When this point is reached, the Bitcoin value-proposition collapses
November 5, 2013 5:57 AM   Subscribe

Bitcoin is broken. And not just superficially so, but fundamentally, at the core protocol level. We're not talking about a simple buffer overflow here, or even a badly designed API that can be easily patched; instead, the problem is intrinsic to the entire way Bitcoin works. All other cryptocurrencies and schemes based on the same Bitcoin idea, including Litecoin, Namecoin, and any of the other few dozen Bitcoin-inspired currencies, are broken as well.
posted by Chrysostom (170 comments total) 16 users marked this as a favorite
 
If it's a flawed currency, shouldn't it be more valuable like a double chinned Lincoln penny?
posted by mccarty.tim at 5:59 AM on November 5, 2013 [10 favorites]


Knowing Bitcoin users, everybody is now scrambling to be one of those bootstrappy selfish miners.
posted by Sticherbeast at 6:03 AM on November 5, 2013 [7 favorites]


We show that, at the moment, any group of nodes employing our attack will succeed in earning an income above their fair share. We also show a new bound that invalidates the honest majority claim: under the best of circumstances, at least 2/3rds of the participating nodes have to be honest to protect against our attack. But achieving this 2/3 bound is going to be difficult in practice.

Given that most of the people I've seen positively describing Bitcoin seems to be pretty invested in gaming any situation to their advantage, the idea of even 1/3 of the people being "honest" seems ridiculous. Lack of ironclad regulation will lead to exploitation.
posted by GenjiandProust at 6:05 AM on November 5, 2013 [3 favorites]


I get the problem and how it can be deployed, but I'm not sure I see the solution presented, outside this hanging line:

The only way to protect the system against selfish mining attacks is to get everyone to change their implementations.
posted by tilde at 6:07 AM on November 5, 2013 [1 favorite]


This snowball scenario does not require an ill-intentioned Bond-style villain to launch;

But it would nonetheless be completely derivative of Auric Goldfinger.
posted by three blind mice at 6:14 AM on November 5, 2013 [1 favorite]


Given that most of the people I've seen positively describing Bitcoin seems to be pretty invested in gaming any situation to their advantage, the idea of even 1/3 of the people being "honest" seems ridiculous. Lack of ironclad regulation will lead to exploitation.

So, it's just like Capitalism, then?
posted by Zenabi at 6:14 AM on November 5, 2013 [17 favorites]


Well, they've got the "talk out the whole plan before doing it" part of a Bond villain covered. So it's down to lasers and explosives and exciting theme music, now.
posted by ardgedee at 6:16 AM on November 5, 2013 [5 favorites]


Ok, so, just to make sure I understand this correctly, the assertion here is that selfish miners can solve a block but not divulge that, and then they can continue to work on subsequent blocks while honest miners are still plugging away at the solved block. Is that correct?
Not knowing that much about the mechanics of bitcoin mining, I would have assumed that if a block were solved, it would be made known to all within the system. I guess that's not the case. (Someone please correct me if I got any of this incorrect.)
posted by staccato signals of constant information at 6:16 AM on November 5, 2013


To add a note, I guess the selfish miner needs to reveal the solved block just before the honest miners in order to be awarded the revenue. Is that how the progress is revealed normally?
posted by staccato signals of constant information at 6:17 AM on November 5, 2013


So, it's just like Capitalism, then?

Well, yes. It's not surprising that it contains the seeds of its very own crisis then, is it?
posted by GenjiandProust at 6:18 AM on November 5, 2013 [4 favorites]


Is the increase in Bitcoin value at the moment even coming close to paying for the increased cost of mining for anybody who isn't trying to corner the market? It seems to me that the problem is that the whole system is a bit of a pyramid scheme, and whether the pyramid is or is not more or less fragile than people originally thought does not seem particularly relevant. I've known a bunch of people who spent hundreds of bucks on hardware just to feverishly report that they'd made like $1.50 in the past month. But, oh, that $1.50 is totally going to be worth real money someday... I just don't get where the real value is aside from continuing to fleece those people and the ones who just want to invest similarly but with cash instead of hardware.
posted by Sequence at 6:19 AM on November 5, 2013 [5 favorites]


I know this guy who heats his house with the mining equipment he has in his basement. Otherwise I really don't see the point in mining bitcoins.
posted by uandt at 6:29 AM on November 5, 2013 [2 favorites]


So far, I've mostly just heard people dismissing ASIC miners as useless as they aren't capable of floating point operations.

Has anyone bothered to do any serious analysis on if all those ASICs could be useful if this or a similar exploit were to spell the end of Bitcoin and they couldn't work on the Bitcoin 2.0 blockchain?
posted by mccarty.tim at 6:32 AM on November 5, 2013


damn skeuomorphic digi-monies.
posted by Annika Cicada at 6:35 AM on November 5, 2013 [2 favorites]


Staccato, I think the way it works more is like this: When someone solves the "math problem" on the current block, they take credit by announcing it to other miners who then confirm it and credit propagates over the blockchain. The accepted version of the blockchain then shows that miner getting 50 BTC.

If the big evil mining pool that withholds answers hears an answer it already got but has withheld, it'll take to releasing it many times over the network from many member miners, possibly some that are even just virtual machines, so that the honest miner is outvoted. The blockchain accepted by the majority then shows the Evil Mining Pool with 50 more BTC, and the honest miner empty handed. Thus, other mining pools waste a lot of effort mining already solved hashes while the Evil Mining Pool focuses on solving novel hashes. Rather than having income proportionate to their processing power, the biggest mining pools gain an advantage that might even get compounded more as smaller miners choose to change mining pools to the winning mining pool or drop out discouraged as their energy bills overtake their bitcoin earnings.

Once a mining pool owns >50% of the blockchain, they essentially own it by majority rule and bitcoin becomes a centralized currency, if I understand right.

This is my understanding, I am probably missing something.
posted by mccarty.tim at 6:37 AM on November 5, 2013 [14 favorites]


Just yesterday my friend told me that his brother had decided to start mining bitcoins for profit.

I opined that it was a greater fool market.

I listened in mounting horror as he told me his brother had bought a £400 dedicated mining box, and even more horror as I heard he sold it and bought a £1500 dedicated box.

Apparently he had mined 2/3rds of a coin before giving up on the whole endeavour and selling his mining box for £1900, thus turning a handy £400 profit and proving my original opinion correct.
posted by Just this guy, y'know at 6:38 AM on November 5, 2013 [26 favorites]


There have been and may again be periods of technology growth that allowed mining to be profitable. Seems to be quite a few potential ways to loose the investment.

The discretion in the blog post seems like it's not a sure thing that a coalition of miners could "beat the market" so there's a gamble there also. But I don't see how this shows a problem with bitcoins as currency, just that mining may have an uneven playing field.
posted by sammyo at 6:39 AM on November 5, 2013 [1 favorite]


I can't help but giggle with schadenfreude because the researchers basically call the exploit "selfishness" and their proposed solutions are honesty, fair-dealing and sensible oversight of community resources.

I predict that if a software patch isn't forthcoming, the bitcoin community will embrace the exploit as legitimate trading strategy rather than submit to onerous, meddling regulation. After all, it is just like bluffing at poker, and I am going to control 50% of the mining pool someday anyway.
posted by Vulgar Euphemism at 6:44 AM on November 5, 2013 [7 favorites]


At the rate bitcoin ASIC miners are shipping and the rate the difficulty of mining a block is increasing, I think mining is becoming very much a fool's game. The miners are expensive and take a while to pay for themselves, but they can burn out and apparently, many models will actually stop the whole system from mining if you have several plugged into a system and one fails, meaning you're wasting electricity for no profit if you don't keep an eye on your money making machine.

If I were to bet on Bitcoin, I'd just buy a bitcoin direct from the exchange with money.
posted by mccarty.tim at 6:45 AM on November 5, 2013 [1 favorite]


Also, the bitcoin Mt. Gox exhange is up since this news broke, so I guess telling libertarians you can exploit a market more than they expected is good news to them.
posted by mccarty.tim at 6:46 AM on November 5, 2013 [10 favorites]


Not knowing that much about the mechanics of bitcoin mining, I would have assumed that if a block were solved, it would be made known to all within the system. I guess that's not the case.

In cases where a block is discovered by two nodes at the same time, there's a really simple mechanism to decide which block is valid: longest chain wins. That is, whichever of the potential blocks gets capped off by a new block first is declared valid, and everyone switches to that chain.

By misdirecting the rest of the world into a dead-end chain, your pool gets an effective performance boost - you might only have 10% of the available cycles, but while everyone else is off mining the short chain, you're the only guys mining the long chain. Of course, you can't do anything about the difficulty level, so you can only do this for brief periods, when the dice happen to fall your way.

(mccarty.tim: in the event of a conflict it's not a voting mechanism, it's just longest chain wins).

