How to Detect Selfish Miners

Wij often get asked if there is anyone engaged ter selfish mining right now. So let’s discuss the telltale signs of selfish mining, how one might go about detecting them, and what the inherent limitations are of different detection technics.

Good Indicators of Selfish Activity

There are two distinct network signatures of selfish mining:

Number of abandoned (orphaned) blocks is a strong indicator of selfish mining activity. The entire idea behind selfish mining is for the selfish pool to outcompete the work of the fair pool. And this will leave behind a series of discarded blocks, where either the fair man’s work wasgoed wasted, or the miner took a slight risk and failed. Since every block wedren will leave such detritus behind te its wake, one could just count the number of such abandoned blocks to see if the rate is stable overheen time. A rise ter the rate would indicate that a selfish mining pool is operating ter the network.

The problem with this treatment is that abandoned blocks are pruned inwards the Bitcoin network, so it is very difficult to get a definitive count. A measurement device that connects to the network from just one or a few vantage points may very well miss abandoned blocks, and it may erroneously give the impression that everything is fine when there are fierce battles being fought out inwards the network. I am not sure how well blockchain.informatie is connected, but no web service can be everywhere at once to detect every single orphan, so I take its count of orphans with a large grain of salt.

Timing of successive blocks provides a hint that someone is engaged ter selfish mining. Two blocks te close succession should be a zonderling occurence with the fair protocol, and more common when someone is quickly releasing selfishly mined blocks ter order to squash the fair miners.

By ",close succession,", wij mean within seconds or perhaps a minute or so of each other. The particular case wij’re detecting is that of a selfish miner who publishes a chain of length two to squish a single block discovered by an fair pool. This corresponds to a particular transition ter the selfish miner state machine, it is just a subset of the selfish miner’s activity, the ",double-down-and-squelch", act that a miner can engage ter only when it is two or more blocks ahead.

One could detect this doubling-down screenplay by looking at the timestamps on successive blocks te the blockchain. Since mining is essentially an independent random process, wij’d expect the interblock time gap to be exponentially distributed. Any deviation from this expectation would be suggestive of selfish mining.

The problem with timing gap analysis is that it is a statistical test, and it may take a fair bit of selfish mining activity before it detects that something is amiss.

Bad Indicators of Selfish Activity

Note that ownership of succesive blocks is not a good sign of selfish mining. This is partly because a miner can mine selfishly, and profitably, without mining two blocks te a row. It’s also partly because it’s too effortless to hide the true holder of a block.

Worried Bitcoin enthusiasts were worried about selfish mining when the BTC Guild mined Four blocks te succession recently. If you examine the blockchain cautiously around the time of this occurrence, it looks like thesis blocks were released within minutes of each other, too far speciaal te time to indicate selfish behavior, and without any evidence of a corresponding orphan. This kleuter of successive mining by a given pool is kleuter of like throwing a coin and getting 6 goes ter a row, it’s uncommon, but it’s strapped to toebijten every so often ter a long sequence. Timing, not ownership, of succesive blocks is the better indicator, ideally coupled with detected orphans at the same time.

Selfish Countermeasures

Spil a result of the enlargened awareness of our findings, it is now inconceivable that someone could engage te selfish mining without facing some kleuter of backlash. So, any good selfish miner worth hier salt will want to do so clandestinely. To stay one step ahead of the attacker, it’s worth thinking about what she might do:

If the detectors examine block ownership, the attacker can lightly voorkant hier tracks and cloak hier identity. She’d use different Bitcoin and IP addresses, she’d tumble hier payouts before using them, and generally masquerade spil N separate pools. Each of the N separate pools would look like they are rivaling with one another, and they would each look like they are too petite to matter, and too puny to successfully launch a selfish mining attack. But behind the scenes, and unknown to the public, thesis pools would be coordinated by the same single entity. Outing such collusion is difficult, and this is one of the main reasons why block ownership is a bad indicator.

If the detectors examine block timing, they are ter effect detecting just a subset of the behaviors of a selfish miner. Spil shown te the state diagram te our paper, a selfish miner makes money by various different schemes, corresponding to different transitions of the state machine: sometimes she exposes Two or more blocks to squish an fair miner’s single block (this is what the timing detects), and at others, she exposes a single block and competes head-to-head inwards the network (this behavior is more common and would be undetected by the timing detector). A selfish miner determined to hide hier activities might forego the former behavior to remain below the radar. She would make less money, but she’d remain undetected.

If the detectors examine abandoned (orphaned) blocks, the attacker is aided by the current behavior of the network where abadoned blocks are silently pruned and discarded, which makes accurately counting orphans unlikely. Ter essence, the Bitcoin network is helping the attacker to ruin the evidence of hier activities. If the protocol were to be modified to propagate every solved block, this countermeasure would be mitigated. Such propagation of all viable block solutions would not pose any denial of service or excess stream, spil block solutions are fairly zonderling and, by vormgeving, very difficult to compute.

All of this shows that detecting selfish mining is possible, but difficult to perform accurately. So, no one can definitively voorwaarde that selfish mining is or is not taking place.

Current Evidence

That said, both wij and others have bot looking for suggestive evidence of selfish mining. Te particular, Matt Springer has done a fascinating timing gap analysis. You should read his analysis, but since he exposes the punchline ter his very first sentence, I’ll mention it rihgt now: Fortunately, the evidence so far indicates that selfish mining is not taking place ter Bitcoin. Let’s hope that things remain this way for the foreseeable future.


Wij originally described the Selfish Mining attack on Bitcoin, where an attacker can spel Bitcoin and mine more than his fair share of coins.

Some members of the Bitcoin community, te a madness to the moon, did not want to acknowledge that the Bitcoin protocol could be game-able and funded the development of an independent simulator whose subtext wasgoed to showcase the error of our ways. That simulator confirmed our findings.

BTC Guild got fortunate and discovered numerous blocks te a row, most likely without selfish mining.

Related movie: تعدين البتكوين عبر الشركة العالمية ودخل شهري قار مع hashocean

Leave a Reply