Year | 2015 |
---|---|
Author | Ittay Eyal |
Publisher | SSRN:SWIFT Institute Working Paper No. 2014-006 |
Link | View Research Paper |
Categories |
Bitcoin / Cryptocurrencies / Mining |
An open distributed system can be secured by requiring participants to present proof of work and rewarding them for participation. The Bitcoin digital currency introduced this mechanism, which is adopted by almost all contemporary digital currencies and related services. A natural process leads participants of such systems to form pools, where members aggregate their power and share the rewards. Experience with Bitcoin shows that the largest pools are often open, allowing anyone to join. It has long been known that a member can sabotage an open pool by seemingly joining it but never sharing its proofs of work. The pool shares its revenue with the attacker, and so each of its participants earns less. We define and analyze a game where pools use some of their participants to infiltrate other pools and perform such an attack. With any number of pools, no-pool-attacks is not a Nash equilibrium. We study the special cases where either two pools or any number of identical pools play the game and the rest of the participants are uninvolved. In both of these cases there exists an equilibrium that constitutes a “tragedy of the commons” where the participating pools attack one another and earn less than they would have if none had attacked. For two pools, the decision whether or not to attack is the miner’s dilemma, an instance of the iterative prisoner’s dilemma. The game is played daily by the active Bitcoin pools, which apparently choose not to attack. If this balance breaks, the revenue of open pools might diminish, making them unattractive to participants.