Given that miners have voluntarily split up pools to keep them under 50% in the past, that this attack is highly visible, that miners are sitting on piles of coins and have a vested interest in the stability of the network, and that the attack goes away once the mining process is over, I don't think this is going to tear down the currency. It's the first real, effective attack though, and it's interesting for that alone.
posted by Leon at 6:47 AM on November 5, 2013 [11 favorites]


I predict that if a software patch isn't forthcoming, the bitcoin community will embrace the exploit as legitimate trading strategy rather than submit to onerous, meddling regulation.

The problem with that is that it would destabilize the use of bitcoin as a payment mechanism - you might think your payment has been signed into a block and capped, but the private chain could rewrite that when it's published.

Off the top of my head I can't think of a protocol change that would fix this... maybe something based around adding the time to the nonce value, and rejecting blocks that took too long to propagate. That's pretty poor, though.
posted by Leon at 6:55 AM on November 5, 2013 [1 favorite]


Is the increase in Bitcoin value at the moment even coming close to paying for the increased cost of mining for anybody who isn't trying to corner the market? It seems to me that the problem is that the whole system is a bit of a pyramid scheme, and whether the pyramid is or is not more or less fragile than people originally thought does not seem particularly relevant.

I don't really think the point of mining is to give everyone a free source of money with no skill or effort required. The point of mining is to give people an incentive to do the work necessary to keep the system running. If the people doing the mining are doing it for razor-thin profit margins, that doesn't really matter as long as system still runs and some people are still willing to do the work.
posted by burnmp3s at 6:56 AM on November 5, 2013 [2 favorites]


I don't know about anyone else, but I'd love an idiot's guide to Bitcoins, or a link to one. I read the article, but the whole idea of mining made no sense to me.
posted by MuffinMan at 6:57 AM on November 5, 2013 [2 favorites]


I'm unsure what a mining pool is, and what - assuming there isn't a pool-based attack option - it gets the participants. Does it just smooth out btc deliveries - so you get e steady stream of small amounts rather than the occasional (now, very occasional) belt of btc when your personal miner hits lucky?
posted by Devonian at 6:59 AM on November 5, 2013


The comments are hilarious. You've got a guy saying "we've known this for a long time, old news" (old news that everyone is better off using a deviant strategy which will inevitably lead to a few dominant players centralizing the currency and locking other players out? Really?), a guy saying "it's an American academic saying this, how can you trust them?" (implication being they're probably some kind of NSA spook)? Others crying "FUD FUD FUD! You hat0rz hate teh Bitcoinz!"

Nobody's going "wow, yeah, that's a problem, let's work on getting the solution implemented."

Because, as has already been gloriously pointed out by Vulgar Euphemism, the problem is selfishness and the solution is responsible collective action for the long-term benefit of all. And there's nothing more abhorrent to the typical Bitcoiner.
posted by edheil at 7:03 AM on November 5, 2013 [7 favorites]


They are really exaggerating this. Its a possible exploit but bitcoin has already faced and been tweaked to handle much worse than this.

I'd trust a currency created by engineers over one created by bankers any day. Engineers have to make things work; bankers just need to make money.
posted by memebake at 7:06 AM on November 5, 2013 [2 favorites]


MuffinMan: the original bitcoin paper's pretty good. But basically... do you know what a hash is?

Mining is the process of taking a block of data and finding a hash for it that has certain properties. The "certain properties" is adjusted over time, based on the speed that blocks are being mined, to keep the mining speed roughly constant (1 block every 10 minutes or so).

So lets say our "certain properties" difficulty is "the hash must start with 5 ones". Mining a block then becomes solving this problem:

[a transaction that, by convention, gives 25 bitcoins to me][all the other transactions that have happened in the network since the last block][a nonce value] = [a hash that starts with 5 1's]

A miner just keeps plugging in random nonce values until they get a hash that starts with 5 1's. Then they publish block + hash to the network, and everyone starts work on the next hash.

If the blocks start coming a bit faster, the network changes the difficulty (find a hash that starts with 6 1's).

This is from memory, the paper doesn't quite match the network today, and I'm sure I got some details wrong, but that's about it. Mining cements transactions into the block chain, and by convention the first transaction gives some cash to the miner as a reward for the work done.
posted by Leon at 7:08 AM on November 5, 2013 [5 favorites]


Devonian: My simplistic understanding is that at the current difficulty level and value of bitcoin (ignoring the possibility of the adoption of this tactic), you can very much mine on your own, but it would take forever and be like a lottery instead of a cash flow. Bitcoin miners mine for 50 coin blocks of Bitcoin, which at ~$200 per bitcoin, means you're spending a lot of money for the chance at sporadically getting $10,000.

If you had an efficient bitcoin mining rig, you could make a profit over time and it would average out well enough, but who wants to earn sudden $10,000 bursts of money with timing based on luck?

A mining pool takes the problems solved by bitcoin miners, and splits them up so that everyone in the pool works together to solve the current block. When it is found, it is split proportionate to the hashes you uploaded. Thus, even if you don't find the winning solution, you get a steady stream of Bitcoins.

Further, mining pools offer more advantages. Individual miners need the near 11 GB blockchain file, which would mean that rigs based on microcomputers like a Raspberry Pi with a bunch of USB ASIC mining chips (a common configuration) would need some form of hard drive or large SD card. The mining pool just sends you the calculations needed for the current block. Some people have even proposed phone mining as an alternative to ad revenue from games and apps, which is ridiculous, as phone processors are not fast enough to generate much revenue and it would kill battery life, but it would be possible, storage-wise.
posted by mccarty.tim at 7:09 AM on November 5, 2013 [4 favorites]


So miners are geeks in this scenario - they aren't a plain old mechanical turk? How does the actual money enter the system in the first place?
posted by MuffinMan at 7:11 AM on November 5, 2013


Leon and McCarty, thanks for the explanations.
With regards to solutions "at the same time", surely true simultaneity is really unlikely, right? If the selfish miners sit on their solution until the moment someone else solves that block, then releases it, why wouldn't they just be considered late-comers? I'm having trouble seeing how the longest chain would factor in, based on an assumption that there would always be a timing difference, however minute.
posted by staccato signals of constant information at 7:14 AM on November 5, 2013


MuffinMan, money enters via exchanges and people individually trading money for bitcoin. The value is typically assumed based on the buy/sell orders on Mt. Gox, and, due to a legal situation I don't fully understand, it's easier to buy bitcoin than to sell it, so the price is currently somewhat inflated.

Why people give it value in the first place is that they have faith in it as a currency, or as an investment that will go up in price. It's essentially a decentralized fiat currency based on a protocol rather than trust in a nation's credit. As for if that's more stable or not is up for debate.
posted by mccarty.tim at 7:14 AM on November 5, 2013 [1 favorite]


staccato: the internet is an unreliable network. In the old days it could occasionally take days for email to reach its destination. Figuring out who mined the block first is basically impossible because of propagation delays. Longest-chain-wins is the dumber solution, and dumb solutions generally win out from a robustness point of view.
posted by Leon at 7:16 AM on November 5, 2013 [4 favorites]


I'd trust a currency created by engineers over one created by bankers any day.

Which is what will keep snake oil salesmen in business forever. It doesn't matter if your chosen currency has an RFC and an open source pedigree, it matters if it makes sense and the designers understand basic economics. Decry other currencies as the product of "bankers" (whatever that means) but I've never been impressed with engineers' ability to see forests for all the trees falling over.
posted by yerfatma at 7:17 AM on November 5, 2013 [25 favorites]


As for if that's more stable or not is up for debate.

Not for a minute, I'd say. But watching it is almost as entertaining as watching EVE Online, and there's some really nice engineering behind it.
posted by Leon at 7:18 AM on November 5, 2013 [1 favorite]


Thanks Leon, that definitely explains it. I often have more faith in connectivity than I should.
posted by staccato signals of constant information at 7:19 AM on November 5, 2013


I often have more faith in connectivity than I should.
posted by staccato signals of constant information at 9:19 on November 5 [+] [!]


Eponysterical.
posted by Pogo_Fuzzybutt at 7:22 AM on November 5, 2013 [5 favorites]


yerfatma: fortunately, the long term success of bitcoin will be judged on whether it work or not, rather than on what economists think of it. Economists once tried to create a currency. It was called the Euro. No-one understood how it was supposed to work, and then it broke.
posted by memebake at 7:39 AM on November 5, 2013


Looks like Bitcoin will have to ask the police to step in.
posted by Ironmouth at 7:40 AM on November 5, 2013


For anyone who missed it in the comments of the article, here is a discussion of the same attack from three years ago. No "selfish" miner is going to drill holes in the boat they're sitting in... although a big external entity might try it someday.
posted by Leon at 7:50 AM on November 5, 2013 [4 favorites]


I accept Bitcoin. It's a really good way to take micropayments from nerds who would like to feel awesome because they just gave some tribute to a mistress. Plus, the twenty bucks I have in there seems to have grown to 35 bucks in the last few days! I will let it sit for a few years.
posted by Mistress at 7:50 AM on November 5, 2013 [4 favorites]


I'm still missing something here (perhaps it's covered in the research paper).

