Uncle-Block Attack: Blockchain Mining Threat Beyond Block Withholding for Rational and Uncooperative Miners

Blockchain-based cryptocurrency replaces centralized institutions with a distributed network of Internet-based miners to generate currency and process financial transactions. Such blockchain systems reach consensus using proof of work (PoW), and the miners participating in PoW join mining pools to reduce the variance for more stable reward income. Prior literature in blockchain security/game theory identified practical attacks in block withholding attack (BWH) and the state of the art fork-after-withholding (FAW), which have the rational and uncooperative attacker compromise a victim pool and pose as a PoW contributor by submitting shares but withholding the blocks. We advance such threat strategy (creating greater reward advantage to the attackers at the expense of the other miners in the victim pool) and introduce the uncle-block attack (UBA) which exploits uncle blocks for block withholding. We analyze UBA’s incentive compatibility and identify and model the critical systems- and environmental- parameters which determine the attack’s impacts. Our analyses and simulations results show that a rational attacker is always incentivized to launch the UBA attack strategy (over FAW or protocol compliance) and that UBA is effective even in the unfavorable networking environment (in contrast, in such case, FAW is reduced to the suboptimal BWH attack and does not make use of the withheld block).

[1]  Kouichi Sakurai,et al.  Yet Another Note on Block Withholding Attack on Bitcoin Mining Pools , 2016, ISC.

[2]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[3]  Meni Rosenfeld,et al.  Analysis of Bitcoin Pooled Mining Reward Systems , 2011, ArXiv.

[4]  Yongdae Kim,et al.  Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin , 2017, CCS.

[5]  Younghee Park,et al.  Silent Timestamping for Blockchain Mining Pool Security , 2019, 2019 International Conference on Computing, Networking and Communications (ICNC).

[6]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[7]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[8]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[9]  Ghassan O. Karame,et al.  Is Bitcoin a Decentralized Currency? , 2014, IEEE Security & Privacy.

[10]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[11]  S. Matthew Weinberg,et al.  On the Instability of Bitcoin Without the Block Reward , 2016, CCS.

[12]  Ittay Eyal,et al.  The Gap Game , 2018, SYSTOR.

[13]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[14]  Jason Teutsch,et al.  SmartPool: Practical Decentralized Pooled Mining , 2017, USENIX Security Symposium.

[15]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[16]  Prateek Saxena,et al.  On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining , 2015, 2015 IEEE 28th Computer Security Foundations Symposium.

[17]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..