incentives in cryptocurrencies
play

Incentives in cryptocurrencies Joseph Bonneau Recap: Bitcoin miners - PowerPoint PPT Presentation

Dec 23, 2022 •247 likes •939 views

ECRYPT Workshop on Cryptocurrencies Incentives in cryptocurrencies Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store and broadcast the block chain Validate new transactions Vote (by hash power) on consensus

  1. ECRYPT Workshop on Cryptocurrencies Incentives in cryptocurrencies Joseph Bonneau

  2. Recap: Bitcoin miners Bitcoin depends on miners to: ● Store and broadcast the block chain ● Validate new transactions ● Vote (by hash power) on consensus Who are the miners?

  3. Early miners faced high risk Chilkoot pass, 1898 Klondike gold rush

  4. Mining is extremely difficult Number of attempts to find a block: 2 69.6 = 903,262,006,880,187,187,200 Network hash rate = 1,432,691 TH/s Trillion

  5. Mining difficulty grows over time bitcoinwisdom.com

  6. Difficulty adjusts every two weeks 10 minutes 2 weeks bitcoinwisdom.com

  7. Mining has quickly become industrial CPU GPU FPGA ASIC gold pan sluice box placer mining pit mining

  8. Bitcoin ASICs ● special purpose ○ approaching known limits on feature sizes ○ less than 10x performance improvement expected ● designed to be run constantly for life ● require significant expertise, long lead-times ● perhaps the fastest chip development ever!

  9. Market dynamics (2013/2014) ● Most boards obsolete within 3-6 months ○ Half of profits made in first 6 weeks ● Shipping delays are devastating to customers ● Most companies require pre-orders ● Most individual customers should have lost... But... rising prices saved them!

  10. Bitcoin ASICs

  11. Market dynamics (2015/2016) ● Growth rate leveling off ● Mining hardware approaching fab. limits ● Mining becoming professionalized [Taylor 2013] Bitcoin and the Age of Bespoke Silicon.

  12. Current hardware (2015/2016)

  13. Case study: Ant Miner S7 ● First shipped 2015 ● 4.7 TH/s ● 1210 W ● Cost: US$619 Still, 4.8 years to find a block!

  14. Market dynamics (2015/2016)

  15. Professional mining centers Needs: ● cheap power ● good network ● cool climate Mining center in China

  16. Philosophical questions ● Do ASICs violate the original Bitcoin vision? ● Would we be better off without ASICs?

  17. Hard questions about power usage ● Will Bitcoin drive out electricity subsidies? ● Will Bitcoin require guarding power outlets? ● Can we make a currency with no proof-of-work?

  18. Data furnaces ● ASICs are ~as efficient as electric heaters ● Why not install mining rigs as home heaters? ● Challenges: ○ Ownership/maintenance model ○ Gas heaters still at least 10x more efficient ○ What happens in summer?

  19. Can mining become “virtual”? If future mining converts Bitcoin to electricity... Why not just vote by Bitcoin holdings? “Proof of stake”

  20. Deviant mining strategies Assume you control 0 < α < 1 of mining power and the remainder is “compliant” Can you profit from a non-default strategy? For some α, YES, though not observed in practice

  21. Strategy space for miners ● Which transactions to include in a block ○ Default: any above minimum transaction fee ● Which block to mine on top of ○ Default: longest valid chain ● How to choose between colliding blocks ○ Default: first block heard ● When to announce new blocks ○ Default: immediately after finding them

  22. What can you do with α > 51%? ● Fork the blockchain and double-spend Undermine exponential convergence ○ ● Reject all other miners’ blocks Undermine fairness ○ ● Demand exorbitant transaction fees Undermine liveness ○ All of these attacks are highly visible

  23. Forking attacks M → M’ M → M’ M → B M → B

  24. Attackers care about the exchange rate Mt. Gox hacked Source: blockchain.info

  25. Mining hardware is illiquid ➔ High entry costs ➔ Low salvage value Result: Miners care about future exchange rate

  26. Forking attacks via bribery ● Buying α > 0.5 is expensive. Why not rent? ● Payment techniques: ○ Out-of-band bribery ○ Run a mining pool at a loss ○ Insert large “tips” in the block chain [Bonneau 2016] Why buy when you can rent? Bribery attacks on Bitcoin consensus

  27. In-band bribery possible with scripts B 0 $$$$$$$$$$$ → K 0 B 1 K 0 → K 1 K 0 → {t1, t2, t3, t4, ...} B 2 ... Guaranteed bribes

  28. Can we do anything with α < 50%? Surprising answer: Yes!

  29. Temporary block-withholding attacks Strategy: don’t announce blocks right away. Try to get ahead! “Selfish mining” Secret Block Secret Block All other miners are wasting effort here!