Let's say that I'm ahead by two blocks and someone closes the gap by publishing a block. I can invalidate their work by publishing my two blocks, but how does that help me? Sure, it hurts *them*, but I don't see where I get additional revenue out of it. I was ahead and I've published the blocks. The only thing I did was publish them later.

I suppose that transactions that are reported in that block will be invalidated. Is that the idea? I can give someone some bitcoins, but have the results recorded in a bogus block?
posted by It's Never Lurgi at 7:56 AM on November 5, 2013


Lurgi: you had a head start mining on the secret chain while they were diverted into the public chain that you can invalidate any time you like. You're "turning off" all the other miners in the world for a brief period.
posted by Leon at 8:01 AM on November 5, 2013 [3 favorites]


No "selfish" miner is going to drill holes in the boat they're sitting in...

Greenspan, is that you?
posted by FatherDagon at 8:14 AM on November 5, 2013 [2 favorites]


I'll try and explain myself better. There's a lot of derision for bitcoin in this thread, which I guess is a valid reaction to the swarms of pro-bitcoin trolls that seem to be everywhere these days. But if you ignore them and look at bitcoin as a piece of engineering it is phenominal. From nothing they have built an open-source peer-to-peer transaction processing engine that can process transactions globally with very low transaction fees. I think its success is built on a modern internet engineering philosophy of open source and continuous improvement and development. Seeing what works and tweaking the bits that dont.

For me the killer application for Bitcoin is in developing areas like Africa. Lets say you're a startup in Rwanda, selling some service via a web site. What chance have you got in Rwanda to be approved as a Visa merchant (to receive payment)? Whereas with Bitcoin you can just get stuff done. This is the core idea of bitcoin - removal of the need for a trusted central authority makes everything more efficient.

By all means you should view bitcoin as a risky investment. But to write it off as snake oil is to miss the point: Bitcoin works, it is processing transactions in a reliable manner right now, and from what I've seen of the engineering community around it, it will continue to do so.

The attack described in the OP may turn out to be serious or it may not. But if it is serious, how fortunate that it was published as an open paper, so that the necessary changes can be understood and made. Again, thats an engineering approach.
posted by memebake at 8:18 AM on November 5, 2013 [7 favorites]


So far, I've mostly just heard people dismissing ASIC miners as useless as they aren't capable of floating point operations.

That understates it. ASIC miners aren't general-purpose CPUs that happen to be running the bitcoin mining algorithm. They are single-purpose chips designed for one thing only: running the bitcoin mining algorithm as fast as possible.

Bitcoin is based on SHA-256 so conceivably an ASIC miner could be repurposed as a SHA-256 accelerator; but:

1. The bitcoin algorithm uses SHA-256 in a very specific way. (Roughly: SHA-256 two blocks keeping the front of the input data constant and incrementing a counter at the tail of the input data; then run the result through SHA-256 again; then look for a long enough run of zeroes at the start of the second result). This isn't particularly applicable for other SHA-256 applications -- for example code signing which involves running SHA-256 on many consecutive blocks.

2. The world isn't crying out for SHA-256 acceleration anyway.
posted by We had a deal, Kyle at 8:19 AM on November 5, 2013 [2 favorites]


The attack described in the OP may turn out to be serious or it may not. But if it is serious, how fortunate that it was published as an open paper, so that the necessary changes can be understood and made. Again, thats an engineering approach.

It's not clear that changes can be made to fix this, without the voluntary assent of miners who have little to gain if they are part of a selfish mining pool. That's not an engineering problem, or in other words, it is not a problem solvable with engineering.

That there is no central authority engineered into the system means that any problems that arise cannot be solved if those problems require a central authority or regulatory body to address them.
posted by Blazecock Pileon at 8:25 AM on November 5, 2013 [3 favorites]


Economists once tried to create a currency. It was called the Euro. No-one understood how it was supposed to work, and then it broke.

I hate this sort of glib crap. The Euro was created by treaty, voted in by democratic processes. And it is certainly not "broke", whatever the fuck that means. I actually traded some Euro for a rather indistinguished meal yesterday, and I'm quite certain you can trade for just about anything with the currency.
posted by amorphatist at 8:27 AM on November 5, 2013 [25 favorites]


Surely the point of a currency is that it is a socially created unit of value. Gold or computer hashes or large stone discs or bits of paper only have value because we agree they do. This gives government created currencies the ultimate value - they are guaranteed to be accepted as payment of taxes, and if you don't pay tax then large people with state sanctioned access to violence will make you.

This means that, unlike bitcoins, you can pay your taxes with euros (in Europe) - the euro is therefore a socially sanctioned store of value.
posted by Gilgongo at 8:34 AM on November 5, 2013 [4 favorites]


Bitcoin is far more than some sort of semi-sleazy money you can slide around the Internet.

It's actually a global, distributed, open asset tracking system (and that's entirely independent of any mining issues: the mining just generates assets of a particular type to track). Whatever you like, provided it's a digital thing you can attach it to a 'bitcoin' - let's call it a bitcoin-like-token or BLT, because I like BLT sandwiches - and then it's guaranteed authentic in a way that can't be copied.

Say I start a company and sell a hundred shares in it. I could attach each 'share' - which doesn't have to be anything but could be a picture of a kitten - to a BLT and then declare whoever owned that particular BLT at dividend time would get the dividend. Or if I'm Banksie or Madonna or even someone interesting, I could put out a single copy of a digital artwork or piece of music - or a hundred copies - and tag them to the BLT system. While everyone in the world could make copies of the art or the music, the original one hundred would be marked forever as the 'real' thing, and thus would (I guarantee you) have considerable value that was immune from the fact there were a million identical versions.

You want Game of Thrones? Go ahead and make a copy. Or buy the series with tags. pay the makers and keep something that maintains some value (either resale purely because it's a high status item, or because you can prove it's you and thus get access to nice stuff or whatever it is turns your boat or floats your key).

In other words, the bitcoin engineers have solved the basic problem of providence and genuineness that has completely eluded the big content creators for so long. And they did it by giving it all away, just like the original Internet protocols.

I don't think the importance of this part of the invention can be overstated. It goes a long way to solving the problem of ubiquity without restricting access, by adding a system of negotiable value that cannot be traduced. It won't work for everything, but it'll work for a lot of things and it's entirely free to follow whatever form people decide they want.
posted by Devonian at 8:37 AM on November 5, 2013 [15 favorites]


Considering that currency is used for the trade of goods and services, and the vast majority of transactions in Bitconland seems to be trades against another currency (the almighty dollar) then isn't Bitcoin at this point in time nothing more than a commodity?
posted by PenDevil at 8:39 AM on November 5, 2013 [2 favorites]


Um, isn't this how it works on standard currency as well? Aren't we seeing a more diffuse, fuzzy version of this hack in our current global economic system right now?
posted by Mental Wimp at 8:41 AM on November 5, 2013 [2 favorites]


In other words, the bitcoin engineers have solved the basic problem of providence and genuineness that has completely eluded the big content creators for so long. And they did it by giving it all away, just like the original Internet protocols.

I don't think the importance of this part of the invention can be overstated. It goes a long way to solving the problem of ubiquity without restricting access, by adding a system of negotiable value that cannot be traduced. It won't work for everything, but it'll work for a lot of things and it's entirely free to follow whatever form people decide they want.


Yeah, this kind of thing (pdf) is way, way more interesting to me than the currency aspects.
posted by jason_steakums at 8:46 AM on November 5, 2013 [1 favorite]


I know this guy who heats his house with the mining equipment he has in his basement. Otherwise I really don't see the point in mining bitcoins.

You're missing the cost externalisation here. Just imagine you're a Russian with a botnet.
posted by jaduncan at 8:51 AM on November 5, 2013


And you guys said my horde of Tide wasn't worth it!
posted by The 10th Regiment of Foot at 8:54 AM on November 5, 2013 [1 favorite]


amorphatist: I hate this sort of glib crap.

Yeah ok that was very glib. I apologise. Of course the euro in your pocket will continue to function. But the populations of Greece, Portugal and Ireland will continue to work through huge problems, that have various causes, but one of which is that economists didn't really think through the problems arising from several different countries sharing one currency and interest rate but different economies. The euro was created by a traditional top-down expert opinion approach. No opportunity for trial and error or experimentation or continuous incremental improvement.
posted by memebake at 8:57 AM on November 5, 2013


Serious question: Are people equating bitcoins with libertarianism?
posted by memebake at 9:06 AM on November 5, 2013 [1 favorite]


That's not really accurate. The euro was first and foremost a political project, designed to drive ever deeper union. The potential risks of a single currency across countries that did not form an optimum currency area - labor mobility across borders remains low, for one thing - were known, but ignored.

