Bitcoin: Addressing concerns over a 51% attack

Although a mining pool last month managed to briefly control the majority of the computing power used to generate the Bitcoin crypto-currency, a so-called '51 per cent attack' remains unlikely, according to Chris Mountford, a Bitcoin advocate and a senior developer at Atlassian.

Last month, a group called Ghash.io briefly exceeded 51 per cent of Bitcoin’s hash power. Contributing the majority of computing power in theory could allow a group to control the Blockchain, which records Bitcoin transactions.

Ghash.io released a statement earlier this month saying that it will aim top out at 39.99 per cent of the hash power.

Even if a pool reaches 51 per cent, being able to successfully attack Bitcoin is unlikely as attackers can be easily detected, Mountford told Computerworld Australia at Cryptocon, which is being held in Sydney this week.

All Bitcoin transactions are displayed on a block in the blockchain and published every 10 minutes.

“If someone wanted to do a 51 per cent attack, first of all they would need to take advantage of this majority power they have within a 10-minute window," Mountford said.

"They also would not be able to escape notice; everyone would almost instantly know who’s attempting to do this. What is likely, the members of that pool would switch to another pool, turn off mining and disable power of that attempt straight away.”

The fallout from launching such an attack would ruin a group's opportunity to make a great deal of money, Mountford said. “With more than 51 per cent of the hash power, they are making a killing with a lot of money so it would be a suicide move.”

Bitcoin mining pools are one of the few examples where the "alignment of interest is not fully maintained in Bitcoin," Mountford said. "It has led to the incentivisation of centralisation,” the developer said.

“The miners, who are all independent, gain an advantage from joining a mining pool – a collection of miners who all submit their work through a single party.

"By being part of a pool, on average they would make slightly more money than if they are not, and they also stand to have a steadier stream of income rather than potentially going all year not making anything and then suddenly hitting the jackpot.”

The current situation, where joining a pool is in miners' best interests and a 51 per cent remains possible, is not an ideal solution, Mountford said.

“What we really need is a way to have perfect alignment of people’s interest such that as participants seek their own benefits selfishly, the prospect of mining centralisation will not grow.”

Identity management is another Bitcoin challenge that needs to be addressed. Mountford said cryptic Bitcoin addresses make it difficult to properly identify people and ensure transactions are being made between the right parties.

“What we need is a standard that enables people to choose their identity provider, and that standard is OpenID. The idea that we should entrust single entities to be our identity provider is probably not a good idea, or at least there’s risk with that.

“NameCoin is pretty much the second crypto-currency to have come out. And its purpose is not to act as a currency – its purpose is to act as a registry for names. Name ID is OpenID – it is an example of [the] OpenID [standard] implemented using NameCoin rather than using Twitter, Google, etc.”