0

I'm writing up lecture notes and attempting to put the language on the most logical footing. I'm hoping to distinguish attacks on the consensus itself from exploits of the protocol, as these seem to be separate categories. For example an empty-block attack is clearly an attack: the purpose is to damage Bitcoin, whereas Finney's attack is not attempting to strike a blow to the consensus, it's an attempt to exploit consensus rules in a way that is more favorable to the attacker.

Am I going against a decade of convention or is there some precedent here?

More generally, is there a definition an "attack"?

MicahW
  • 81
  • 4
  • What is empty block attack? –  Jan 22 '22 at 05:45
  • An empty block attack is when someone who wants to hobble Bitcoin acquires over 51% of the hashrate and uses this to maintain a longest chain containing only empty blocks. – MicahW Jan 23 '22 at 01:40
  • After reading the things shared in this article I think mining empty block after acquiring 51% hashrate will be a waste of time, money, energy and resources: https://link.medium.com/YOb11f522mb –  Jan 23 '22 at 09:33

1 Answers1

1

An exploit makes use of a software bug or security vulnerability to induce unintended or unanticipated behavior in software to the attacker's advantage.

Neither a Finney attack nor an "empty-block attack"¹ are exploits. In both cases, the software is working as designed. A Finney attack would be classified as either a user error (relying on an unconfirmed transaction) or social engineering attack (misallocated trust), and a majority attack breaks the main security assumption of the protocol that the majority of the hashrate is not colluding to attack.

"Attack" is a hypernym collecting any sort of attempt to harm the network or take advantage of other users. Exploits are a specific subcategory of attacks. It's not obvious to me what you're exactly trying to disambiguate, but perhaps you're trying to distinguish attacks on users and attacks on the whole network?

¹ I'm operating under the assumption that "empty-block attack" is supposed to refer to a majority attacker displacing any blocks that confirm transactions, or monopolizing block creation and only mining empty block, to subject the network to a denial-of-service attack.

Murch
  • 75,206
  • 34
  • 186
  • 622
  • Yes, I'm distinguishing between attacks on the network, and ways which users of the network can take advantage of others, which can be extremely broad and would include any sort of MEV. It seems strange to me that the same word is being used. Selfish mining, undercutting, etc are examples where the protocol is functioning as prescribed, but not as intended. Maybe exploit is not the best word? – MicahW Jan 23 '22 at 01:37
  • I guess selfish-mining could be categorized as a protocol exploit, because the intention is for miners to earn a share of the reward equivalent their relative hashrate, and if you have more than 33% of the hashrate, you can earn more than your share by employing this tactic. I don't know what "undercutting" is referring to. – Murch Jan 23 '22 at 14:58
  • Fee undercutting is an (attack?, exploit?) that becomes available if there are significantly more transaction fees mined in the latest block than are available in the mempool. By mining a block at the same height with some but not all of the fees, a miner can claim more fees for themselves than if they had extended the chain tip. Further, because they can leave more fees available, rational miners will choose to extend the block mined later, causing the first-mined block to become stale. – MicahW Jan 23 '22 at 17:55
  • Ah, I know that attack as "fee sniping". Yeah, one could say that's a bug in the game theory being exploited. – Murch Jan 24 '22 at 17:28