Majority Is Not Enough: Bitcoin Mining Is Vulnerable

  title={Majority Is Not Enough: Bitcoin Mining Is Vulnerable},
  author={Ittay Eyal and Emin G{\"u}n Sirer},
  booktitle={Financial Cryptography},
The Bitcoin cryptocurrency records its transactions in a public log called the blockchain. Its security rests critically on the distributed protocol that maintains the blockchain, run by participants called miners. Conventional wisdom asserts that the mining protocol is incentive-compatible and secure against colluding minority groups, that is, it incentivizes miners to follow the protocol as prescribed. 

Topics from this paper

Tendermint : Consensus without Mining
A solution to the blockchain consensus problem that does not require mining is proposed by adapting an existing problem to the Byzantine Generals Problem.
The Fallacy of Selfish Mining in Bitcoin: A Mathematical Critique
The Bitcoin cryptocurrency records transactions in a public log called the blockchain. Its security critically depends on the distributed protocol that maintains the blockchain, run by participants
Majority is not enough
This work shows that the Bitcoin mining protocol is not incentive-compatible, and proposes a practical modification to the Bitcoin protocol that protects Bitcoin in the general case, and prohibits selfish mining by a coalition that command less than 1/4 of the resources.
A Distributed Blockchain Model of Selfish Mining
This paper models the behaviour of honest and selfish mining pools in Uppaal and does not assume a single view of the blockchain but does include the presence of network delay.
Tomen: Application of Bitcoin Transaction Based on Tor
Tomen is proposed, an encryption application for the communication process in the bitcoin transaction process, combined with the encryption principle method of Tor to achieve the application of the anonymization of bitcoin transaction communication.
Short Paper: Revisiting Difficulty Control for Blockchain Systems
The Bitcoin whitepaper states that security of the system is guaranteed as long as honest miners control more than half of the current total computational power, thus it is equally hard to solve a cryptographic proof-of-work puzzle for any given moment of system history.
Digital Gold or Lead?
Bitcoin is a decentralized cryptocurrency operating on a pubic distributed ledger called the blockchain. Its main innovation is that it does not require a central bank or any central authority for
On the Unfairness of Blockchain
The success of Bitcoin relies on the perception of a fair underlying peer-to-peer protocol:, and without such perception of fairness, honest miners might be disincentivized to maintain the protocol, leaving the space for dishonest miners to reach a majority and jeopardize the consistency of the entire system.
Doppelganger in Bitcoin Mining Pools: An Analysis of the Duplication Share Attack
Mining pools, consisting of a number of miners, have become major players compared with solo miners as the difficulty of proof-of-work is increasing.
Contractvm : decentralized applications on Bitcoin
We introduce Contractvm, a framework for developing decentralized general-purpose applications on top of the Bitcoin blockchain. Our framework addresses several issues of Ethereum: for instance, it


Information propagation in the Bitcoin network
This paper analyzes how Bitcoin uses a multi-hop broadcast to propagate transactions and blocks through the network to update the ledger replicas, and verifies the conjecture that the propagation delay in the network is the primary cause for blockchain forks.
Zerocoin: Anonymous Distributed E-Cash from Bitcoin
Zerocoin is proposed, a cryptographic extension to Bitcoin that augments the protocol to allow for fully anonymous currency transactions and uses standard cryptographic assumptions and does not introduce new trusted parties or otherwise change the security model of Bitcoin.
The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries
The Bitcoin digital currency depends for its correctness and stability on a combination of cryptography, distributed algorithms, and incentivedriven behavior. We examine Bitcoin as a consensus game
Bitter to Better - How to Make Bitcoin a Better Currency
An in-depth investigation is performed to understand what made Bitcoin so successful, while decades of research on cryptographic e-cash has not lead to a large-scale deployment.
PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake
A peer-to-peer crypto-currency design derived from Satoshi Nakamoto’s Bitcoin. Proof-of-stake replaces proof-of-work to provide most of the network security. Under this hybrid design proof-of-work
On bitcoin and red balloons
This work examines a common scenario in which only participants that are aware of the information can compete for some reward, and thus informed participants have an incentive not to propagate information to others, and proposes a modification to the protocol that can eliminate this problem.
Blind Signatures for Untraceable Payments
  • D. Chaum
  • Business, Computer Science
  • 1982
Automation of the way we pay for goods and services is already underway, as can be seen by the variety and growth of electronic banking services available to consumers. The ultimate structure of the
PPay: micropayments for peer-to-peer systems
PPay is presented, a micropayment system that exploits unique characteristics of P2P systems to maximize efficiency while maintaining security properties, and it is shown how the basic PPay protocol far outperforms existing micropayan schemes, while guaranteeing that all coin fraud is detectable, traceable and unprofitable.
Quantitative Analysis of the Full Bitcoin Transaction Graph
This paper answers for the first time a variety of interesting questions about the typical behavior of users, how they acquire and how they spend their bitcoins, the balance of bitcoins they keep in their accounts, andHow they move bitcoins between their various accounts in order to better protect their privacy.
KARMA : A Secure Economic Framework for Peer-to-Peer Resource Sharing
A general economic framework for avoiding freeloaders in peer-to-peer systems that is resistant to malicious attempts by the resource provider, consumer, and a fraction of the members of the bank set.