The attack that people are worrying about involves control of a majority of mining power, not control of a majority of mining output. So the seized bitcoins are irrelevant. The way the attack works is that the attacker would generate a forged chain of bitcoin blocks showing nonsense transactions or randomly dropping transactions that already happened. Because they control a majority of mining power, this forged chain would be the longest chain, and therefor a correct bitcoin implementation would try to follow it, with bad effects. This in turn would break the existing bitcoin network.
The government almost certainly has enough compute power to mount this attack if they want.
51% of hash power only grants the power to roll back recent transactions which you sent. It does not make it possible to enter invalid transactions, to roll back transactions you weren’t party to, or to steal coins at rest. The risk is that you could receive coins, do something in response to receiving those coins, and then discover that they were clawed back. But the further back in time the transaction was, the more computationally expensive it is for them to do this.
While it doesn’t allow invalid transactions, it does enable rolling back other people’s transactions, by a combination of rolling back time and rejecting a class of transactions, such as a particular address. In particular, it allows ignoring all other miners and taking all the newly mined coins.
It’s true that the further back in time you want to rewind, the more computational resources. In particular, the further back in time you want to go, the more time it takes to accomplish the maneuver. But if you are a consortium of miners, you were going to spend these resources mining, and the total number of blocks is fixed, so does it cost electricity? I’m not sure.
The more damage you want to do the longer it takes.
Would having control of a massive number of computers for a few minutes be enough?
Definitely not. To give you a sense of scale, a new bitcoin block comes out every five minutes and it would take control of the block chain for multiple ‘ticks’ to do serious damage.
The attack that people are worrying about involves control of a majority of mining power, not control of a majority of mining output. So the seized bitcoins are irrelevant. The way the attack works is that the attacker would generate a forged chain of bitcoin blocks showing nonsense transactions or randomly dropping transactions that already happened. Because they control a majority of mining power, this forged chain would be the longest chain, and therefor a correct bitcoin implementation would try to follow it, with bad effects. This in turn would break the existing bitcoin network.
The government almost certainly has enough compute power to mount this attack if they want.
51% of hash power only grants the power to roll back recent transactions which you sent. It does not make it possible to enter invalid transactions, to roll back transactions you weren’t party to, or to steal coins at rest. The risk is that you could receive coins, do something in response to receiving those coins, and then discover that they were clawed back. But the further back in time the transaction was, the more computationally expensive it is for them to do this.
While it doesn’t allow invalid transactions, it does enable rolling back other people’s transactions, by a combination of rolling back time and rejecting a class of transactions, such as a particular address. In particular, it allows ignoring all other miners and taking all the newly mined coins.
It’s true that the further back in time you want to rewind, the more computational resources. In particular, the further back in time you want to go, the more time it takes to accomplish the maneuver. But if you are a consortium of miners, you were going to spend these resources mining, and the total number of blocks is fixed, so does it cost electricity? I’m not sure.
For how long would you have to control the computing power? Would having control of a massive number of computers for a few minutes be enough?
The more damage you want to do the longer it takes.
Definitely not. To give you a sense of scale, a new bitcoin block comes out every five minutes and it would take control of the block chain for multiple ‘ticks’ to do serious damage.
Ten minutes, on average.
Thanks.