Abstract
This paper discusses a potentially serious attack against public crypto-currency mining pools. By deliberately introducing errors under benign miners’ names, this attack can fool the mining pool administrator into punishing any innocent miner; when the top miners are punished, this attack can significantly slow down the overall production of the mining pool. We show that an attacker needs only a small fraction (e.g., one millionth) of the resources of a victim mining pool, which makes this attack scheme very affordable by a less powerful competing mining pool. We experimentally confirm the effectiveness of this attack scheme against a few well-known mining pools such as Minergate and Slush Pool.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Hash Rate Proof. https://slushpool.com/help/manual/hashrate-proof
bitcoinwiki Stratum-protocol (2018). https://en.bitcoin.it/wiki/Stratum_mining_protocol. Accessed 28 May 2018
btc.com (2018). https://pool.btc.com/pool-stats. Accessed 28 May 2018
Drive by cryptocurrency mining (2018). https://www.malwarebytes.com/pdf/white-papers/Drive-By-Cryptocurrency-Mining_Malwarebytes-Labs-Report.pdf. Accessed 28 May 2018
minergate (2018). https://minergate.com/. Accessed 28 May 2018
Slushpool Stratum-protocol (2018). https://slushpool.com/help/manual/stratum-protocol. Accessed 28 May 2018
slushpool top contributor (2018). https://slushpool.com/stats/hall-of-fame/. Accessed 28 May 2018
ASIC and FPGA miner in C for bitcoin (2018). https://github.com/ckolivas/cgminer. Accessed 16 June 2018
BFGMiner a modular ASIC/FPGA Bitcoin miner (2018). http://bfgminer.org/. Accessed 16 June 2018
Cryptocurrency GUI miner 8.1 & Mining Pool (2018). https://minergate.com/download/win (2018). Accessed 16 June 2018
Buterin, V., Griffith, V.: Casper the friendly finality gadget. In: arXiv preprint arXiv:1710.09437 (2017)
Courtois, N.T., Bahack, L.: On subversive miner strategies and block withholding attack in bitcoin digital currency. CoRR abs/1402.1718 (2014). http://arxiv.org/abs/1402.1718
Eyal, I.: The miner’s dilemma. In: 2015 IEEE Symposium on Security and Privacy, pp. 89–103, May 2015. https://doi.org/10.1109/SP.2015.13
Eyal, I., Sirer, E.G.: Majority is not enough: Bitcoin mining is vulnerable. In: Proceedings of the Eighteenth International Conference on Financial Cryptography and Data Security (FC 2014) (2014)
Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: Proceedings of the 24th USENIX Conference on Security Symposium, SEC 2015, pp. 129–144. USENIX Association, Berkeley (2015). http://dl.acm.org/citation.cfm?id=2831143.2831152
Huang, D.Y., Dharmdasani, H., Meiklejohn, S., Dave, V., Grier, C., Mccoy, D., Savage, S., Weaver, N., Snoeren, A.C., Levchenko, K.: Botcoin: monetizing stolen cycles (2014)
Huang DY, Dharmdasani H, M.S.: Empirical analysis of denial-of-service attacks in the bitcoin ecosystem. In: Proceedings of the Network and Distributed System Security Symposium. Reston, Virginia: Internet Society (2014)
Johnson, B., Laszka, A., Grossklags, J., Vasek, M., Moore, T.: Game-theoretic analysis of DDoS attacks against bitcoin mining pools. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 72–86. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44774-1_6
Karame, G.O., Androulaki, E., Capkun, S.: Double-spending fast payments in bitcoin. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 906–917. ACM, New York (2012). https://doi.org/10.1145/2382196.2382292, https://doi.acm.org/10.1145/2382196.2382292
King, S., Nadal, S.: PPCoin: peer-to-peer crypto-currency with proof-of-stake. In: self-published paper, August 2012
Kwon, Y., Kim, D., Son, Y., Vasserman, E., Kim, Y.: Be selfish and avoid dilemmas: fork after withholding (FAW) attacks on bitcoin. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 195–209 ACM, New York (2017). https://doi.acm.org/10.1145/3133956.3134019, https://doi.org/10.1145/3133956.3134019
Luu, L., Saha, R., Parameshwaran, I., Saxena, P., Hobor, A.: On power splitting games in distributed computation: the case of bitcoin pooled mining. In: 2015 IEEE 28th Computer Security Foundations Symposium, pp. 397–411, July 2015. https://doi.org/10.1109/CSF.2015.34
MinerGate: Invalid shares policy. https://minergate.com/faq/invalid-shares-policy. Accessed 05 Feb 2018
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). http://bitcoin.org/bitcoin.pdf. Accessed 28 May 2018
Nakamoto, S.: Slushpool hashrate (2018). https://slushpool.com/stats/?c=btc. Accessed 28 May 2018
Nayak, K., Kumar, S., Miller, A., Shi, E.: Stubborn mining: generalizing selfish mining and combining with an eclipse attack. In: 2016 IEEE European Symposium on Security and Privacy (EuroS P), pp. 305–320, March 2016. https://doi.org/10.1109/EuroSP.2016.32
Ruben Recabarren, B.C.: Hardening stratum, the bitcoin pool mining protocol. In: 1st Workshop on Bitcoin Research
Acknowledgement
This work is partially supported by the US National Security Agency (NSA) under grant number H98230-17-1-0354, and the US DoD Army Research Office (ARO) under grant number W911NF-17-1-0437. The views and conclusions contained in this paper are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the United States National Security Agency or Army Research Office. We also thank the anonymous reviewers for their insightful comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Ahmed, M., Wei, J., Wang, Y., Al-Shaer, E. (2018). A Poisoning Attack Against Cryptocurrency Mining Pools. In: Garcia-Alfaro, J., Herrera-Joancomartí, J., Livraga, G., Rios, R. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2018 2018. Lecture Notes in Computer Science(), vol 11025. Springer, Cham. https://doi.org/10.1007/978-3-030-00305-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-00305-0_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00304-3
Online ISBN: 978-3-030-00305-0
eBook Packages: Computer ScienceComputer Science (R0)