Incentivizing Blockchain Forks via Whale Transactions
Bitcoin’s core innovation is its solution to double-spending, called Nakamoto consensus. This provides a probabilistic guarantee that transactions will not be reversed or redirected, presuming that it is improbable for an attacker to obtain a majority of mining power in the network. However, this guarantee can be undermined when miners are assumed to be rational, and hence venal. Accordingly, we present the whale attack, in which a minority attacker increases her chances of double-spending by incentivizing miners to subvert the consensus protocol and to collude via whale transactions, which are bribery transactions carrying anomalously large fees. We analyze the expected cost to carry out the attack with success probability 1, and simulate the attack under realistic system parameters. Our results show that double-spend attacks, conventionally thought to be impractical for minority attackers, can actually be financially feasible and worthwhile under the whale attack. Perhaps more importantly, this work demonstrates that rationality should not underestimated when evaluating the security of cryptocurrencies.
We thank Elijah Soriah and Andrew Miller for their valuable feedback, and the faculty and students of the CAAR REU program for the wonderful experience. This work is funded by NSF Research Experience for Undergraduates (REU) Grant CNS-1560193.
- 1.Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)Google Scholar
- 3.Rosenfeld, M.: Analysis of bitcoin pooled mining reward systems. arXiv preprint. arXiv:1112.4980 (2011)
- 4.Eyal, I.: The miner’s dilemma. In: 2015 IEEE Symposium on Security and Privacy, pp. 89–103. IEEE (2015)Google Scholar
- 6.Nayak, K., Kumar, S., Miller, A., Shi, E.: Stubborn mining: generalizing selfish mining and combining with an eclipse attack. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 305–320. IEEE (2016)Google Scholar
- 7.Sapirshtein, A., Sompolinsky, Y., Zohar, A.: Optimal selfish mining strategies in bitcoin. arXiv preprint. arXiv:1507.06183 (2015)
- 8.Bonneau, J.: Why buy when you can rent? Bribery attacks on bitcoin-style consensus. In: Clark, J., Meiklejohn, S., Ryan, P.Y.A., Wallach, D., Brenner, M., Rohloff, K. (eds.) FC 2016. LNCS, vol. 9604, pp. 19–26. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53357-4_2 CrossRefGoogle Scholar
- 11.Kroll, J.A., Davey, I.C., Felten, E.W.: The economics of bitcoin mining, or bitcoin in the presence of adversaries. In: Proceedings of WEIS, vol. 2013. Citeseer (2013)Google Scholar
- 12.Houy, N.: The economics of bitcoin transaction fees. In: GATE WP, vol. 1407 (2014)Google Scholar
- 13.Kaskaloglu, K.: Near zero bitcoin transaction fees cannot last forever (2014)Google Scholar
- 14.Carlsten, M., Kalodner, H., Weinberg, S.M., Narayanan, A.: On the instability of bitcoin without the block reward. In: ACM Conference on Computer and Communications Security (2016)Google Scholar
- 15.Rosenfeld, M.: Analysis of hashrate-based double spending. arXiv preprint. arXiv:1402.2009 (2014)
- 16.Sompolinsky, Y., Zohar, A.: Bitcoin’s security model revisited. arXiv preprint. arXiv:1605.09193 (2016)