  30. Temporary block-withholding, take 2 What happens if a block is announced when you’re ahead by 1? Secret Block Network race

  31. Assume you win races with prob. ɣ ● Always withhold if ɣ = 1 ○ Ideal network position ○ Obtainable through bribery? ● Withhold for α > 0.25 if ɣ > 0.5 ● Always withhold for α > 0.33 Surprising theoretical finding, never observed! [Eyal, Sirer 2014] Majority is not enough: Bitcoin mining is vulnerable.

  32. Whale mining

  33. Risks of uneven transaction fees 25 BTC Expected reward: Expected reward: 25 BTC α 2 x 125 α 3 x 125 100 BTC 25 BTC Expected reward: α x 25 BTC

  34. Transaction fees will matter more Currently, block rewards are > 99% of miner revenue. But: Eventually, transaction fees will dominate Courtesy: Brian Warner

  35. Transaction fees already increasing [Möser, Böhme 2015] Trends, Tips, Tolls: A Longitudinal Study of Bitcoin Trans. Fees

  36. What will set transaction fees? ● Marginal cost of inclusion in a block? → 0 if block size is big enough ○ Otherwise, auction for limited space ○ ● Cartel of miners? Optimize fees x volume ○ Pressure from other currencies? ○ ● Exogenous security requirements? Not known/proven ○

  37. Mining pools (May 2016)

  38. Economics of being a small miner ● Cost: ≈US$619 ● Expected time to find a block: ≈4.7 years ● Expected revenue: ≈ $88/month ● Electricity cost: Ant Miner S7 ○ $71/month (USA) ○ $140/month (EU)

  39. Mining uncertainty (4.7 year mean) # blocks found in probability (Poisson 4.7 one year dist.) years 0 36.7% Probability density 1 36.7% 2 18.3% 3+ 8.1% Time to find first block

  40. Idea: could small miners pool risk?

  41. Mining pools ● Goal: pool participants all attempt to mine a block with the same coinbase recipient ○ send money to key owned by pool manager ● Distribute revenues to members based on how much work they have performed ○ minus a cut for pool manager How do we know how much work members perform?

  42. Show work with near-valid blocks (shares) 4AA087F0A52ED2093FA816E53B9B6317F9B8C1227A61F9481AFED67301F2E3FB D3E51477DCAB108750A5BC9093F6510759CC880BB171A5B77FB4A34ACA27DEDD 00000000008534FF68B98935D090DF5669E3403BD16F1CDFD41CF17D6B474255 BB34ECA3DBB52EFF4B104EBBC0974841EF2F3A59EBBC4474A12F9F595EB81F4B 00000000002F891C1E232F687E41515637F7699EA0F462C2564233FE082BB0AF 0090488133779E7E98177AF1C765CF02D01AB4848DF555533B6C4CFCA201CBA1 460BEFA43B7083E502D36D9D08D64AFB99A100B3B80D4EA4F7B38E18174A0BFB 000000000000000078FB7E1F7E2E4854B8BC71412197EB1448911FA77BAE808A 652F374601D149AC47E01E7776138456181FA4F9D0EEDD8C4FDE3BEF6B1B7ECE 785526402143A291CFD60DA09CC80DD066BC723FD5FD20F9B50D614313529AF3 000000000041EE593434686000AF77F54CDE839A6CE30957B14EDEC10B15C9E5 9C20B06B01A0136F192BD48E0F372A4B9E6BA6ABC36F02FCED22FD9780026A8F

  43. Hey folks! Here’s Mining pools our next block to work on Pool manager prev: H( ) coinbase: mrkl_root: H( ) 25 → pool nonce: $$$ hash: $$ 0x00000000000a877902e... $ 0x000000000001e8709ce... 0x00000000000000003f89... 0x00000000000490c6b00... 0x0000000000007313f89... 0x0000000000045a1611f...

