Is Bitcoin Future as Secure as We Think? Analysis of Bitcoin Vulnerability to Bribery Attacks Launched through Large Transactions

IF 3 4区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS ACM Transactions on Privacy and Security Pub Date : 2024-01-18 DOI:10.1145/3641546
Ghader Ebrahimpour, Mohammad Sayad Haghighi
{"title":"Is Bitcoin Future as Secure as We Think? Analysis of Bitcoin Vulnerability to Bribery Attacks Launched through Large Transactions","authors":"Ghader Ebrahimpour, Mohammad Sayad Haghighi","doi":"10.1145/3641546","DOIUrl":null,"url":null,"abstract":"<p>Bitcoin uses blockchain technology to maintain transactions order and provides probabilistic guarantees to prevent double-spending, assuming that an attacker’s computational power does not exceed 50% of the network power. In this paper, we design a novel bribery attack and show that this guarantee can be hugely undermined. Miners are assumed to be rational in this setup and they are given incentives that are dynamically calculated. In this attack, the adversary misuses the Bitcoin protocol to bribe miners and maximize their gained advantage. We will reformulate the bribery attack to propose a general mathematical foundation upon which we build multiple strategies. We show that, unlike Whale Attack, these strategies are practical, especially in the future when halvings lower the mining rewards. In the so called ’guaranteed variable-rate bribing with commitment’ strategy, through optimization by Differential Evolution (DE), we show how double spending is possible in the Bitcoin ecosystem for any transaction whose value is above 218.9BTC, and this comes with 100% success rate. A slight reduction in the success probability, e.g. by 10%, brings the threshold down to 165BTC. If the rationality assumption holds, this shows how vulnerable blockchain-based systems like Bitcoin are. We suggest a soft fork on Bitcoin to fix this issue at the end.</p>","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"13 1","pages":""},"PeriodicalIF":3.0000,"publicationDate":"2024-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Privacy and Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3641546","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Bitcoin uses blockchain technology to maintain transactions order and provides probabilistic guarantees to prevent double-spending, assuming that an attacker’s computational power does not exceed 50% of the network power. In this paper, we design a novel bribery attack and show that this guarantee can be hugely undermined. Miners are assumed to be rational in this setup and they are given incentives that are dynamically calculated. In this attack, the adversary misuses the Bitcoin protocol to bribe miners and maximize their gained advantage. We will reformulate the bribery attack to propose a general mathematical foundation upon which we build multiple strategies. We show that, unlike Whale Attack, these strategies are practical, especially in the future when halvings lower the mining rewards. In the so called ’guaranteed variable-rate bribing with commitment’ strategy, through optimization by Differential Evolution (DE), we show how double spending is possible in the Bitcoin ecosystem for any transaction whose value is above 218.9BTC, and this comes with 100% success rate. A slight reduction in the success probability, e.g. by 10%, brings the threshold down to 165BTC. If the rationality assumption holds, this shows how vulnerable blockchain-based systems like Bitcoin are. We suggest a soft fork on Bitcoin to fix this issue at the end.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
比特币的未来是否像我们想象的那样安全?通过大额交易发起贿赂攻击的比特币脆弱性分析
比特币使用区块链技术维护交易秩序,并提供概率保证以防止重复消费,前提是攻击者的计算能力不超过网络能力的 50%。在本文中,我们设计了一种新颖的贿赂攻击,并证明这种保证会遭到极大破坏。在这种设置中,矿工被假定为理性的,他们获得的奖励是动态计算的。在这种攻击中,对手会滥用比特币协议来贿赂矿工,并最大限度地提高自己的收益。我们将重新表述贿赂攻击,提出一个通用数学基础,并在此基础上构建多种策略。我们将证明,与 "鲸鱼攻击 "不同,这些策略是切实可行的,尤其是在未来半价降低挖矿奖励的情况下。在所谓的 "有承诺的保证可变利率贿赂 "策略中,通过差分进化(DE)的优化,我们展示了在比特币生态系统中,任何价值超过 218.9BTC 的交易都有可能出现双重消费,而且成功率高达 100%。稍微降低成功概率,比如降低 10%,阈值就会降低到 165BTC。如果理性假设成立,这就说明了像比特币这样基于区块链的系统是多么脆弱。我们建议对比特币进行软分叉,最终解决这个问题。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
ACM Transactions on Privacy and Security
ACM Transactions on Privacy and Security Computer Science-General Computer Science
CiteScore
5.20
自引率
0.00%
发文量
52
期刊介绍: ACM Transactions on Privacy and Security (TOPS) (formerly known as TISSEC) publishes high-quality research results in the fields of information and system security and privacy. Studies addressing all aspects of these fields are welcomed, ranging from technologies, to systems and applications, to the crafting of policies.
期刊最新文献
ZPredict: ML-Based IPID Side-channel Measurements ZTA-IoT: A Novel Architecture for Zero-Trust in IoT Systems and an Ensuing Usage Control Model Security Analysis of the Consumer Remote SIM Provisioning Protocol X-squatter: AI Multilingual Generation of Cross-Language Sound-squatting Toward Robust ASR System against Audio Adversarial Examples using Agitated Logit
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1