Home < Magicalcryptoconference < Magicalcryptoconference 2019 < The State of Bitcoin Mining: No Good, The Bad, and The Ugly

The State of Bitcoin Mining: No Good, The Bad, and The Ugly

Speakers: Matt Corallo

Date: May 12, 2019

Transcript By: kouloumos

Tags: Mining

Media: https://www.youtube.com/watch?v=k_z-FBAil6k

So I’m going to talk a little bit about kind of the state of mining and the set of protocols that are used for mining today, a tiny bit about the history. And then I’m going to talk very briefly about some of the solutions that are being proposed, whether it’s BetterHash, whether it’s Braidpool design, rebooting P2Pool, and some of the other stuff, only kind of briefly at the end. But mostly, I just want to give more impotence for how broken the state of things are today, and why the community broadly desperately needs to be focused on fixing stuff. So I’m in Chaincode, and if you didn’t notice, we have a really fancy new logo. So I’m just gonna sit here and admire that for a minute. Thanks to John and other people who put that together. But before we go down the rabbit hole of mining I want to talk very briefly and make sure we’re on the same page about why we’re here and what Bitcoin is.

Why Are We Here

So remember, Bitcoin didn’t invent ecash. It’s not new. It’s been around since the 80s. The ideas that Bitcoin tried to exemplify and the thing that it finally solved, those problems have been worked on since the 80s. It’s not news. Bitcoin has gotten the furthest, there are a ton of attempts, none of them went anywhere. But ultimately, Bitcoin solves this problem that everyone had been trying to solve in the 80s and 90s by making it so that there are, in theory, no trusted counterparties, no trusted third parties. There are a million other attempts. They all failed for one way or another, whether because the trusted third party went to prison and got shut down, in the case of e-gold, or whether the business just failed in the case of some of the other attempts such as ecash. And Bitcoin’s entire premise is that the reason that all of these failed is because there was a trusted third party, and maybe you didn’t have to trust that third party for privacy or money, but you have to trust that they existed in some way or another, and thus, they all failed. So if you haven’t read the Ray Dillinger piece on LinkedIn, it’s great. It’s a great write up of kind of all the background around this thinking, highly recommended.

So Bitcoin, of course, the whole premise is we use miners we have theoretically decentralized hash rate mining transactions, creating blocks, and that’s the whole idea and that attempts to solve this original problem. Of course there is the cryptocurrency industry which is now stopping and looking back at what people were doing in the 80s and 90s—that always failed—and saying “You know what, maybe we should try that again”. For some reason, because apparently proof of stake is decentralized. I don’t know who decided that. Money was decentralized, but there’s good studies that say that it hasn’t been since ancient Mesopotamia. So whatever, if they want to try that, that’s great. But what I’m focused on is how do we try to go as far as we can down the line of saying this Bitcoin thing is novel. It attempts to solve this problem that’s been around for 30 years, or 40 years in a novel and creative way and how do we make it so that it has the highest chance of succeeding?

Bitcoin Pool Background

Of course, Bitcoin is still an experiment. It is not by any means something that we can say “yes, we’ve succeeded on our goals”. This is a distributed decentralized thing and we don’t have to trust any third parties. Let’s remember that hash rate is still super centralized. In fact, it’s worse than this. This is an old graph, but don’t forget that the top two mining pools are actually the same company. So in practice, the two biggest ones need to just be merged. There’s no reason for those to be separate. That’s just superficial. Pretend that things are better than they are.

But remember that Bitcoin is super centralized this goal that we’re trying to get to, we’re not there yet. And so we’d still need to be pushing harder and see how much better we can improve the state of things today. So quick, brief background, for those of you who weren’t here for Bob’s talk (Decentralized Mining Pools for Bitcoin), weren’t paying attention, or generally aren’t familiar, remember that the way mining in general operates today is you have to use a pool for all the reasons Bob (McElrath) outlined and they communicate using this protocol called Stratum. Stratum is great, but it was also invented a while back and had very different goals from how it’s actually used today. Stratum was intended to both be a SPV client wallet protocol and also a mining hash rate protocol, among a number of other things. So it’s really not used in the way it was intended and it had very different goals at the onset than the world that we’re in today. At the risk of being offensive to anyone who was involved in creating it, it could use a refresh. Of course, remember that the use of Stratum and the way it’s designed is that the pool selects the transactions, the pool selects the block on which it’s mining, all of these great things. It makes it easier for miners, they don’t have to put any effort into running their own full node, but it means the consensus group, the thing that we care about as Bitcoin users day in day out, is the pool. And that’s what leaves us this graph of super centralized hash rate control because it’s no longer the miners, the farm operators, the people who own that hash rate. It’s the pools that matter. And that’s why we’re talking about tools to begin with. Otherwise, maybe we wouldn’t have to.

