bribe. A bribing attacker would not have the same concerns about the long-term health of the system, as their majority control is inherently short-lived. New modeling assumptions are needed to explain why such attacks have not been observed in practice. The need for all miners to avoid short-term profits by accepting bribes further suggests a potential tragedy of the commons which has not yet been analyzed.

Original languageEnglish (US)
Title of host publicationFinancial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers
PublisherSpringer Verlag
Pages19-26
Number of pages8
Volume9604 LNCS
ISBN (Print)9783662533567
DOIs
StatePublished - 2016
EventInternational Workshops on Financial Cryptography and Data Security, FC 2016 and 3rd Workshop on Bitcoin and Blockchain Research, BITCOIN 2016, 1st Workshop on Advances in Secure Electronic Voting Schemes, VOTING 2016, and 4th Workshop on Encrypted Computing and Applied Homomorphic Cryptography, WAHC 2016 - Christ Church, Barbados
Duration: Feb 26 2016Feb 26 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9604 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

OtherInternational Workshops on Financial Cryptography and Data Security, FC 2016 and 3rd Workshop on Bitcoin and Blockchain Research, BITCOIN 2016, 1st Workshop on Advances in Secure Electronic Voting Schemes, VOTING 2016, and 4th Workshop on Encrypted Computing and Applied Homomorphic Cryptography, WAHC 2016
CountryBarbados
CityChrist Church
Period2/26/162/26/16

Fingerprint

Attack
Health
Miners
Profitability
Currency
Coalitions
Incentives
Economics
Profit
Mining
Costs
Modeling
Style
Electronic money

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Bonneau, J. (2016). Why buy when you can rent? Bribery attacks on bitcoin-style consensus. In Financial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers (Vol. 9604 LNCS, pp. 19-26). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9604 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-662-53357-4_2

Why buy when you can rent? Bribery attacks on bitcoin-style consensus. / Bonneau, Joseph.

Financial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers. Vol. 9604 LNCS Springer Verlag, 2016. p. 19-26 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9604 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Bonneau, J 2016, Why buy when you can rent? Bribery attacks on bitcoin-style consensus. in Financial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers. vol. 9604 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9604 LNCS, Springer Verlag, pp. 19-26, International Workshops on Financial Cryptography and Data Security, FC 2016 and 3rd Workshop on Bitcoin and Blockchain Research, BITCOIN 2016, 1st Workshop on Advances in Secure Electronic Voting Schemes, VOTING 2016, and 4th Workshop on Encrypted Computing and Applied Homomorphic Cryptography, WAHC 2016, Christ Church, Barbados, 2/26/16. https://doi.org/10.1007/978-3-662-53357-4_2
Bonneau J. Why buy when you can rent? Bribery attacks on bitcoin-style consensus. In Financial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers. Vol. 9604 LNCS. Springer Verlag. 2016. p. 19-26. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-662-53357-4_2
Bonneau, Joseph. / Why buy when you can rent? Bribery attacks on bitcoin-style consensus. Financial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers. Vol. 9604 LNCS Springer Verlag, 2016. pp. 19-26 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{3a601fd20f7741daa536690d3e7ba2ea,
title = "Why buy when you can rent? Bribery attacks on bitcoin-style consensus",
abstract = "The Bitcoin cryptocurrency introduced a novel distributed consensus mechanism relying on economic incentives. While a coalition controlling a majority of computational power may undermine the system, for example by double-spending funds, it is often assumed it would be incentivized not to attack to protect its long-term stake in the health of the currency. We show how an attacker might purchase mining power (perhaps at a cost premium) for a short duration via bribery. Indeed, bribery can even be performed in-band with the system itself enforcing the bribe. A bribing attacker would not have the same concerns about the long-term health of the system, as their majority control is inherently short-lived. New modeling assumptions are needed to explain why such attacks have not been observed in practice. The need for all miners to avoid short-term profits by accepting bribes further suggests a potential tragedy of the commons which has not yet been analyzed.",
author = "Joseph Bonneau",
year = "2016",
doi = "10.1007/978-3-662-53357-4_2",
language = "English (US)",
isbn = "9783662533567",
volume = "9604 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "19--26",
booktitle = "Financial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers",
address = "Germany",

}

TY - GEN

T1 - Why buy when you can rent? Bribery attacks on bitcoin-style consensus

AU - Bonneau, Joseph

PY - 2016

Y1 - 2016

N2 - The Bitcoin cryptocurrency introduced a novel distributed consensus mechanism relying on economic incentives. While a coalition controlling a majority of computational power may undermine the system, for example by double-spending funds, it is often assumed it would be incentivized not to attack to protect its long-term stake in the health of the currency. We show how an attacker might purchase mining power (perhaps at a cost premium) for a short duration via bribery. Indeed, bribery can even be performed in-band with the system itself enforcing the bribe. A bribing attacker would not have the same concerns about the long-term health of the system, as their majority control is inherently short-lived. New modeling assumptions are needed to explain why such attacks have not been observed in practice. The need for all miners to avoid short-term profits by accepting bribes further suggests a potential tragedy of the commons which has not yet been analyzed.

AB - The Bitcoin cryptocurrency introduced a novel distributed consensus mechanism relying on economic incentives. While a coalition controlling a majority of computational power may undermine the system, for example by double-spending funds, it is often assumed it would be incentivized not to attack to protect its long-term stake in the health of the currency. We show how an attacker might purchase mining power (perhaps at a cost premium) for a short duration via bribery. Indeed, bribery can even be performed in-band with the system itself enforcing the bribe. A bribing attacker would not have the same concerns about the long-term health of the system, as their majority control is inherently short-lived. New modeling assumptions are needed to explain why such attacks have not been observed in practice. The need for all miners to avoid short-term profits by accepting bribes further suggests a potential tragedy of the commons which has not yet been analyzed.

UR - http://www.scopus.com/inward/record.url?scp=84988019800&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84988019800&partnerID=8YFLogxK

U2 - 10.1007/978-3-662-53357-4_2

DO - 10.1007/978-3-662-53357-4_2

M3 - Conference contribution

SN - 9783662533567

VL - 9604 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 19

EP - 26

BT - Financial Cryptography and Data Security - International Workshops, FC 2016, BITCOIN, VOTING, and WAHC, Revised Selected Papers

PB - Springer Verlag

ER -