Bitcoin - The “Captive Audience” Attack:

Author unknown

A brief study in the collapse of decentralized societies

In the original Bitcoin whitepaper, Satoshi saw fit that miners operated as the economic guardians of the consensus protocol. The rewards issued for solving the block puzzle are intended to encourage miners, as profit maximizing agents, to ensure maximum uptime, reliable security, and ongoing adaptation of The Bitcoin Network to the growing and changing needs of users.

What is good for Bitcoin is consequently good for miners. Increasing user adoption, flexibility, and security adds to the value proposition of Bitcoin. As such if the market should perceive more value in Bitcoin, so the miners can maximize profits in a highly competitive environment.

By comparison, relay and archival nodes as well as developers were never intended to be directly incentivized by the network.

Given the real possibility of Sybil Attacks combined with low energy costs for operating a node it stands to reason that most node operators will have external reasons to do so ie. exchange operators, payment processors, and merchants, both independent and corporate, have incentives to be verifying their own up-to-date copy of the blockchain while increasing connectivity of the overall network.

Contributors to Bitcoin reference client implementations as well remain outside the network incentive system. This serves to ensure that developers are not directly incentivized to promote the use of one reference client over the adoption of as many implementations as possible.

The use of multiple reference clients serves as an important part of the decentralization of the Bitcoin Network. No human creation is perfectly reliable and any software implementation is guaranteed to have some bugs, the multiple implementations serve to reduce vulnerability of the network to developer-specific bugs or consequences due to additional features that may be unique to different clients. The constant review of old and new code also encourages ongoing vulnerability testing.

In the scenario that one reference client is being used as the de facto “Bitcoin client” this opens opportunities for developers to begin implementing centralized policies and attempt to derive value both directly from the network at the cost of the miners, and extract value from its users in the form of subscription based software, closed interfaces, and other gatekeeping behavior.

This is defined as “rent-seeking” behavior, a well known symptom of centralized systems where via rule of law, cronyism, or monopolistic behavior an entity can create for itself a position to extract value from an industry without necessarily adding value of their own.

In the case of a Bitcoin implementation, this could consist of restrictive policies intended to force users into a scenario in which the developers are able to offer an external solution whereby they can demand fees either in form of a pre-capture before transactions are verified by miners, or even subscription based software in which they are the gatekeepers in being able to communicate with The Bitcoin Network.

This serves to lower the value of Bitcoin itself as second-layer solutions will begin to move more transactions off-chain, depriving miners of their economic incentives and weakening the network as a whole. On a long enough timeline this could lead directly to Bitcoin being largely discarded as an unnecessary layer: the majority, if not entirety, of transactions having been moved off chain and into federated systems; the software owners will have succeeded in capturing a majority of the Bitcoin transaction market while offering little in the way of decentralized security and redundancy.

Given that Bitcoin is operated using open-source software, the opportunities for such behavior should be extremely limited. Any such rent-seeking intentions first require a large capture of the node operators in order to grant the developers undue influence over future policy.

In considering that the Bitcoin transaction market is currently in the billions of dollars, any private entity would be highly incentivized to use any means possible in order to capture confidence in a particular “brand” of software as opposed to promoting confidence in the network itself: consisting of miners whose profits and viability are bound to the network’s usefulness, independent node operators, and most importantly their users.

Should users find themselves “trusting” a particular implementation or developer, capture is likely already underway. The network is designed to be trustless in regards to any functional reference client being able to agree with any others on the current state of the network and verify it for themselves. If reference clients are considered unequal in their capability the opportunity for transaction capture gets much larger.

Defending against such a capture is as simple as miners considering the restrictive implementation rules as invalid by way of a fork. Rent-seeking requires by necessity an artificial restriction placed on the system, without which there is no opportunity to move economic activity off-chain without offering a better overall value proposition.

For reference: While I am basing this paper on the current implications of this multi-pronged strategy for Bitcoin specifically, I propose that this study has implications for historical transfers of economic control from individuals to governments and corporations. In looking backwards we can see many historical instances of this attack being perpetrated by governments and central banks in the process of moving from sound money to reserve money to fiat currency. The greatest tool of the institutions in this case is complacency. When the people are complacent the corporations will leverage this apathy to subvert, and then corrupt the money used by the people; historically leading to centralized solutions which become more systemic and corrupt over time.