  44. Do we want pools? Pros: ● Allow smaller miners to participate by lowering variance Cons: ● Fewer fully-validating nodes ● Mining pools may become too powerful Interesting result [Miller et al. 2015]: we can design a cryptocurrency so that pools are impossible

  45. None serious deviations observed yet... If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth. --Satoshi Nakamoto

  46. Many explanations for lack of attacks in practice

  47. Miners are too simplistic?

  48. Too much risk and capital needed?

  49. Hard to profit from double-spends?

  50. Honor among miners?

  51. Attacks are lucrative in a simple model I nfinite: ➔ attacker capital ➔ attacker risk tolerance Negligible: ➔ double-spend overhead ➔ bribery premium

  52. Game theory poorly suited to Bitcoin Usual assumptions: ○ known set of players ○ known utility functions ○ synchrony Most Bitcoin “game theory” is really unilateral optimization

  53. Games at two levels ● Human level Slow ○ Can change rules/code ○ Exchange rates matter ○ Other currencies exist ○ ● Algorithmic level Fast ○ Rules are fixed ○ Closed world ○ Exchange rate fixed? ○

  54. What if you want to crash Bitcoin? I expect you to die, Mr. Bitcoin Goldfinger Attack [Kroll, Davey, Felten 2013] The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Incentives to relay 1) Incentives to relay traffic 2) Incentives to do it well 3)

Incentives to relay 1) Incentives to relay traffic 2) Incentives to do it well 3)

Incentives to relay 1) Incentives to relay traffic 2) Incentives to do it well 3) Incentives to allow exits. Nave tit-for-tat probably not so smart. But maybe something like it? Run two servers and wait Over time,

303 views • 13 slides
Attacks on Mining Protocol Yujin Kwon KAIST 2018.03.22 1 Cryptocurrencies Cryptocurrencies

Attacks on Mining Protocol Yujin Kwon KAIST 2018.03.22 1 Cryptocurrencies Cryptocurrencies

Attacks on Mining Protocol Yujin Kwon KAIST 2018.03.22 1 Cryptocurrencies Cryptocurrencies Increa rease! se! Cryptocurrencies Increa rease! se! 1 BTC $8.5K 1 ETH $180 Proof-of-Work Mining They use blockcha kchain to run

992 views • 64 slides
Incentives Research in HE Those that found incentives effective Survey Incentives and Institutional

Incentives Research in HE Those that found incentives effective Survey Incentives and Institutional

5/29/2014 Incentives Research in HE Those that found incentives effective Survey Incentives and Institutional Response Rates: Parsons and Maniere (2013) An Exploratory Analysis Significant increase in response rate for the experimental group

460 views • 9 slides
Intro to Cryptography and Cryptocurrencies Cryptographic Hash Functions Hash Pointers and

Intro to Cryptography and Cryptocurrencies Cryptographic Hash Functions Hash Pointers and

Cryptocurrency Technologies Cryptography and Cryptocurrencies Intro to Cryptography and Cryptocurrencies Cryptographic Hash Functions Hash Pointers and Data Structures Block Chains Merkle Trees Digital Signatures Public

489 views • 27 slides
Feasibility of Cryptocurrencies on Mobile devices Anas Younis &amp; Sander Lentink University of

Feasibility of Cryptocurrencies on Mobile devices Anas Younis &amp; Sander Lentink University of

Feasibility of Cryptocurrencies on Mobile devices Anas Younis &amp; Sander Lentink University of Amsterdam MSc System and Network Engineering RP1 06-02-2018 1 Disclaimer Assumed knowledge; Cryptocurrencies The principle of

618 views • 28 slides
Incentives Abercrombie &amp; Kent Incentives Abercrombie &amp; Kent Incentives is a division

Incentives Abercrombie &amp; Kent Incentives Abercrombie &amp; Kent Incentives is a division