This is not a comment on the viability or lack thereof of bitcoin, just pointing out that the euro was primarily a product of the Maastricht mentality of ratcheting integration ever higher.
posted by Chrysostom at 9:08 AM on November 5, 2013 [5 favorites]


Blazecock pileon: It's not clear that changes can be made to fix this, without the voluntary assent of miners who have little to gain if they are part of a selfish mining pool. That's not an engineering problem, or in other words, it is not a problem solvable with engineering.

The attack they describe makes a lot of assumptions about how miners behave. But as Leon point out, Miners have a vested interest in keeping the network healthy. If a 'selfish pool' did start to capture the whole network, who's to say it wouldn't fracture. For example the selfish pool has to distirbute blocks among themselves without releasing them to the rest of the network. It would only take one 'mole' in the selfish network to puncture it and publish the blocks. The larger the selfish pool is, the more likely that is.

The original paper is interesting, and you can bet people are working through the implications and working out ideas to patch it and whether it needs patching. But the hyperbole in the linked blog post 'its inevitable and cant be fixed and its teh end of bitcoin' is just hyperbole.
posted by memebake at 9:15 AM on November 5, 2013 [1 favorite]


memebake: there are lots of nuts in the bitcoin community. Lots of talk about eeeevil bankers and such.

Re: limited editions of digital artworks. That's a really interesting thought, but you can do that by signing the artwork in a regular way, too. Owner signs artwork, artist signs on top, done.
posted by Leon at 9:24 AM on November 5, 2013 [1 favorite]


Come all you young fellers so young and so fine
Seek not your fortune in a dark dreary mine
It'll form as a habit and seep in your soul
Till the stream of your blood runs as black as the coal
Where it's dark as a dungeon damp as the dew
Danger is double pleasures are few
Where the rain never falls the sun never shines
It's a dark as a dungeon way down in the mine
posted by The 10th Regiment of Foot at 9:33 AM on November 5, 2013 [3 favorites]


Bitcoin has some problems, but a lot of the criticism is coming from goony weird people who have their own reasons for disliking it, which makes them spread either obvious FUD or memes designed to make you look smart to people who already agree with you
posted by This, of course, alludes to you at 9:41 AM on November 5, 2013 [1 favorite]


Serious question: Are people equating bitcoins with libertarianism?

I don't think anybody's equating them, but to be honest it's difficult to talk about bitcoins without libertarian arguments entering the conversation, and I don't think that conflating the two is ultimately all that unfair since libertarian proponents of bitcoin tend to be the ones talking the most and the loudest about it, since it's a hammer that works great for some of their particular nails. Certainly it's a topic that deserves careful handling to avoid that conflation, though.
posted by jason_steakums at 9:44 AM on November 5, 2013 [1 favorite]


Here's a (preliminary) response from one of the Bitcoin core developers.
posted by RobotVoodooPower at 9:46 AM on November 5, 2013 [5 favorites]


Lots of talk about eeeevil bankers and such.

I wonder what would happen if we talked about how evil bankers were
posted by This, of course, alludes to you at 9:47 AM on November 5, 2013


OK: Can anyone see holes in this:

The fallacy in the attack described is the idea that an ever growing pool of selfish miners would be able to distribute their private block chain between themselves while keeping it hidden from everyone else. It would only take _one_ leaker to destroy the selfish pool.

Its easy enough to avoid leaks with a small group of people. But when we start talking sbout '1/3 of the entire bitcoin network' getting involved (as their paper does) then the possibility of preventing leaks shrinks to zero.
posted by memebake at 10:04 AM on November 5, 2013


This, of course, alludes to you: you saw what I did there.
posted by Leon at 10:18 AM on November 5, 2013


memebake: the selfish pool could partition itself to discover and isolate the leaker (binary search). Remember that everyone can see that there's a selfish pool running, because the number of contested blocks suddenly goes through the roof.
posted by Leon at 10:29 AM on November 5, 2013 [2 favorites]


Bitcoins gain their value from trust in the public block chain as a means of ensuring transactions. If one were engage in the strategy described, the aggregate value of Bitcoins would decline as users lost trust. The financial resources required to gain 30% or more of the computing power of all miners would represent a huge investment of capital. It would be very difficult to recoup this investment by engaging in a strategy that decreases the value of the coins mined and risks sending that value to zero. There were incidents in the past couple of years where groups of miners voluntarily split or reduced their computing capacity to avoid crossing the 50% threshold and thus tainting the block chain.
posted by humanfont at 10:34 AM on November 5, 2013 [1 favorite]


Decry other currencies as the product of "bankers" (whatever that means) but I've never been impressed with engineers' ability to see forests for all the trees falling over.

Huzzah! I get to break out Plato for the second time in a week:
At last I went to the artisans, for I was conscious that I knew nothing at all, as I may say, and I was sure that they knew many fine things; and in this I was not mistaken, for they did know many things of which I was ignorant, and in this they certainly were wiser than I was.

But I observed that even the good artisans fell into the same error as the poets; because they were good workmen they thought that they also knew all sorts of high matters, and this defect in them overshadowed their wisdom [...]
--Socrates in Plato's Apology
posted by Mr. Bad Example at 10:53 AM on November 5, 2013 [5 favorites]


I have an unused PC in the garage that has an ATI Radeon HD 5870 graphics card - a nice card, but not very special. A couple of months ago, for fun, I powered up the PC, downloaded a Bitcoin miner, and ran it, not continuously, but off and on for a month. (I seem to recall it ran at about 400MHash/sec).

This netted me just over 1 Bitcoin, which is apparently worth ~200$ today. It seems like a good return (the electric bill for my whole house is only around $60, and that PC would have been a small fraction of it), so I don't believe the assertions I read here and elsewhere that mining Bitcoins is not economically viable.
posted by julianb at 10:58 AM on November 5, 2013


memebake: "From nothing they have built an open-source peer-to-peer transaction processing engine that can process transactions globally with very low transaction fees."

For now. I continue to maintain that low transaction fees are only possible at present because of block rewards for mining. Once that stops, transaction fees will either have to increase significantly or the network will be much more open to attack because most of the miners will stop wasting the electricity.

I, for one, am glad I did not buy an ASIC miner last month, as the mining difficulty has increased faster than I expected. And that estimate was already higher than past growth. julianb, try that again today. In a month you'll make less than a quarter of a bitcoin. Probably closer to a twentieth, but I can't be arsed to look up the difficulty changes and exactly how many hashes/sec a 5870 will do.

As the mining difficulty continues to increase, only those who aren't paying for power or mining equipment or those who have the highest-end mining rigs can actually make money on mining, and when the better than 1.5 terahash/sec rigs come out early next year, all those folks with 700GH rigs will find themselves making a pittance. Already GPU mining is a loss-making operation if you're paying for power or buying the GPU specifically to mine. No matter what GPU you buy, and even if you only pay $0.08/kWh or less all in like I do.
posted by wierdo at 12:21 PM on November 5, 2013 [1 favorite]


Wierdo you'll find your costs to mine a block go down significantly when you use the NSA backdoor in sha-256.
posted by humanfont at 12:53 PM on November 5, 2013 [4 favorites]


bitcoin mining: a great boon for those that have free utilities (ie: fixed rate included in rent).
posted by el io at 1:47 PM on November 5, 2013


bitcoin mining: a great boon for those that have free utilities (ie: fixed rate included in rent).

You didn't reckon on my being...AN ENGINEER!
posted by jcreigh at 1:50 PM on November 5, 2013 [3 favorites]


I have an unused PC in the garage that has an ATI Radeon HD 5870 graphics card - a nice card, but not very special. A couple of months ago, for fun, I powered up the PC, downloaded a Bitcoin miner, and ran it, not continuously, but off and on for a month. (I seem to recall it ran at about 400MHash/sec).

This netted me just over 1 Bitcoin, which is apparently worth ~200$ today. It seems like a good return (the electric bill for my whole house is only around $60, and that PC would have been a small fraction of it), so I don't believe the assertions I read here and elsewhere that mining Bitcoins is not economically viable.


This must have been a while ago, right now, running a 5870 for 30 days continuously will net you 0.011812 BTC.
posted by synthetik at 1:58 PM on November 5, 2013


It seems to me that if your biggest currency exchange is named Magic the Gathering Online Exchange and started as a site for people to trade collectible cards featuring pictures of elves, dragons, and hot angels in boobplate you may, in the long run, face an uphill battle in the struggle for legitimacy.
posted by Justinian at 1:59 PM on November 5, 2013 [2 favorites]


synthetik: "This must have been a while ago, right now, running a 5870 for 30 days continuously will net you 0.011812 BTC."