For example, silver coins became silver plated copper coins and debasement led to the collapse of The Roman Empire.

More worryingly:

Gold and silver became gold and silver certificates which became Dollars which became Federal Reserve Notes and continual debasement shall lead to inevitable collapse. From pure value to pure debt in a manner of generations: this scenario has played out repeatedly throughout history and continues today.

Given that this author believes the above to be true; it is their opinion that we are currently experiencing one if not more “captive audience attacks” today.

In Bitcoin, this is taking place as the “Bitcoin Core” developers, consisting of private individuals with private interests and external funding, have implemented their software across over 75% of the total infrastructure. It is impossible to know how many nodes are operated by individual entities and how many may even be operating as virtual machines, potentially consisting of multiple “heads” operating off of a single copy of the blockchain, or even pruned blockchains which can be operated even more cheaply. This is clear opportunity for a Sybil Attack; in fact it is clearly evident that the “UASF” nodes are a very overt form of Sybil Attack which fully intends to create a more restrictive fork of The Bitcoin Network, capturing as much hashpower as possible in order to disrupt miner consensus and force other developers to comply with their software rules. This is likely only a taste of things to come.

Looking at the preceding months it is important to note that regardless of Bitcoin Core’s motivations, their actions of opposing any change to the restrictive policy of blocks being <=1MB should be highly suspect. It is a matter of fact that this policy was included as an early form of spam protection for the nascent network. It was always intended for the limit to be raised, or removed altogether. It is a fallacy that in this age of high speed, high bandwidth internet connections and inexpensive data storage that a larger maximum block size will have measurable, if any, effects on the overall health of the network ahead of ongoing solutions that are constantly being developed. The possibility of “spam attacks” has decreased massively over time as the actual economic cost of an attack only increases with value and adoption; conversely in this way the <=1MB block size is now a liability which actually makes such spam attacks easier.

In regards to Bitcoin Core, I define this as “non-competitive behavior”: insisting upon a technically complex system in order to stymie alternative solutions to a given problem, with intent to increase reliance of users on a particular choice of software: SegWit.

Given that this is true, it is easy to discern methods by which software developers can begin to extract revenue from the system: second layer systems such as Lightning Network propose to lock potentially large amounts of economic activity and liquidity outside of the blockchain in favor of non-PoW settlement systems which then rely on the PoW security to prevent counterfeiting. There is also an opportunity for potentially large amounts of block space to be “leased” by the developers: In such a scenario the developer produces a software which allows them to prioritize certain transaction channels for a contracted buyer, this allows the software provider to consume space in the block for a discounted rate and pocket the difference. In this process the miners are continually starved of fees, an increasingly unstable scenario as block rewards continue to decrease over time.

This will inevitably lead to miner’s margins being squeezed to the point of directly increasing centralization as only the most competitive miners will be able to derive any profit. This can quickly turn into a losing scenario and in the ongoing hashrate drop you find an opportunity to simply layer all of the secondary solutions over a low-security blockchain such as a proprietary algorithm operating on a central service whereby the computational security is trusted not by the highest difficulty chain, but simply the chain “owned” by the provider which may now be truncated, editable, and considered to be private property.

For reference: If the software provider is charging as much as possible for block space, and paying the miner as little as possible, eventually profitability for both will reach an artificial equilibrium. With users forced to access the blockchain via the software provider, the space available in blocks and the fee costs associated can be adjusted at will, ensuring minimum fees for the miner and no variability in competition. Compare this to an open fee market where supply and demand are forced to intersect organically and overwhelming demand for block space will drive up miner profitability insisting that the equilibrium of supply (cheap transactions) and demand (fees/block) be a moving target.

If this scenario is sounding disturbingly plausible to you, you should be relieved that hashpower still remains the driving force behind Bitcoin. On August 1, 2017 miners will have the first well-defined choice in whether they will continue to look after their best interests as defined by the best value proposition for Bitcoin, or wilfully decrease their influence over the network and defer to a single implementation for the solution to increasing transaction throughput.

