Incentivizing Double-Spend Collusion in Bitcoin

Bitcoin’s core innovation is its solution to double-spending, called Nakamoto consensus. This provides a probabilistic guarantee that transactions will not be reversed or redirected, provided that it is improbable for an attacker to obtain a majority of mining power in the network. While this may be true in the traditional sense, this assumption becomes tenuous when miners are assumed to be rational and hence venal. Accordingly, we present the whale attack, in which a minority attacker increases her chances of double-spending by incentivizing miners to subvert the consensus protocol and to collude via whale transactions, or transactions carrying anomalously large fees. We analyze the expected cost to carry out the attack, and simulate the attack under realistic system parameters. Our results show that double-spend attacks, conventionally thought to be impractical for minority attackers, can actually be financially feasible and worthwhile under the whale attack. Perhaps more importantly, this work demonstrates that rationality should not underestimated when evaluating Bitcoin’s security.

[1]  Kerem Kaskaloglu,et al.  Near Zero Bitcoin Transaction Fees Cannot Last Forever , 2014 .

[2]  N. Houy The Economics of Bitcoin Transaction Fees , 2014 .

[3]  Meni Rosenfeld,et al.  Analysis of Bitcoin Pooled Mining Reward Systems , 2011, ArXiv.

[4]  Rainer Böhme,et al.  Trends, Tips, Tolls: A Longitudinal Study of Bitcoin Transaction Fees , 2014, Financial Cryptography Workshops.

[5]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[6]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[7]  Sanjay Jain,et al.  When Cryptocurrencies Mine Their Own Business , 2016, Financial Cryptography.

[8]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[9]  S. Matthew Weinberg,et al.  On the Instability of Bitcoin Without the Block Reward , 2016, CCS.

[10]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[11]  Aviv Zohar,et al.  Bitcoin's Security Model Revisited , 2016, ArXiv.

[12]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[13]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[14]  Joshua A. Kroll,et al.  The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries , 2013 .

[15]  Meni Rosenfeld,et al.  Analysis of Hashrate-Based Double Spending , 2014, ArXiv.

[16]  Joseph Bonneau,et al.  Why Buy When You Can Rent? - Bribery Attacks on Bitcoin-Style Consensus , 2016, Financial Cryptography Workshops.