15

The difficulty in Bitcoin is recalculated every 14 days. What if immediately after this difficulty adjustment someone targets Bitcoin nodes with a supercomputer and start creating new blocks?

Such attack can create some many bitcoin to complete the series to the 21 million bitcoins before the 14 days pass by. Then the difficulty will be recalculated and it is going to result sky high, because of so many blocks were generated in the previous cycle.

But after that the super computer is disconnected, and the Bitcoin network (all nodes that were mining prior the attack) will have no power to create another block. The network will stall. The interest in mining Bitcoin will disappear and nobody would be able to withdraw anything, since you would need a supercomputer to create the next block, or wait for hundreds of years for the next block to come.

Is there any error in my reasoning? Is this scenario possible?

Highly Irregular
  • 10,960
  • 6
  • 54
  • 103
Nulik
  • 285
  • 2
  • 8

3 Answers3

24

"TL;DR: Bitcoin mining is virtually immune to someone attacking it with a supercomputer, because the mining market is already flooded with supercomputers custom tailored to the job at the hardware level."
(via Cort Ammon in comments)

First of all, the difficulty reset happens after 2016 blocks. That's only after about 14 days if the hashrate is stable. When there is a steep increase in mining power the difficulty will therefore adjust much more quickly. The difficulty change is limited to a factor of four, so e.g. if the hashrate increased by a factor ten (at the start of a difficulty period), the difficulty would increase by a factor four after 1.4 days, and then again by a factor of 2.5 after 5.6 days, so that it would have adjusted a factor of 10 after only one week. Since the adjustment is an exponential function, the network can similarly adjust to even bigger jumps. You are correct however, that if the hashpower left at that point, the network could get stuck.

Luckily, supercomputers are not effective at producing Bitcoin blocks. For Bitcoin blocks, the only operation that needs to be churned endlessly is a double SHA-256 hash. And that's exactly what Bitcoin ASIC miner hardware does, their chips have the necessary algorithm implemented in hardware and are therefore exclusively designed to calculate Bitcoin blocks. This is what makes even a single contemporary ASIC faster than thousands of computers.

The window for supercomputers to take over Bitcoin mining closed some time in 2012 or 2013. Today, the Bitcoin network produces about 10 exahashes/s. To my knowledge, the most cost effective miners come at about $100 per TH/s which translates to a magnitude of one billion USD invested in Bitcoin mining hardware alone.

Murch
  • 75,206
  • 34
  • 186
  • 622
  • 2
    there are GPU supercomputers. or, you could also make your own ASICs to attack bitcoin, how much would you need? around 100k USD, that is not much, considering that all discovered blocks would pay for the ASICs during the period you would be attacking it. – Nulik Oct 02 '17 at 04:55
  • 6
    You severely underestimate the mining power of the Bitcoin network. ;) I've amended my answer to address your comment. – Murch Oct 02 '17 at 05:06
  • Does that cost factor in the amount of power consumed by those miners? – Shadur-don't-feed-the-AI Oct 02 '17 at 07:22
  • No just a guesstimate for the hardware acquisition cost. Although, miners producing for themselves probably would have lower costs. – Murch Oct 02 '17 at 07:26
  • Wrong answer - it does not address the main poiint (getting all Bitcoin before the 14 day pass) which is false to start with. – TomTom Oct 02 '17 at 16:19
  • @TomTom: Thanks, I've added a paragraph to address that part of the question. – Murch Oct 02 '17 at 17:16
  • 3
    Tl/Dr: Bitcoin mining is virtually immune to someone attacking it with a supercomputer, because the mining market is already flooded with supercomputers custom tailored to the job at the hardware level. (similar argument: what prevents someone with a gun from going onto an airforce base and taking a modern F-22 fight? Answer: the Airforce base has more guns than he does) – Cort Ammon Oct 02 '17 at 17:37
  • @CortAmmon: Thanks, I've added your summary to my answer. – Murch Oct 02 '17 at 18:14
  • @Shadur Power is indeed a significant issue. That is why Iceland is a particularly good location for Bitcoin mining. It has cheap power, and plenty of cold air. See We got a look inside a vast Icelandic bitcoin mine. – Patricia Shanahan Oct 09 '17 at 02:19
8

It's not done every 14 days - it's done every 2016 blocks, which will happen in 14 days if hashpower stays the same. If hashpower goes up, then the retarget happens sooner.