A&amp;K Russia Incentives Abercrombie &amp; Kent Incentives Abercrombie &amp; Kent Incentives is a division of A&amp;K Russia that operates as a full Destination Management Company in the most important destinations in Russia. Since

259 views • 21 slides
Cryptocurrencies Outline and Distributed Electronic payments Consensus Secure transactions

Cryptocurrencies Outline and Distributed Electronic payments Consensus Secure transactions

Cryptocurrencies and Distributed Consensus May 2019 Cryptocurrencies Outline and Distributed Electronic payments Consensus Secure transactions Secure execution: contracts PROF. DR. IR. BART PRENEEL COSIC KU LEUVEN, BELGIUM AND IMEC

248 views • 21 slides
Tax Incentives in Latin America 05/11/2012 CHILE a) Tax Stability Agreements b) Free Trade

Tax Incentives in Latin America 05/11/2012 CHILE a) Tax Stability Agreements b) Free Trade

Tax Incentives in Latin America 05/11/2012 CHILE a) Tax Stability Agreements b) Free Trade Zones b) Free Trade Zones c) Regional Incentives d) Industry Specific Incentives e) Export Incentives f) R&amp;D Investments Incentives g) Chilean

664 views • 13 slides
Cryptocurrencies bitcoin, blockchain &amp; beyond Roger Wattenhofer ETH Zurich Distributed

Cryptocurrencies bitcoin, blockchain &amp; beyond Roger Wattenhofer ETH Zurich Distributed

Cryptocurrencies bitcoin, blockchain &amp; beyond Roger Wattenhofer ETH Zurich Distributed Computing Group Cryptocurrencies What is Bitcoin? = + + Technology The Bank of Bitcoin The Bank of Bitcoin User Balance A 2 B 5 C 8

1.25k views • 104 slides
Cryptocurrencies Dr. Mohammad Abu Omar Head of CIS Department Faculty of Technology Al-Quds

Cryptocurrencies Dr. Mohammad Abu Omar Head of CIS Department Faculty of Technology Al-Quds

Information Technology behinds the Cryptocurrencies Dr. Mohammad Abu Omar Head of CIS Department Faculty of Technology Al-Quds Open University Nov.29.2018 Information Technology is behind the Cryptocurrencies In the previous era, no one can

326 views • 14 slides
Green Mining: toward a less energe1c impact of cryptocurrencies

Green Mining: toward a less energe1c impact of cryptocurrencies

Green Mining: toward a less energe1c impact of cryptocurrencies Philippe Jacquet (Nokia Bell Labs) Bernard Mans (Macquarie University) Cryblock Infocom 2019

197 views • 19 slides
Employment incentives for sole parents: Labour market effects of changes to financial incentives

Employment incentives for sole parents: Labour market effects of changes to financial incentives

Employment incentives for sole parents: Labour market effects of changes to financial incentives and support Dr Jacinta Dalgety 1 , Dr Richard Dorsett 2 Philip Spier 1 , Steven Johnston 1 1 Ministry of Social Development 2 National Institute of

460 views • 23 slides
Update on Incentives &amp; Benefits of Going green Ir. G. Lalchand 16 November 2009 GBI

Update on Incentives &amp; Benefits of Going green Ir. G. Lalchand 16 November 2009 GBI

Update on Incentives &amp; Benefits of Going green Ir. G. Lalchand 16 November 2009 GBI Incentives 16 November 2009 GBI Incentives Incentives Applicable to: Qualifying components of passive design Physical envelope components such as:

243 views • 6 slides
Who Am I? Secure Identity Registration on Distributed Ledgers Sarah Azouvi Mustafa Al-Bassam

Who Am I? Secure Identity Registration on Distributed Ledgers Sarah Azouvi Mustafa Al-Bassam

Who Am I? Secure Identity Registration on Distributed Ledgers Sarah Azouvi Mustafa Al-Bassam Sarah Meiklejohn (University College London) 1 Cryptocurrencies 2 Cryptocurrencies Pseudonyms 2 Cryptocurrencies Pseudonyms tx(pk A pk B ) 2

719 views • 43 slides
Momentum or Contrarian. Which Is the Most Valid in the Case of Cryptocurrencies? Krzysztof Ko