That's around $3 for an electricity input of somewhere north of $5, for anyone following along.
posted by wierdo at 2:11 PM on November 5, 2013 [1 favorite]


It seems to me that if your biggest currency exchange is named Magic the Gathering Online Exchange and started as a site for people to trade collectible cards featuring pictures of elves, dragons, and hot angels in boobplate you may, in the long run, face an uphill battle in the struggle for legitimacy.

So to continue my theme about the engineering approach and how it leads to a ground-up reliable bootstrapped system rather than a top-down designed-by-experts one:

The bitcoin exchanges (where you can exchange bitcoin for regular currency) have always been a wobbly part of the system. For three reasons:
a) Dealing with traditional currency means they have to meet lots of stringent regulations or else get shut down
b) They are an attractive target for hackers as they are concentrations of bitcoin and regular currency
c) Running a fraudulent exchange is also an attractive proposition for scammers
So the history of bitcoin exchanges is a very messy story of lots of shut downs and heists and scams. That is unfortunate, but it means that only the reliable, battle tested exchanges will survive.

People sneer at MtGox for the origins of their name and their occasional service interruptions. But through it all, they are one of th very few exchanges that has consistently managed to keep going. Their approach is completely opposite to what you'd expect from a traditional financial sector company. E.g. after a major service interruption in April their response was an AMA rather than a press release.

Again: Its an engineering approach - whatever MtGox are doing behind the scenes, they have managed to stay afloat and run a technically and logistically complex operation under very difficult conditions. Sneering at them because of their name is a little unfair. I never played Magic The Gathering, however I hear that running an exchange for those cards was actually quite complex and (I think) it involved dealing with currency too. You hear tech entrepeneurs talking about Pivot - when you take what your business does and reconfigure it for a different purpose - what MtGox did is a perfect example of pivot.
posted by memebake at 3:00 PM on November 5, 2013 [3 favorites]


Maybe a My Little Pony fansite should start competing with them.

(I kid, I kid,memebake)
posted by Justinian at 4:25 PM on November 5, 2013 [1 favorite]


If the space which is searched for blockchains is partitionable, could the protocol solution be to a auction "claimstakes" to the miners? Probably too late to implement in bitcoin.
posted by BrotherCaine at 4:54 PM on November 5, 2013


synthetik: "This must have been a while ago, right now, running a 5870 for 30 days continuously will net you 0.011812 BTC."

No, as I said, this was a couple of months ago ... I participated in the eclipsemc mining consortium. My recollection is that I asked the system to pay out every time I reached 0.02 Bitcoins, and it was paying a little more often than once a day.

That's my experience anyway.
posted by julianb at 5:15 PM on November 5, 2013


Everyone thinks their Bitcoin attack is the best thing ever.

It's never the best thing ever. From direct experience, this is a royal pain in the ass to attack.

The author's model of how Bitcoin works looks nothing at all like the real world, which has gotten crazy centralized. Even without that, I'm working with him on a numerical simulation, and we're not close to actually achieving his results.

That MAY change, but it'll never be what the paper suggests. Ever.
posted by effugas at 5:43 PM on November 5, 2013 [1 favorite]


Two months ago, the total hashing capacity of the network was about 700 terahashes/second. Today, it is about 4,000 terahashes per second. Since the difficulty scales to ensure that blocks are generated approximately every 10 minutes, that means that today you'd a bit more than a sixth of what you did two months ago. At the beginning of the year, total hashing capacity was between 10 and 20 terahashes per second, so you make a quarter to one half of one percent of what you did at the beginning of the year with the same rig.

Put another way, hashing capacity has been increasing by better than two percent a day since August, and even faster in the past month, after a short pause in the beginning of October.

What made money two months ago is completely different than what will make money today. The advent of GPU mining took total mining capacity from around a gigahash a second to 5 or 6 terahashes a second in the span of a year, after which capacity grew slowly until the FPGA and ASIC miners started to take off at the beginning of this year. Your 0.02 bitcoin a day two months ago is 0.02 bitcoin every five days now, and will probably be down to 0.02 bitcoin every 7 to 10 days when the next difficulty increase happens 10ish days from now.

There is a site with some handy charts to help visualize the changes in capacity and difficulty. It's pretty amazing what dedicated hashing hardware has done to the network.
posted by wierdo at 5:44 PM on November 5, 2013


wierdo,

Yeah, this is a big part of why the paper doesn't actually attack real world Bitcoin. It's not actually a very decentralized system anymore.
posted by effugas at 5:51 PM on November 5, 2013 [1 favorite]


Holy crap, the Bitcoin market is booming! I made money appear out of thin air! Then I tripled my money! The 0.05044274 BTC I mined that was worth less than $4 a month or so ago, is now worth $12.48. I'm rich!!!11ll1!l1! In another few weeks, my miner will deliver another 0.01 BTC, currently worth $2.40. I'll be even richer!!1!1!!!

Well this is goddam ridiculous. Every known mining system you could purchase was underwater, incapable of making a profit, back when BTC were under $100. I just checked and it's still true with BTC at $240. They're all incapable of making a profit, even unreleased models like the BFL Monarch, that have the highest hash rate at the lowest investment and the lowest energy usage.

I did some calculations a month or so ago, and I thought maybe mining could become profitable again when it hit 50. Nope, now it looks like it will have to hit $1000 before mining has a positive ROI.

At this rate of increasing difficulty and increasing network power, it's a bubble about to burst. No, I checked the charts, too late, it is a bubble that has already burst. Look at this chart: Mining Operating Margin.

The way it is going right now, difficulty is increasing so fast, soon you won't even mine enough coins to be able pay for the electricity to run a miner. The only systems with sufficient power to generate a significant amount of BTC are the huge rack mounted arrays of miners. The cost to power these systems, and the cost of hardware, is staggering. And yet I keep seeing reports of people starting up terahash systems like this. They are spending huge amounts of money to generate less-than-huge amounts of BTC. Once it is not just negative ROI, but unprofitable to even plug the damn thing in, people will unplug them en masse.
posted by charlie don't surf at 6:28 PM on November 5, 2013 [2 favorites]


charlie,

And then mining will get easier. It's a dynamic system. And price of electricity is not constant.
posted by effugas at 7:01 PM on November 5, 2013 [1 favorite]


And then at a lower difficulty, mining will become profitable again, and they'll plug their miners back in. And difficulty will back go up again. There is no going back.

oops, I noticed an edit error in my previous msg:

>I thought maybe mining could become profitable again when it hit 50

My calculations were at $250 per BTC and it looked like a positive ROI could be achieved. Then a month later difficulty had gone up so fast, it wasn't possible.
posted by charlie don't surf at 7:17 PM on November 5, 2013


And then at a lower difficulty, mining will become profitable again, and they'll plug their miners back in. And difficulty will back go up again.

They won't all come back, many will be bankrupted and see their mining rigs sent to the landfill or sold off to the survivors at auction. Ultimately things will coalesce around a few large scale operators and new entrants to mining will become less common because of the costs of assembling competitive rigs. The challenge for these mining / transaction processors will be to be large enough to limit new entrants, but not so large that they undermine confidence in the block chain. They will also need to maintain public confidence relative to their contribution to the block chain. If they were caught acting in an untrustworthy manner by double spending or otherwise corrupting the block chain; they could face sanctions where the rest of the community refused to recognize their blocks.
posted by humanfont at 8:16 PM on November 5, 2013


And then at a lower difficulty, mining will become profitable again, and they'll plug their miners back in. And difficulty will back go up again. There is no going back.

This is economics 101. A bitcoin is an indistinguishable commodity being sold in a free market. There is 0 profit available, on average, in such a market. Only people who have some kind of advantage (early access to technology or some kind of unfair trading advantage) will profit. The people who got ASICs early probably made money hand over first, but no one else did.
posted by empath at 11:39 PM on November 5, 2013


The only reason anyone is making money at all in bitcoins is from investor speculation. It's a huge bubble, and eventually there's going to be an end to it and the last round of investors are going to lose everything when it crashes.
posted by empath at 11:42 PM on November 5, 2013


...and eventually there's going to be an end to it and the last round of investors are going to lose everything when it crashes.

I love a good pyramid scheme.
posted by Mental Wimp at 10:17 AM on November 6, 2013


No, Bitcoins are many ways sketchy, and probably an incredibly poor investment for most, but not a pyramid.

Well the theoretical idealized bitcoin is not sketchy but it sure seems to draw the wheeler dealers out of the woodwork.
posted by sammyo at 10:52 AM on November 6, 2013 [1 favorite]


effugas: "And then mining will get easier. It's a dynamic system. And price of electricity is not constant."