Security

So quick, a brief discussion of how bad things really are. For those of you who aren’t security people, you haven’t been spending your time watching DEF CON talks or whatever. The internet is a scary place. No, really. The internet’s the frighteningly scary place. DNS is usually unauthenticated. We saw with MyEtherWallet that someone was able to hijack, I guess this was also somewhat a BGP hijack, but we saw with MyEtherWallet that someone was able to steal large quantities of money using simple attacks against the largest web hosting provider in the world (AWS), was able to steal their address space and use this to exploit MyEtherWallet users—against the largest hosting provider in the world. And there wasn’t really any recourse Amazon had against these hackers. They did a simple BGP hijack, stole their address space. Remember when Pakistan accidentally took down YouTube which was at the time the highest bandwidth single entity on the internet? I can do a BGP hijack. Literally a provider I pay 4 British pounds a month, allows me to do a BGP hijack. This is how bad the internet is. Even off-path attackers, there’s a number of research papers about how you can, with just an unfiltered upstream, hack into a TCP connection and get one little packet through – which by the way is all you need for Stratum. Because of some simple operational concerns about how Stratum works, it has a wonderful little message that says, “hey, miner, I actually want you to connect over there and start getting your work from over there now”, because this pool server is going down or it will be more optimal for you to connect over there. That’s a really great message to have for practical purposes. But of course, if a hacker can get into your TCP connection using DNS hijacking, BGP hijacking some kind of off-path attack where you can guess a sequence number in your TCP stream, then you can make that device and all those clients and all that hash rate connect to your pool until that device gets rebooted, which by the way, most miners don’t get rebooted. If you’ve ever worked in a data center or something and you want to go restart the whole data center and turn the power off and turn the power back on, it doesn’t work that way when you have that much power. You will blow all of your power equipment. And so these things rarely get rebooted. And once you get one of these hacks in—with just one single packet—you get to steal all the hash rate, all of it. And let’s remember, if you can get one of these big pools, you get 20% of hash rate until the entire network worth of ASICs gets rebooted. That’s not a thing that happens. So things are pretty scary.

We Can Do Better

But the good thing is we know how to do better. We can do better. We had designs forever. P2Pool is not new, like Bob mentioned was around seven years ago. It’s been around forever. We can use these kinds of things. There’s new proposals like Bob’s working on with Braidpool to improve some of the operational concerns with P2Ppool, improve the way it functions for users. There’s also work on still using the pool model but actually freakin securing it. That’s BetterHash protocol design. I’ve given way more in depth talks on all of the technical nuance of BetterHash and other similar designs that hopefully improve things. In fact, even if we don’t want to go all the way down and say “okay, let’s make mining decentralized, let’s improve security of everything”, there are some pools that offer little proxy appliances (which provide secure transport), you get a little Raspberry Pi, you put it in your mining farm, and at least you have a secure connection to your pool. Sure, it’s not decentralizing mining. It’s not improving things on the angle that we care about and kind of is the high level goal of Bitcoin. But it does actually mean that an attacker can’t really trivially steal 60% or more of network hash power overnight, which is the case today.

Conclusions

If you take nothing away from this conversation, if you’re using an exchange or you are an exchange, and you’re accepting deposits or any kind of payments with less than, let’s say 288 confirmations—that’s two days if you can do math, that is a reasonable timeframe where humans can notice a problem and work to repair it—you’re doing it wrong. Bitcoin is not secure for six confirmations or 20 confirmations that’s not the world we’re in. It does not work for that kind of setup. No other cryptocurrency does either. You look at a lot of the proof of stake systems, they have these like shared stake protocols that really aren’t that much better. But the world we’re in today is if you’re accepting payments, and it’s not in your threat model that someone trivially steals most of the network hash rate for, let’s say, a day or some reasonable timeframe where humans can notice the problem and react, you’re doing it wrong.

We can do better we know how to do better. It’s not like these problems are unique to Bitcoin. Security on the internet is a global problem. It’s a thing that lots of engineers are paying attention to. There’s lots of solutions to pull from. But we actually need to do it. The problem is Bitcoin is a lot of decentralized infrastructure, a huge amount of infrastructure, and a huge amount of devices with firmware that’s hard to upgrade. You look at stuff like the Slush Pool’s Braiins OS, get competently run firmware on your mining devices. Make sure you actually upgrade the firmware on your mining devices. Make sure you’re paying attention to what you’re running on your farm and not just throwing things on racks letting it connect to a pool and you don’t really care whether your ISP is stealing all your hash rate. By the way, I would be surprised if there weren’t ISPs that were siphoning off, you know, a few percent of hash rate off the top of a farm. You wouldn’t ever notice. And they get free money. I’m sure this happens today and no one would notice if it did. We need motivation. We need people beating the drum around these issues. We need people screaming on Twitter that this needs to improve. We need pools to deploy these things. We need mining farms to have a desire to deploy these things, to care enough about Bitcoin or the system they’re using that they don’t completely get devalued by these kinds of large scale attacks. We need people to be working on these things, be implementing these at a pool level, at a mining device level, at a protocol level. These aren’t unique issues. There are a bunch of different proposals and different ways people are talking about fixing these things. But we need people to deploy them.