Momentum or Contrarian. Which Is the Most Valid in the Case of Cryptocurrencies? Krzysztof Ko

Momentum or Contrarian. Which Is the Most Valid in the Case of Cryptocurrencies? Krzysztof Ko s c Pawe Sakowski Robert Slepaczuk QFRG Seminar 2018-01-16 1 / 28 Motivation What? Investigate the presence and potential strength

698 views • 28 slides
Next Gen Gifting Inc. Investor Presentation Cryptocurrencies are a nascent set of currencies and

Next Gen Gifting Inc. Investor Presentation Cryptocurrencies are a nascent set of currencies and

Next Gen Gifting Inc. Investor Presentation Cryptocurrencies are a nascent set of currencies and markets for storing value and transacting. Their growth is striking, their permanence is established and companies/facilities are ramping up

621 views • 17 slides
Department of Forest and Wood Science 33 y o u r k n o w l e d g e p a r t n e r Department

Department of Forest and Wood Science 33 y o u r k n o w l e d g e p a r t n e r Department

y o u r k n o w l e d g e p a r t n e r Department of Forest and Wood Science 33 y o u r k n o w l e d g e p a r t n e r Department of Forest and Wood Science 34 Machine Costing Cost Components Faculty of Agricultural and Forestry

326 views • 16 slides
Impacting students practice of mathematics Dev Sinha blogs.uoregon.edu/practiceofmathematics

Impacting students practice of mathematics Dev Sinha blogs.uoregon.edu/practiceofmathematics

Impacting students practice of mathematics Dev Sinha blogs.uoregon.edu/practiceofmathematics Warm-up Activity In which class, and for what purpose, have I used the following in-class question? (Your answers in the chat box, please.) Image

720 views • 53 slides
Excel Power Query ry: Useful for Investment Banking and Advisory ry Roles? The Magic of Text

Excel Power Query ry: Useful for Investment Banking and Advisory ry Roles? The Magic of Text

Excel Power Query ry: Useful for Investment Banking and Advisory ry Roles? The Magic of Text Parsing and Automatic Updates from Websites Common Question About Certain Excel Features I noticed that you now cover [Power Pivot / Power

259 views • 8 slides
Solving Word Problems The strategy for solving word problems, presented in written form, may be

Solving Word Problems The strategy for solving word problems, presented in written form, may be

Solving Word Problems The strategy for solving word problems, presented in written form, may be summarized in three words: Alan H. SteinUniversity of Connecticut Solving Word Problems The strategy for solving word problems, presented in written

877 views • 49 slides
1 A pig (an animal) Pig production = N a pig? Medicine Medicine Piglets Piglets Meat Meat

1 A pig (an animal) Pig production = N a pig? Medicine Medicine Piglets Piglets Meat Meat

Outline Preconditions Competences: What are you supposed to learn? The framework and definition of herd management The management cycle Objectives of production, utility theory Advanced Herd Management Classical production theory Course

358 views • 10 slides
Precision Oncology Trials: Big Hope, Big Challenges. Yuan Ji Department of Public Health

Precision Oncology Trials: Big Hope, Big Challenges. Yuan Ji Department of Public Health

Precision Oncology Trials: Big Hope, Big Challenges. Yuan Ji Department of Public Health Sciences The University of Chicago, The 3rd Stat4Onc Symposium April 25, 2019 Peters First Trial and Design Study MDACC 2017 0772 is based on

454 views • 14 slides
Mining, network, economics Joseph Bonneau Recap: Bitcoin miners

Mining, network, economics Joseph Bonneau Recap: Bitcoin miners

Lecture 2 Mining, network, economics Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store and broadcast the block chain Validate new transactions Vote (by hash

1.1k views • 98 slides
Introductory Lecture 2 Suzanne Lenhart University of Tennessee, Knoxville Departments of

Introductory Lecture 2 Suzanne Lenhart University of Tennessee, Knoxville Departments of

Introductory Lecture 2 Suzanne Lenhart University of Tennessee, Knoxville Departments of Mathematics Supported by NIH grant Lecture2 p.1/25

482 views • 25 slides

More recommend