You would think, but despite the unprofitability, mining capacity does not decline, except for very short periods when people are taking their rigs offline to ship them to some other poor bastard who bought the rig on ebay.
posted by wierdo at 11:06 AM on November 6, 2013


All time high today of $269
posted by memebake at 12:16 PM on November 6, 2013 [1 favorite]


Housing prices will never go down, right?
posted by empath at 5:23 PM on November 6, 2013


empath: "Housing prices will never go down, right?"

Of course they will, but never all across the countryworld at the same time!
posted by wierdo at 6:57 PM on November 6, 2013


effugas: The author's model of how Bitcoin works looks nothing at all like the real world, which has gotten crazy centralized. Even without that, I'm working with him on a numerical simulation, and we're not close to actually achieving his results.

Would you care to elaborate? It looked to me like he was making no specific assumptions about the behavior of the public, non-Selfish Mine population. Does it break down when there are also organized cartels operating in the public? I guess it will probably make the gamma coefficient (i.e.: proportion of public miners mining the Selfish Mine miners' branch in case of a tie) much worse.

However, if things are crazy centralized, wouldn't that make it easier for some (relatively small) number of cartels to band together and form a super-cartel to get enough share of the total computing power to make this scheme profitable?
posted by mhum at 7:36 PM on November 6, 2013


Seems to me that it would be more likely that a state-actor like china would do it.
posted by empath at 8:00 PM on November 6, 2013


In relation to the stuff I said above about MtGox and how challenging the area they work in is:

inputs.io was a startup bitcoin business aiming to run (I think) online wallets and payment processing (rather than an exchage). They just posted a message saying that they were hacked and 4100 bitcoins stolen - at todays price that $1.25million. From the discussion on bitcointalk it seems they doing some things wrong (e.g. a serious bitcoin business should store a large proportion of its bitcoins 'offline').

These sorts of things used to happen more often. This is the first I've heard of for a while. I guess I'm making two points:
- bitcoin itself is relatively secure, however some of the businesses around it have a wild-west feel to them.
- imagine how much hacker attention must be targeted at MtGox
posted by memebake at 3:19 AM on November 7, 2013


mhum,

Most mining is the hands of a very small number of parties (like, less than a dozen, and I'm being charitable). If this attack ever showed up, these parties would just prefer blocks from eachother over the randomly sourced block that tried to win the race. The author thinks the fact that the racing block comes from a random source is useful, he ignores that the good blocks have a signature too.

None of these real world properties exist in the theoretical Bitcoin model, so it's totally fair to still attack the theoretical model. What's not fair is "all Bitcoin, all variants are broken" because that's just not even close to the case. It's not even clear the theoretical model is broken.
posted by effugas at 3:36 AM on November 7, 2013 [1 favorite]


Is it even a crime to steal bitcoins? Would it be against the law to use an attack like this on the bitcoin protocol, assuming that it's even effective?
posted by empath at 4:04 AM on November 7, 2013 [1 favorite]


effugas: " If this attack ever showed up, these parties would just prefer blocks from each other over the randomly sourced block that tried to win the race."

Ok, that's what I suspected. But, if I understand the paper correctly, that would correspond to a case where gamma = 0 and the author claims that even if this were the case, a cartel controlling > 1/3 of the hashrate would still be able to gain some advantage from collusion. And, if it is the case that there are only about a dozen significant players, then wouldn't that make it even easier for such a cartel to to be formed?

I guess the larger question is that if the computing power is already so concentrated, why doesn't there already exist a cartel controlling >50% of the hashrate?
posted by mhum at 10:41 AM on November 7, 2013


mhum,

Because visibly controlling >50% of the hashrate would lower the value of Bitcoin.

It's not like people are running out of processors at 48%.

The author's numbers have not been simulated yet, by anyone.
posted by effugas at 1:57 PM on November 7, 2013


Is it even a crime to steal bitcoins?

Not directly, but breaking into someone else's system is, right? So pretty much any bitcoin theft would be crime by default.
posted by memebake at 2:02 PM on November 7, 2013


Look at this chart: Mining Operating Margin.

So why don't the miners stop digging the hole?
posted by Mental Wimp at 2:23 PM on November 7, 2013


effugas: "Because visibly controlling >50% of the hashrate would lower the value of Bitcoin."

That's fascinating. I would be very interested to learn more about this. If you have the time, would you be able to provide a quick sketch of the mechanism that causes this? Or some pointers where I could read up on it? Was this built into the system by design or was it more of an unintended side-effect? I have only a layman's understanding of Bitcoin, so I don't quite know how this works.
posted by mhum at 3:00 PM on November 7, 2013


"Because visibly controlling >50% of the hashrate would lower the value of Bitcoin."

That's fascinating. I would be very interested to learn more about this. If you have the time, would you be able to provide a quick sketch of the mechanism that causes this?


The 'engine' of bitcoin is the distributed transaction processing. This is driven by the miners. Anyone who sustainably controls >50% of the total 'power' (hashrate) would be in a position to take control - i.e. choose which transactions to process etc. The system is designed to make that unlikely. The 'power' is large enough now that it would be very economically difficult to capture >50% of it. Also, the miners themselves will generally avoid this if they can. But if it happened, bitcoin values would drop - not due to some mechanism, but just because everyone would see that the engine was compromised.
posted by memebake at 3:20 PM on November 7, 2013


Found some fun charts: http://bitcoincharts.com/bitcoin/

The pie chart on the right shows the mining pools. 5 big ones, lots of little ones.

The total processing power of the distributed bitcoin engine is rated at 47,542 petaflops. To put that to scale, the largest known supercomputer - China's Tianhe-2 - runs at about 34 petaflops. So the bitcoin network is about 1400 times more powerful than the worlds largest supercomputer.

Most of that processing power is engaged in finding hashes of randomly chosen numbers - known as 'proof-of-work'. On the face of it, a rather fruitless exercise. But its not the results of the calculations that are important - its the fact that the calculations are happening. Thats what makes it all work - to 'break' bitcoin, you'd have to throw 700 clones of the worlds largest supercomputer at the same task.
posted by memebake at 3:36 PM on November 7, 2013


memebake: "But if it happened, bitcoin values would drop - not due to some mechanism, but just because everyone would see that the engine was compromised."

Oh, I think I get it. But, since this is a social mechanism, the exact magnitude of the drop would have to be unknown, no? Wouldn't it depend on factors like how many merchants decide to stop accepting bitcoin due to this concentration? Or, is the idea that once the 50% threshold is breached, everyone would abandon bitcoins for payment because they could no longer trust the system and the value would instantly drop to zero?

The 'power' is large enough now that it would be very economically difficult to capture >50% of it.

But, doesn't the pie chart you link to show that if the two largest groups (BTC Guild and GHash.io) teamed up, they would get slightly more than 50%? And if the top three teamed up, they'd be well over 50%. Is the idea that whatever gains may be had by controlling that much of the hashrate are more than offset by the unknown, socially-determined cost of this concentration? Is it not possible for them to team up surreptitiously, thus preventing people from realizing that the 50% threshold had been breached?
posted by mhum at 4:36 PM on November 7, 2013 [1 favorite]


Oh heh, distributions have shifted.

BTC Guild used to control something like 47% to 48% of the mining. That's changed. But BTC Guild and GHash.io together control something like 51%. This isn't an accidental coincidence. People aren't just barely running out of mining power. There's a thing going on, between the established players, and the new guys, where people are deciding to or not to turn up the juice on their mining. Lots and lots of dark capacity.

It's a game completely outside the Bitcoin design. Whatever flaws it has, it is truly not vulnerable to this selfish mining trick.

Incidentally, lots of completely new ASICs are coming on soon that will likely dwarf the existing population of global mining. Not all work is equal, and SHA256 was designed to be accelerated. So you may very well have one or two guys with these crazy next gen chips that get >50%. That is a thing that may very well happen. You can't compare against supercomputers because they're designed to move work effort further than a few nanometers. That takes work too.
posted by effugas at 4:37 PM on November 7, 2013 [1 favorite]


And yes, it's a social mechanism. Huge chunks of Bitcoin are not actually defined, like the value of Bitcoin in other currencies, or even (and importantly) transaction fees.

That it works, and continues to work despite various shocks, is actually fascinating.
posted by effugas at 4:57 PM on November 7, 2013 [1 favorite]


But, doesn't the pie chart you link to show that if the two largest groups (BTC Guild and GHash.io) teamed up, they would get slightly more than 50%? And if the top three teamed up, they'd be well over 50% ... Is it not possible for them to team up surreptitiously, thus preventing people from realizing that the 50% threshold had been breached?

Yes I think you're correct. But you've got to remember these are loosely organised teams of people. The thing they have in common is wanting to pool their mining effort. But apart from that, probably not much in common.

I don't know how many individuals make up BTC Guild (effugas may have some ideas?), but I imagine that organising them to do anything controversial (like capture >50%) or do anything secret would be quite hard. Any attempt to do anything other than honest mining could fracture the pool and lead it to break up, presumably.

