Posted by Steve Shanafelt at June 14, 2014 in Bitcoin Tech Comments Off
Andresen said that bitcoin mining has been “too centralized” for years, with a handful of pool operators controlling more than half of the total hashing power. Andresen suggests that GHash may control as much as 60% of the total hashing power, and notes “That isn’t good.” While he suggest that individual miners join smaller pools or run bitcoind and p2pool, he also notes that a group like GHash gaining a majority of the hashrate isn’t exactly disastrous.
“Even if GHash.IO is evil and intends to destroy Bitcoin they would be able to do only two things,” Andresen writes. The first is simply that GHash would be able to double spend transactions, perhaps selling bitcoin for dollars on an exchange and then rewriting the record to show that they never sent the coins after they’d been paid. They’d have both the dollars and the original bitcoins.
There are some practical problems with carrying out that attack, though. They are likely to get caught, because it is impossible to wire money to a bank account anonymously. It seems very likely they would find themselves in legal trouble for defrauding the exchange.
The more problematic issue is the second one. A malicious 51% attacker, Andresen writes, could “prevent transactions or new blocks from other people getting accepted, effectively stopping all payments and shutting down the network.” Andresen addressed this point in 2012, and appears to have a “Not To Be Used Except In Case of Emergency” branch of the Bitcoin Core code ready should it ever happen.
That said, Andresen downplayed the risk that GHash, or any current mining pool, would actually attempt such a move.
I think either attack is extremely unlikely from an economically rational mining pool– blockchain history would make it obvious that they were mis-using their power, and I’m certain either technical or social solutions would be found to punish the bad behavior. However, this is a good time to re-iterate my standard disclaimers: Bitcoin is still a work in progress, and you should only risk time or money on it that you can afford to lose.