TL;DR: Cornell University researchers, in conjunction with the Initiative for Cryptocurrencies & Contracts (IC3) announced, “We have discovered a denial-of-service attack on Bitcoin-like blockchains that is much cheaper than previously described attacks. Such blockchains rely on incentives to provide security. We show how an attacker can disrupt those incentives to cause rational miners to stop mining.” They call it a Blockchain Denial of Service (BDoS).

BDoS Attack Stops Bitcoin-Based Chains With Far Less Than 51%

The attack implies an outside actor with means to halt a chain using incentives to cause other miners to stop. “We analyze the miner behavior as a game with iterated elimination of strictly dominated strategies (IESDS),” finding “an attack on Bitcoin-like cryptocurrencies requires as little as 20% of the mining power. The situation is even worse if miners can use their equipment in another blockchain rather than turn it off.”

Researchers Michael Mirkin, Yan Ji, Jonathan Pang, Ariah Klages-Mundt, Ittay Eyal and Ari Jules contributed to the new 17-page paper, BDoS: Blockchain Denial of Service. The paper’s leads are from IC3, a group comprised of faculty from Carnegie Mellon University, Cornell University, Cornell Tech, EPFL, ETH Zurich, UC Berkeley, University College London, UIUC and the Technion, based in Cornell Tech, New York City.

True to form their focus is on proof-of-work (PoW) chains and how Denial of Service (DoS) attacks are relatively rare, considering the economic incentives. “Known attacks either target individual participants or require the control of the majority of the system resources,” researchers explain. The paper presents “an incentive-based attack on blockchain availability, Blockchain-DoS (BDoS), with a significantly lower cost,” which they claim “is the first incentive-based sabotage DoS attack.”

The Inherent Properties of Nakamoto’s Protocol Expose it to Significantly Cheaper DoS Attacks

As a point of fact, researchers examine the historic Hash War of 2018, resulting in a contentious hard fork and split. “Blockchain security is only maintained when the majority of the computing power in the system behaves appropriately,” a researcher noted. “A DoS attack could, therefore, be executed by an attacker with more computational power than all other participants combined, a.k.a. a 51% attack. For major cryptocurrencies, 51% attacks are prohibitively costly for most entities,” citing the Bitcoin Cash (BCH) example late last year.

“We find that the inherent properties of Nakamoto’s protocol expose it to significantly cheaper DoS attacks,” they assert, leveraging much-touted economic incentives built-in to the design. “When those incentives no longer align to promote good behavior, the system is at risk. Our attack, called Blockchain DoS (BDoS), exploits miners’ rationality by awarding them higher profit for playing against the system than following its rules,” researchers stressed.

They cite the work of Bryan Ford and Rainer Böhme and their “analysis of a system in terms of rational agents is of limited utility, due to exogenous incentives that are indistinguishable from Byzantine behavior,” a problem Bitcoin was thought to have solved almost by definition.

Blockchain Denial of Service: The Only Winning Move is Not to Play

Getting honest or rational miners to stop, “the attacker generates a block and publishes its header, and only its header,” leading three alternatives for rational miners: extend the chain while ignoring the header, extend the block header, or stop altogether as a way to lessen on-going and futile power costs.

In extending the chain, broadcasting the next block, “the attacking miner uses his relatively high connectivity (as in selfish mining) and propagates the full block corresponding to the header BA. This causes a race between two groups of miners, those that hear of the attacker’s block data first and those that hear of the rational miner’s block first.” Extending the header, the attacker simply refuses to publish the full block, preventing it from being included in the main chain and, thus, no block reward. The final option, then, for a rational miner is to quit.

The BDoS attack, researchers acknowledged, is not imminent. Still, they believe it “is a threat to Nakamoto-consensus blockchains, as it allows denial-of-service with a much smaller hash rate than previous attacks.” And without addressing its potential, the paper claims, “the liveness of Nakamoto blockchains relies on miners’ willingness to follow the protocol despite revenue loss — that is, on altruism.”

CONTINUE THE SPICE and check out our piping hot VIDEOS. Our podcast, The CoinSpice Podcast, has amazing guests. Follow CoinSpice on Twitter. Join our Telegram feed to make sure you never miss a post. Drop some BCH at the merch shop — we’ve got some spicy shirts for men and women. Don’t forget to help spread the word about CoinSpice on social media.

DYOR: CoinSpice is your home for just spicy crypto things. We’re not affiliated with any cryptocurrency project or token. Each published piece is intended for information purposes only, not investment advice and not in the hope of impacting speculative markets. There are plenty of trading sites and coin-specific advocacy journals out there, we’re neither. CoinSpice strives for rigorous accuracy in our reporting. Information presented here is contingent usually on a host of factors, and the ecosystem moves fast — prices change, projects change, and at warp speed. Do your own research.

DISCLOSURE: The author holds cryptocurrency as part of his financial portfolio, including BCH.