Same applies to the paper in the OP - they talk about a snowball effect where the selfish miners start to recruit everyone. But with that sort of casual recruitment, you can't control anything. One leaker or mole would be enough to puncture the selfish pool - the leaker just need to make the blocks public, either through standard channels or any other channel.
posted by memebake at 5:15 PM on November 7, 2013


You can't compare against supercomputers because they're designed to move work effort further than a few nanometers.

Yeah, definitely. A general purpose supercomputer is much more useful than an ASIC that crunches SHA-256. But still, those petaflop numbers are pretty amazing.
posted by memebake at 5:17 PM on November 7, 2013


How much is the price of bitcoins being supported by the crypto virus going around?
posted by empath at 6:56 PM on November 7, 2013


Look at this chart: Mining Operating Margin.

>So why don't the miners stop digging the hole?


Sunk Cost Fallacy
posted by charlie don't surf at 8:48 PM on November 7, 2013


From what I'm seeing, the amount of people actually running mining keeps decreasing. When I connected to every node in the Bitcoin cloud in 2011, there were ~50K miners out there running software directly connected to the cloud.

Last year the number was around 10K.

I'm told (haven't scanned lately) that the number is 2.5K now.

The ASICs mean the networks are becoming more and more centralized onto the few players who have large investors looking at Bitcoin as a hedge. They can't just buy $25M of BTC so they buy $25M of BTC miners. There's a lot of this going on.

empath, ZeroAccess stopped Bitcoin mining. They were making $2K a day and they stopped. Ad fraud is much more profitable (this is what I'm dealing with now).

charlie, yup.
posted by effugas at 9:51 PM on November 7, 2013 [1 favorite]


Re the number of people in BTC Guild, fewer and fewer matter. If you've got one guy with the ASIC racks, he out-governs a million GPUs.
posted by effugas at 9:52 PM on November 7, 2013 [1 favorite]


Thanks effugas, thats interesting. So conceivably a small number of organised individuals with ASIC racks could make a play for >50%. Hmmmm.
posted by memebake at 4:46 PM on November 8, 2013


All time high today of $269 $477
posted by memebake at 6:14 AM on November 16, 2013


All time high today of $269 $477

HOW DO PEOPLE NOT KNOW THAT THIS IS A BUBBLE?
posted by jcreigh at 7:33 AM on November 16, 2013


Sell, Mortimer, sell!
posted by charlie don't surf at 2:42 PM on November 16, 2013 [1 favorite]


A bubble? Sure, buddy...a bubble made of indestructible diamond that will never break or lose its value!

(chomps cigar while wearing a solid gold fedora)
posted by Sticherbeast at 3:02 PM on November 16, 2013 [1 favorite]


It depends. If bitcoin can actually become a well regarded medium for money transfer and cashing out for criminals there's a lot of value there for a lot of black economy people.
posted by jaduncan at 4:45 AM on November 17, 2013


It is until it gets regulated.
posted by empath at 10:39 AM on November 17, 2013


It's quite a hard thing to entirely regulate though. If you can actually use it as a medium of exchange then the main point of regulation disappears because the normal banking system stops being involved.
posted by jaduncan at 11:48 AM on November 17, 2013


All time high today of $269 $477 $536
posted by memebake at 3:08 PM on November 17, 2013


The funniest comment I've seen on bitcoin was a guy on reddit that said "Berkshire Hathaway is over $100k a share and nobody says it's overvalued. There's no reason bitcoin can't go that high."
posted by empath at 2:57 AM on November 18, 2013 [2 favorites]


So do I cash out now or keep going?
posted by Mistress at 4:38 AM on November 18, 2013


(chomps cigar while wearing a solid gold fedora)

Come back and tell me again when your cigar is made of platinum.
posted by GenjiandProust at 5:45 AM on November 18, 2013


Dear god, it's at $604. I will never be smug about Tulip Mania again.
posted by jcreigh at 5:57 AM on November 18, 2013


Come back and tell me again when your cigar is made of platinum.

(looks at cigar, frowns)
(Fat Cat whiskers curl with a slide whistle sound)
(jumps out a window)
(survives by landing on a pile of Great Crash traders)
(sighs dejectedly)
(shrugs into camera)
(subtitle: "AIN'T THAT LIVIN'?")
(eyes change into dollar signs)
posted by Sticherbeast at 6:10 AM on November 18, 2013 [3 favorites]


You'll see true insanity if and when someone like GS launches an investment fund.
posted by jaduncan at 7:57 AM on November 18, 2013


So do I cash out now or keep going?

I dunno, when was the right time to cash out of beanie babies, baseball cards or aol stock in the 90s? When there is no rational basis for the current valuation, any price seems reasonable to buy or sell at. If you sell now, you'll be happy if it's $100 next week and sad if it's $10000. I think either is just as likely in the short term. But we are now fast approaching the 'random idiots are encouraging me to buy, because they just invested their lunch money' phase of the bubble-cycle.
posted by empath at 9:32 AM on November 18, 2013


What concerns me is that this bubble is moving fast. It's also really easy to cross borders. There may be enough un savvy investors to drive this thing up to astronomical heights before it bursts, bringing ruin to emerging economies that are new to the capitalism game, like China.
posted by empath at 9:41 AM on November 18, 2013


It hit $750 earlier today. This is crazy.

Evidently there is some sort of senate hearing going on today, and preceding rumours were that it would be generally positive about Bitcoin
BERNANKE: Bitcoin 'May Hold Long-Term Promise'
U.S. Agencies to Say Bitcoins Offer Legitimate Benefits (Bloomberg)

Recent rises are crazy, however USA Govt making positive noises about Bitcoin is bound to make it rise. Is the current rise being driven by gullible redditors, the chinese, or wall st?
posted by memebake at 2:27 PM on November 18, 2013


Reddit discussion of the senate hearing. The redditors were generally happy with how it went down. I'd say this will keep the rise going for a while yet. We'll probably see $1000 soon.
posted by memebake at 2:38 PM on November 18, 2013


I'm glad bitcoins are infinitely divisible. That means no matter how huge this bubble gets, I can get a souvenir bitcoin piece from this craziness for the price of a hamburger.
posted by mccarty.tim at 3:16 PM on November 18, 2013


Hacker News has a more sensible thread on the senate hearing
posted by memebake at 3:22 PM on November 18, 2013


Re: The Senate hearing: It's interesting to note that law enforcement basically said "It's not that anonymous, so it's not that big a boon to the black market," since for a long time, that was assumed by many to be the big driver of bitcoin.

The fact that the collapse of Silk Road (it's back in some form, I hear) didn't lead to a lasting crash shows that this is now more a speculation game with both short-term profiteers and long-term true believers who think bitcoin will someday be accepted at grocery stores.

I don't think this bubble will last, but Bitcoin won't go away after the crash because there is no central authority to stop running it, and it has brand recognition the other cryptocurrencies lack. So long as one person has the bitcoin blockchain online, it's technically not dead. I think the big question is if bitcoin will remain so volatile indefinitely. While the rising price makes it big with speculators, I can't see hyperdeflation being a great property for something you want to do business in, especially since it takes ~10 minutes for a transaction to be fully verified (by my understanding). Most stores I've seen that take bitcoin (domain registrars) ask that you send bitcoin matched to the price of the service in USD or Euros, rather than a set bitcoin price, precisely because of this.
posted by mccarty.tim at 3:25 PM on November 18, 2013 [1 favorite]


Yeah I don't see how it can really become useful unless the price stabilizes.
posted by memebake at 3:29 PM on November 18, 2013


Bubble may be bursting: http://bitcoin.clarkmoody.com/

It was $900 briefly, and collapsed to $800 in less than a few minutes.
posted by mccarty.tim at 5:18 PM on November 18, 2013


It's ~$600 now, a real flash crash.
posted by mccarty.tim at 5:42 PM on November 18, 2013


~$480... This is where empath's friends start to ponder how much they want to lose before admitting they will be eating ramen noodles for lunch.
posted by jaduncan at 4:04 AM on November 20, 2013


Check out the 404 page for bitstamp.net.

It's a reference to the Margaritaville episode of South Park.

Perfect.
posted by Sticherbeast at 4:28 AM on November 20, 2013


~$480... This is where empath's friends start to ponder how much they want to lose before admitting they will be eating ramen noodles for lunch.


Oh no my friend, not for true believers. This is time to BUY BUY BUY.
posted by empath at 6:49 AM on November 20, 2013 [1 favorite]


"Crashed to $480, its lowest price since Saturday afternoon"
posted by memebake at 2:46 PM on November 20, 2013


And it's bounced back up to $800 and everywhere in between.