This author is a believer in Complexity Theory and defines Bitcoin as a Complex Adaptive System wherein increasing complexity is directly linked to increasing incidence and severity of unintended consequences.

Given this belief, the author has never advocated for increasing the complexity of The Bitcoin Network, the innate simplicity of the system arising to such a complex economy of individually motivated actors is a testament to the power of this idea. It is important to note that the more complex the base system is, the more complex the secondary systems will be. The more complex these systems are, the higher the cost of entry for a competing system becomes.

Thusly, I have concluded that it is my obligation as a miner to ensure that SegWit is forced to compete in a less restrictive environment, ensuring that adoption or rejection of this software will be decided by its total value proposition and not by it’s ability to offer an immediate solution to an artificially restrictive policy.

I will continue supporting any increase of the block size, by any means, regardless of SegWit support but preferably without. I insist to all other Bitcoin miners that it is your obligation to prevent any possible capture of transaction volume on any off-chain solution, for the ongoing benefit of both miners and users. If there are any users that have begun using Bitcoin solely for the promise of it supporting SegWit, I propose that achieving the same throughput with a block size increase will amount to a net positive effect, in other words there is little to no value downside in supporting 1MB+ but the potential upside is immeasurable.

For the miners:

If the 1MB+ hard fork is able to garner 50% support within a short timeframe of the fork block, the <=1MB chain(s) will be at a serious mathematical disadvantage to be able to continue operating (excluding short term gains due to price difference).

Given that the <=1MB chain(s) will be capable of processing 1MB/20 minutes on average and transaction volume is likely to remain, any backlog of transactions will quickly grow.

Both chains will be facing a roughly 14 day retargeting period. If the <=1MB chain(s) are able to persist to a retarget, it will be forced on the markets to decide a winner, if any, and that may be a long battle particularly given the late stage in this attack, whereas economic support for both forks is notably unequal due to media and corporate capture.

If miner support for the 1MB+ fork moves above 50% in this time period, regardless of short term economic incentive, the value proposition for this fork begins increasing wildly. It will provide lower fees and faster confirmations, and the faster retarget will guarantee this to be accelerating. At this point the 1MB+ fork will almost certainly become the highest difficulty chain.

At this point there is a possibility for a cascade effect: miners on the <=1MB fork are directly incentivized to leave the <=1MB fork and cease block production as the 1MB+ fork would then be the user’s only viable option. In this scenario the markets would be forced to reconcile this as quickly as possible: the outcome, while unknown, is still tilted in the miner’s favor as every user who had Bitcoin still has their Bitcoin, and aside from an upgrade to their wallet software Bitcoin will function even more reliably. The effect on users and node operators using exclusively Core software would be noticeable, but quickly rectified.

The faster this cascade can happen, the less disruption to users and merchants actively transacting during the fork period and the better the long term outcome for everyone.

For users:

Be aware that exchanges refusing to support the natural and complex process of a contentious fork should be highly suspect: people are guaranteed not to agree on everything, however choosing not to capitalize on an asset which all current users are guaranteed to possess is a strange position for a cryptocurrency-based business to hold. For exchanges which have not refused, but not yet confirmed their support for any and all forks, it is in the hands of the users to encourage these exchanges to provide support, or else vote with your coins and simply take your business elsewhere.

Miners will be able to vote with their hashpower, it is equally important that you be able to vote with your coins, whatever you prefer to call them.

In the meantime, you should ask yourself:

Are you here because you want to be able to receive and send inexpensive Bitcoin transactions worldwide with the software of your choice, or even of your creation?

Or

Are you here to be able to receive and send inexpensive SegWit transactions with “Bitcoin Core compliant" software?

The differences are much greater than you may believe. You need to be asking precisely what SegWit aims to achieve that the staggeringly simple solution of bigger blocks cannot.


For reference:

SegWit (© 2017 Bitcoin Core)

Sybil Attack

BIP 148 “UASF” 2

Lightning Network

UAHF

Bitcoin Cash

BitcoinABC

Bitcoin Unlimited

Bitcoin Classic

Bitcoin XT