Nick ODell
  • 29,396
  • 11
  • 72
  • 130
  • Also supercomputers wouldn't make a dent compared to today's hashrate. Likely, even the top 1000 most powerful general purpose computers together wouldn't even. – Pieter Wuille Oct 02 '17 at 01:20
  • well, then a supercomputer can take advantage once in while. it can make 2015 blocks and then wait for the hashrate to stabilize. – Nulik Oct 02 '17 at 01:38
  • @Nulik It would take 8 weeks for the hashrate to stabilize from that. That raises the question: why not turn on the supercomputer and mine continuously? Hardware isn't free. – Nick ODell Oct 02 '17 at 04:35
  • 1
    @NickODell , I am exploring the possibility for the governments to attack bitcoin. They can use supercomputers to drive the difficulty so high, that the currency will be unusable, nobody would be able to withdraw or deposit because there will be no new block. Creating new block would take months, which means, bitcoin has failed its purpose. – Nulik Oct 02 '17 at 04:52
  • so, mining is not the goal – Nulik Oct 02 '17 at 04:52
  • @Nulik The difficulty algorithm would be adjusted. There are enough people who want bitcoin to keep working that, while it would be a bit inconvenient, they would be able to work out a change in the rules to keep things going. – David Schwartz Oct 02 '17 at 08:35
  • 1
    You also need a LOT of power to do that. If that happens you can rather destroy bitcoin by reverting transactions. See, in order to "stop transactions for hours" you need to run like 20 or 50 times the current hashpower - otherwise you are just "inconveniently" slowing down the network, not disrupting it. That is a surreal amount of specialized hardware. You really need something that can hammer down like 2015 blocks in - half a day or so ;) – TomTom Oct 02 '17 at 16:21
  • @TomTom: I did some reasoning on this. To break bitcoin permanently start from some weeks-old block and find the next block in the chain with the all-zeros hash if you can. All of the nodes will think your block is the next block and roll back a few weeks worth of transactions. It's not that they can't clean this up it's that they will be very worried about somebody doing that a second time with the intent to double-spend. – Joshua Oct 02 '17 at 16:25
  • 1
    @Joshua That wouldn't work. Your chain (the one with the block you just found) is way shorter than the chain they were on previously (because it has a few weeks of additional blocks in it). The longest valid chain wins and your chain would be way shorter. (It's slightly more complicated than that, but that's the basic idea.) – David Schwartz Oct 02 '17 at 16:43
  • @DavidSchwartz: It's total difficulty, and the difficulty of the all-zeros hash will be rated very high. – Joshua Oct 02 '17 at 17:45
  • @Joshua No, it would not. You absolutely do NOT compute difficulty that way. It's only the difficulty required that you count. – David Schwartz Oct 02 '17 at 17:49
  • 1
    The system is designed so that attempting attacks in simplistic ways like re mining an old block from a few weeks ago would not work. If this was possible bitcoin would be effectively useless as a reliable store of value, and this form of attack would most likely have occurred by now. – DanielSon Oct 02 '17 at 19:45
  • @Nulik - if a government wanted to destroy bitcoin - or any cryptocurrency - all they need to do is pass a law, then enforce it. It wouldn't be hard. And IMO, it's going to be inevitable, because neither governments nor banks will want to deal with the loss of power. – davidbak Oct 02 '17 at 23:49
  • @davidbak No single government can destroy bitcoin for the same reason they can't destroy the Internet. They could disconnect their own country from the system, to the extent their enforcement actually worked. – David Schwartz Oct 03 '17 at 00:11
  • @DavidSchwartz. Why it wouldn't work? 2015 blocks are created every 2 weeks. Let's suppose I have super-puper computer at home, thousands of times faster that current bitcoin network of all the nodes within it. With my super-puper computer I could create 2015 blocks of last 2 weeks in a few minutes. Then I will create another 2015 blocks , my chain of blocks will be larger and it will accepted. And probably only after that my super-puper computer will have difficulties to calculate new blocks due to the difficulty. Why do you say it is not possible? Theoretically it is. – Nulik Oct 03 '17 at 03:36
  • @DavidSchwartz and you would erase 2 weeks of transactions this way. What a horrible technology is this blockchain algorithm if you can lose transactions you made in the past – Nulik Oct 03 '17 at 03:38
  • @Nulik There are a number of reasons that won't actually work. Ask your own question and I'll explain it. – David Schwartz Oct 03 '17 at 04:16
  • @DavidSchwartz, okay, here it is: https://bitcoin.stackexchange.com/questions/60234/rewriting-past-transactions-in-bitcoin – Nulik Oct 03 '17 at 05:01
0

It would take the power out put of a 30GW power plant for 3months and 49 qibits running of GPU to start from the gen block Jan 3rd 2009 up to date giving 2 months of mining the chain into oblivion. Thus collapsing the bitcoin.

"IBM has come up with a way to simulate quantum computers that have 56 quantum bits, or qubits, on a non-quantum supercomputer – a task previously thought to be impossible."

Set back and watch for a time and price a GOV backed attack takes place and evaporates the bitcoin barter business. In return causing a market dump of all blockchain and etherum platted trade.

user63631
  • 1