Also, someone has a lot of bitcoins! This is about $150 million dollars if the market could bear cashing out that many coins. It's the biggest wallet.
posted by mccarty.tim at 11:24 AM on November 22, 2013 [1 favorite]


Speculator, bank, organized crime consortium escrow service?
posted by BrotherCaine at 12:17 PM on November 22, 2013


Winkelvoss?
posted by Sticherbeast at 12:32 PM on November 22, 2013 [2 favorites]


I'd imagine that the guys that started the thing would have the most, right? I mean one guy paid ten thousand of them for a pizza at one point.
posted by empath at 12:33 PM on November 22, 2013


There is some speculation it may be "Satoshi Nakamoto," (that's a pseudonym) the anonymous author of the bitcoin protocol, who mined the first block of Bitcoins. Although there's not much evidence for it on Wikipedia as to how much he would own.
posted by mccarty.tim at 12:44 PM on November 22, 2013


Also, someone has a lot of bitcoins! This is about $150 million dollars if the market could bear cashing out that many coins. It's the biggest wallet.

That's not a wallet. That's a single transaction of 90,000 bitcoins. It's not even close to the largest transaction in that account today. /r/bitcoin is on the case. They have identified the wallet, it appears to be big money in transit somewhere.
posted by charlie don't surf at 5:47 PM on November 22, 2013


I'd imagine that the guys that started the thing would have the most, right?

Yes, definitely. Which is probably one of the reasons that Satoshi's real identity remains hidden.

Self confessed 'cryptographic graybeard' Hal Finney was one of the very earliest BitCoiners, he tells his story here. Its an interesting read.
posted by memebake at 7:22 AM on November 23, 2013


(Actually some would say Hal Finney might be Satoshi - he was certainly there at the beginning, and the pattern of his illness fits somewhat with Satoshi's withdrawal from the scene. But he denies it.)
posted by memebake at 7:29 AM on November 23, 2013


I'd imagine that the guys that started the thing would have the most, right?

Oh and apart from them, the Winkelvoss Twins (remember The Social Network?) have been buying in bulk. They're sitting on $33 million worth apparently.

Since the Feds shut down Silk Road, they've been in control of an account with 144,000 bitcoins in it, more than any other single address. At todays price of $850 thats worth about $122 million. US Govt might well be the largest single holder of bitcoins currently.
posted by memebake at 7:58 AM on November 23, 2013


Oh wait, that transaction mentioned above is even more than either of those. Wow.
posted by memebake at 8:05 AM on November 23, 2013


Washington Post reckons that $150m transaction was related to BitStamp, hence probably just an internal re-organisation inside Bitstamp.
posted by memebake at 11:12 AM on November 23, 2013


Not trying to make this my own personal thread, but you can now buy flights on Virgin Galactic to (one day) spend 10 minutes in space. Someone paid 327.7 bitcoins to go into space.
posted by memebake at 11:39 AM on November 23, 2013


BTC hits all time high again, ~$950 highest point currently.

Wonder where it'll fall to this time.
posted by mccarty.tim at 11:57 AM on November 26, 2013


$1000+
posted by mccarty.tim at 9:37 AM on November 27, 2013 [1 favorite]


I think we can conclude that no one is worried by the paper in the op. There might be other things to worry about though, like overcentralisation.
posted by memebake at 11:26 AM on November 27, 2013


I think we can conclude that no one is worried by the paper in the op.

We can conclude that the greater fool theory puts powerful upward pressure on a bubble until there are no more greater fools. The rise in price is self-reinforcing.
posted by empath at 11:27 AM on November 27, 2013 [1 favorite]


Yeah, I think Bitcoin is definitely on a bubblish path, but when it will hit the biggest peak, and how high it will be, nobody knows.

The problem is that Bitcoin isn't just speculators like in a lot of bubbles, but you have a bunch of true believers involved, many who have considerable amounts of cash they can't get out of Mt. Gox quickly, which they're willing to spend to "buy the dip" and dampen the effects of a crash. After all, it'd take 7 months to get an international transfer approved due to the complicated legal situation. (there's a workaround, in that you could spend your money in the Mt. Gox ledger on bitcoins and transfer those bitcoins to another exchange, which also causes a short term price rise and can lead to rallies on other exchanges, which are becoming more popular as Gox faces more legal complications and has a higher price than elsewhere)

Further, in the irrational enthusiasm, a lot of bitcoiners are convinced that Bitcoin isn't just going to increase in price, but inevitably be adopted as a currency because of an increase in price, meaning Bitcoin would have a much higher market capitalization as it competes directly with the likes of Paypal and debit cards. This is kind of paradoxical, because the thing that keeps me from putting my savings into Bitcoin is that I have no trust that Bitcoin will keep the value of my savings because of the volatility. Meanwhile, speculators love bitcoin because of the volatility, and the true believers are all about evangelizing bitcoin to new users but usually use arguments based on past growth rather than its use as a currency, encouraging more speculators who want to hold until it's huge to get in the pool. More use of bitcoin as a currency rather than a commodity would probably help with stability, and maybe even lead to a point where stores that take bitcoin could actually set prices instead of dynamically adjusting their prices with each request to the current exchange value in fiat. And using bitcoin as an intermediate currency makes no sense, as any easy way to do that involves delays using financial products like ACH transfers, money orders, wires or a credit card backed by one of the above. Any of those methods would be cheaper and easier to use directly than the complication of buying just enough bitcoin to make a transaction.

This adoption would facilitate the use of bitcoin as a currency, since people would have bitcoin on hand, but only if people were willing to spend the bitcoin for anything but fiat currency or goods from a merchant who will just cash the bitcoins in for fiat. So long as everyone is holding bitcoin hoping it will go up indefinitely, they are creating a bubble.

The fact bitcoin is very divisible (infinitely divisible with potential updates to the network, currently divisible to 10^-8) also contributes to this perfect storm of a bitcoin bubble. With stocks and many other investments, there comes a point where people get priced out of the market because the minimum unit to buy is just too high. The speculators' pool of new investors goes dry, and there are no new buyers, which leads to stagnation followed by a sudden collapse when someone wanting to cash out finds they need to sell for way less than they thought they would need to. With bitcoin, the price of one bitcoin can rise quite a bit (I think there's a lot of people who would stop buying bitcoin if you had to buy in only ~$1000 units), but it'll never stop being possible to throw in $10 because you saw an article in wired and figured you'd take a gamble if the price would go up even more.

I really like Bitcoin, the protocol. It's a very clever idea that I feel like a lot of people don't get. I wrote a blog post offering a crude explaination of how Bitcoin actually works. But its fatal flaw is that nobody has come up with a killer application of it that makes it better than even the antiquated banking systems in the US, unless you're ideologically opposed to fiat money for whatever reason. For that reason, I can't really see much future for Bitcoin, the currency, unless it gets dramatically more convenient to use in today's economy.
posted by mccarty.tim at 5:18 PM on November 27, 2013 [2 favorites]


After all, it'd take 7 months to get an international transfer approved due to the complicated legal situation.

There are going to be a lot of sad nerds when the price crashes and none of the exchanges and online wallets can cash them out in time.
posted by empath at 10:10 AM on November 28, 2013


I learnt something new about Bitcoin the other day, due to this post being pushed up on Hacker News.

Bitcoin, as designed, includes a non-turing compete Scripting language that allows you to define other sorts of transactions than simple 'send money from X to Y' transactions. Most of the script features are turned off at the moment because of the extra testing burden, but they are a definite possibility for the future of bitcoin.
Bitcoin the protocol will enable financial services transactions that are not possible today or require expensive and powerful third-parties.

Bitcoin has a scripting language which enables more than a “send money from X to Y” transaction. A Bitcoin transaction can require M of N parties to approve a transaction. Imagine Wills that automatically unlock when most of the heirs agree that their parent has passed, no lawyer required. Or business accounts that require two of any three trusted signatures to approve an expenditure. Or wire escrows that go through when any arbiter agrees that the supplier sent the goods to the buyer. Or wallets that are socially secured by your friends and family. Or an allowance account accessible by the child and either of two parents. Or a crowdfunding of a Kickstarter project that pays out on milestones, based on the majority of the backers approving the next payment. The escrow in each case can be locked so that the arbiters can’t take the money themselves – only approve or deny the transaction.
Interesting stuff. And evidence that bitcoin is a new thing, not just a digital version of an old thing.
posted by memebake at 12:28 PM on November 28, 2013




Now $850. Bought in at $500 or so. Sold out myself at $1175. Happy with that result.
posted by jaduncan at 12:24 PM on December 1, 2013


More on the big bitcoin heist.
posted by Chrysostom at 6:13 AM on December 4, 2013


Worse than tulip bubble says Dutch Banker
posted by Just this guy, y'know at 1:21 AM on December 5, 2013


« Older Bret Victor strikes again   |   The highs and lows of caring for a drug-dependent... Newer »


This thread has been archived and is closed to new comments