A major flaw that has gone unrealized until now leaves the $1.5 billion Bitcoin market open to manipulation and a potential takeover, according to a new study by two Cornell University computer scientists.

Bitcoin is a peer-to-peer online currency that is rapidly gaining mainstream acceptance. Instead of exchanging physical coins, users of Bitcoin use the Internet to record money transactions in a global ledger. This ledger is maintained by a peer-to-peer network of computers called miners, who are compensated with Bitcoins for their efforts. Conventional wisdom asserts that Bitcoin is secure against colluding minority groups of miners.

But post-doctoral fellow Ittay Eyal and Prof. Emin Gün Sirer have discovered that the conventional wisdom is wrong. In a paper that was released on ArXiv today, they describe a mining strategy they call Selfish-Mine, which allows a group of colluding miners, known as a mining pool, to earn more than its fair share of compensation. Moreover, large mining pools can use this strategy to increase their revenue even more, at the expense of honest miners.

The implications of this result are devastating for the system, say Eyal and Sirer. Once a selfish mining pool forms, other miners will want to join that pool to increase their revenue. This process could lead to a takeover, where the selfish miners become a majority, control the global Bitcoin ledger, and the decentralized nature of the currency collapses.

Currently, any pool can employ Selfish-Mine and start a mudslide. Eyal and Sirer suggest a practical fix of the protocol that would prevent pools smaller than 1/4th of the system from employing Selfish-Mine. They warn, however, than pools this large do exist today (for benign reasons), and they should be dismantled for the system to be immune to selfish mining.

This result implies a new bound, requiring 3/4 of the miners to be honest. This bound is significantly higher than the wrongly-believed 1/2. The authors believe, though, that "the Bitcoin ecosystem is strong enough to maintain such a large majority of honest miners." The question is -- can the miners operating today adopt the suggested fix and dismantle too-large pools before a selfish mining pool arises?