| ▲ | apercu 4 days ago |
| In all seriousness, can you explain why the "impact of doing so is disputed". In my laypersons understanding, if you control ~51% of the hashrate you can outpace everyone else in producing blocks, which means you can change (reorganize) your blockchain history which means the ledger isn't trustworthy. Right? |
|
| ▲ | PhilippGille 4 days ago | parent | next [-] |
| It's worth being precise here: - The attacker can doublespend their transactions if their hashing power is high enough to create more blocks than what the recipient is waiting for. E.g. you buy a lambo, the shop waits 10 blocks after the tx is in a block and gives you the lambo, then you create a longer chain with 11 blocks to replace the other one, and don't include the original lambo tx. 51% of hashing power is enough to create new blocks, but not enough to create 11 alternative blocks. That requires more hashing power. - The attacker can prevent other transactions from landing in a block, as long as they have majority - But the attacker can't create fake transactions (e.g. if they only have 1k Monero, they can't create a tx with 2k Monero). Because all nodes (not only miners) still verify the transactions - And the attacker can also not steal your money, because they don't have your private keys |
| |
| ▲ | apercu 4 days ago | parent [-] | | In my head I kind of simplified it - if I can reorder the blocks in my history I can "reverse" a transaction, like "erase" that I bought a lambo yesterday so today I have not only the lambo, but the money that was in my account before I bought the lambo, too. But maybe me trying to over simplify and missing the forest for the trees (this is very much not my domain). | | |
| ▲ | Ekaros 3 days ago | parent [-] | | My understanding is limited. But in addition to not making transaction "not happen". It is better to make new transaction for money. As the transaction would still be valid later and could be included later. Thus "double spend". |
|
|
|
| ▲ | corimaith 4 days ago | parent | prev | next [-] |
| That's the point, you can only change YOUR history. From the perspective of future merchant, that's the trivial to deal with. And for existing transactions, you'd need the value of the goods from the transactions to exceed the cost of controlling to network to be worth it. But what kind of goods that can be transferred so quickly be worth that much? |
| |
| ▲ | xnorswap 4 days ago | parent [-] | | Maybe there's more resilience to prevent chain swaps now, but my understanding of the original blockchain algorithm is that: At block N someone could start to privately mine (empty) blocks. They keep mining in private until block N+x is public, at which time the private (51%) chain is length N+x+1. They then announce their longer chain. By the protocol, this longer chain (technically "most work" chain) is the more trusted one, and undoes any transactions in N+1 through N+x. | | |
| ▲ | SamPatt 4 days ago | parent [-] | | More or less, but the private chain doesn't need to contain empty blocks. A more sophisticated attack would include all the legitimate transactions on the network except for their own transaction(s) which they're trying to double spend. That way the network isn't disrupted apart from the parties you're double spending against. | | |
| ▲ | xnorswap 4 days ago | parent | next [-] | | Indeed, but I was arguing that the parent claim that "only your transactions" could be affected was false. It's true that you can't synthesise false transactions, but you can undo anyone's transactions, not just your own. | |
| ▲ | LikesPwsh 4 days ago | parent | prev [-] | | That way you can also claim 100% of mining rewards with 51% hash rate. | | |
| ▲ | _3u10 4 days ago | parent [-] | | How? If that were true you’d also be able to get 50% of block chain rewards with 25.1% of the hashing power. But you can’t because it isn’t true. | | |
| ▲ | Sohcahtoa82 4 days ago | parent | next [-] | | If you control 51% of the hashing power, that means you can solve more blocks than the entire rest of the network combined. Even if other nodes on the network solve a couple blocks before you, statistically, you will eventually create a longer chain of blocks and the network will switch to your chain. But your chain has every block solved by you, giving you all the block rewards. That's the magic of the 51% attack. You gain control of the blocks. Because that extra 1% isn't a HUGE margin, it may take a while for your chain to become the winning chain, but theoretically, it will happen. | |
| ▲ | dbdr 4 days ago | parent | prev [-] | | You only mine blocks on top of your previous blocks, ignoring blocks produced by the 49%. Since you have 51%, your chain is the longest over time, so you have 100% of the mining rewards. You can't do that with 25% (or even 40%) hashrate. |
|
|
|
|
|
|
| ▲ | 4 days ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | the_sleaze_ 4 days ago | parent | prev [-] |
| Yes. |
