If You Can't Beat Them, Pay Them: Bitcoin Protection Racket is Profitable

Zheng Yang, Chao Yin, Junming Ke, Tien Tuan Anh Dinh, Jianying Zhou

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

147 Downloads (Pure)

Abstract

Pooled mining has become the most popular mining approach in the Bitcoin system, which can effectively reduce the variance of the block generation reward of participants. The security of pooled mining depends on whether it is incentive compatible, that is, an honest participant will get a reward proportional to his work. Recent attacks on mining pools, for example, Block Withholding, Fork After Withholding, and Power Adjusting Withholding (PAW) attacks, show that malicious participants may undermine the revenue of the honest pools and receive an unfair share of the mining reward. This paper shows that the security of Bitcoin is even worse than what the recent attacks demonstrated. We describe an attack called Fork Withholding Attack under a Protection Racket (FWAP), in which the mining pool pays the attacker for withholding a fork. Our insight is that the mining pools under forking attacks have incentives to pay in exchange for not being forked. The attacker and the paying pool negotiate how much to be paid, and we show that it is possible for both the attacker and the paying pool to earn higher rewards at the expense of the other pools. In particular, our formal analysis and simulation demonstrate that the payer and the FWAP attacker can get up to 1.8 × and 3.8 × of extra reward as in PAW, respectively. Furthermore, FWAP can escape from the "miners' dilemma"when two FWAP attackers attack each other under some circumstances. We also propose simple approaches that serve as the first step towards preventing the FWAP attack.

Original languageEnglish
Title of host publicationACSAC '22
Subtitle of host publicationProceedings of the 38th Annual Computer Security Applications Conference
Place of PublicationNew York, NY
PublisherAssociation for Computing Machinery
Pages727-741
Number of pages15
ISBN (Electronic)9781450397599
DOIs
Publication statusPublished - Dec 2022
Event38th Annual Computer Security Applications Conference, ACSAC 2022 - Austin, United States
Duration: 5 Dec 20229 Dec 2022

Publication series

NameACM International Conference Proceeding Series

Conference

Conference38th Annual Computer Security Applications Conference, ACSAC 2022
Country/TerritoryUnited States
CityAustin
Period5/12/229/12/22

Bibliographical note

Funding Information:
We would like to thank our shepherd and anonymous reviewers for their invaluable comments and suggestions. This work is supported by the Natural Science Foundation of China (Grant No. 61872051), the Natural Science Foundation of Chongqing (Grant No. CSTB2022NSCQ-MSX0437), and the Fundamental Research Funds for the Central Universities (Grant No. SWU-KR22003). Junming Ke was partly supported by the 2022 Fund of XRP Ledger Trust Scholarship from University of Tartu. The work of Chao Yin is suppprted by China Scholarship Council and the Dutch Sectorplan.

Publisher Copyright:
© 2022 ACM.

Keywords

  • Bitcoin
  • block withholding attack
  • fork after withholding
  • mining attack
  • power adjusting
  • protection racket.

Fingerprint

Dive into the research topics of 'If You Can't Beat Them, Pay Them: Bitcoin Protection Racket is Profitable'. Together they form a unique fingerprint.

Cite this