Abstract
Bitcoin is a cryptocurrency based in peer-to-peer network that uses a blockchain. To maintain the blockchain without trusted third parties, a player called a miner proves that he has completed a proof-of-work. As the difficulty of proof-of-work is increasing, mining pools, consisting of a number of miners, have become major players compared with solo miners. Most mining pools consist of a manager and miners. All miners who belong to a mining pool submit their shares to the manager and get paid in proportion to the amount of their shares. Therefore, the manager has to pay all miners fairly.
However, many Bitcoin mining pools were ruined by an attack called the Duplicate Share Attack (DSA) in 2015. In this paper, we analyze DSA in multiple directions. First, we mathematically analyze DSA against one mining pool and multiple mining pools. As results of our analyses, we derive the optimal attacker’s strategy, which shows that DSA can give a large extra profit to an attacker with little computational power. Because the duplicate share vulnerability has been already fixed in a few large mining pools after DSA was introduced, DSA may not be considered a threat any more. However, we show that several small mining pools are still vulnerable to DSA and an attacker can unfairly earn a large extra profit using these unpatched small mining pools. In summary, we argue that honest miners in Bitcoin network are not yet free from DSA.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Note that for Bitcoin a SHA256-based Hash function is used.
References
Bahack, L.: Theoretical Bitcoin Attacks with Less than Half of the Computational Power (draft). arXiv preprint arXiv:1312.7013 (2013)
Bitcoin Forum: Bitcoin Forum (2016). https://bitcointalk.org/. Accessed 05 June 2016
Bitcoin Forum: Duplicate Shares Exploit - Most Pools Affected (2016). https://bitcointalk.org/index.php?topic=1065576.0. Accessed 05 June 2016
BitcoinChain: Bitcoin Mining Pools (2016). https://bitcoinchain.com/pools. Accessed 05 June 2016
Bitcoinwiki: Proof of Work (2016). https://en.bitcoin.it/wiki/Proof_of_work. Accessed 05 June 2016
Bitcoinwiki: Stratum Mining Protocol (2016). https://en.bitcoin.it/wiki/Stratum_mining_protocol. Accessed 05 June 2016
CoinDesk: Bitcoin Price Index Chart (2016). http://www.coindesk.com/price/. Accessed 05 June 2016
Courtois, N.T., Bahack, L.: On subversive miner strategies and block withholding attack in bitcoin digital currency. arXiv preprint arXiv:1402.1718 (2014)
Eyal, I.: The Miner’s dilemma. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 89–103. IEEE (2015)
Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45472-5_28
Johnson, B., Laszka, A., Grossklags, J., Vasek, M., Moore, T.: Game-theoretic analysis of DDoS attacks against bitcoin mining pools. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 72–86. Springer, Heidelberg (2014). doi:10.1007/978-3-662-44774-1_6
Laszka, A., Johnson, B., Grossklags, J.: When bitcoin mining pools run dry: a game-theoretic analysis of the long-term impact of attacks between mining pools. In: BITCOIN 2015: The Second Workshop on Bitcoin Research. Citeseer (2015)
Luu, L., Saha, R., Parameshwaran, I., Saxena, P., Hobor, A.: On power splitting games in distributed computation: the case of bitcoin pooled mining. In: 2015 IEEE 28th Computer Security Foundations Symposium (CSF), pp. 397–411. IEEE (2015)
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008)
Rosenfeld, M.: Analysis of bitcoin pooled mining reward systems. arXiv preprint arXiv:1112.4980 (2011)
SLUSH POOL: Stratum Mining Protocol (2016). https://slushpool.com/help/#!/manual/stratum-protocol. Accessed 05 June 2016
Wikipedia: Merkle tree – wikipedia, the free encyclopedia (2016). https://en.wikipedia.org/w/index.php?title=Merkle_tree&oldid=720708959. Accessed 05 June 2016
Acknowledgments
This work was partly supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. B0717-16-0116, Development of information leakage prevention and ID management for secure drone services) and Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. R-20160222-002755, Cloud based Security Intelligence Technology Development for the Customized Security Service Provisioning).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kwon, Y., Kim, D., Son, Y., Choi, J., Kim, Y. (2017). Doppelganger in Bitcoin Mining Pools: An Analysis of the Duplication Share Attack. In: Choi, D., Guilley, S. (eds) Information Security Applications. WISA 2016. Lecture Notes in Computer Science(), vol 10144. Springer, Cham. https://doi.org/10.1007/978-3-319-56549-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-56549-1_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-56548-4
Online ISBN: 978-3-319-56549-1
eBook Packages: Computer ScienceComputer Science (R0)