Bitcoin, like all currencies, is an exercise in faith.
It's valuable because people agree that it has value. It's secure because miners are incentivized to organize transactions and finalize blocks, distributing it across more nodes and eliminating centralized points of weakness. The project began with a whitepaper that inspired belief in a currency free from censorship and control, and the more people who supported that idea, the more powerful the idea became.
The system is carefully engineered to become more valuable and unassailable as the community grows, with the need for trust and a centralized authority factored out. Instead of relying on any one group or person, Bitcoin is run by miners who are incentivized to protect the network at all costs.
Mining hashpower functions as a “vote” in the Bitcoin network, and miners vote for that which benefits Bitcoin because their income depends on it. In the event of controversial updates or other developer decisions, it's often the miners who have the final say.
The key role miners play was demonstrated through the most recent controversy to rock the cryptocurrency industry. Binance, one of the largest cryptocurrency exchanges there is, lost 7,000 BTC in a hack on May 7, 2019, and considered rallying the miners to “undo” the hack and restore the funds.
What Binance CEO Changpeng Zhao was discussing in the above tweet was a targeted reorg attack that would have rolled back the blockchain and allowed Binance to do the unthinkable - reverse the $59 million Bitcoin transaction.
While this suggested blockchain reorganization was never commissioned, it opened up a major debate about the nature and ethics of reorg attacks and whether or not Bitcoin truly is immutable. To understand the situation, we're going to dive into what the terms “reorg” and “reorg attack” mean before looking at what would have happened if Binance had tried to pull it off.
A reorg is a built-in feature of the Bitcoin network designed to deal with the issue of simultaneously mined blocks.
Because Bitcoin is internationally distributed with no fixed time zone, occasionally two or more miners will solve the next block at approximately the same time. It takes some time to broadcast block confirmations throughout the network, and in this time period, two versions of the Bitcoin blockchain briefly exist.
There are now two chains competing for validity. Whichever chain has the most hashpower behind it will add new blocks faster and become the valid chain. The block beginning the losing chain will become an “orphaned block” with no parent block connecting it to the main chain.
Any blocks that were added afterwards are also referred to as orphaned blocks, and the currency from these blocks is worthless.
These conflicts, which briefly reorganize the ledger history, are built into the Bitcoin infrastructure. Reorgs are a deliberate feature of blockchain technology, solving the problem of miners in a decentralized system mining the same block simultaneously.
However, it's possible for miners to attempt to exploit this feature in a reorg attack.
A blockchain reorganization attack occurs when miners collaborate to remove previously confirmed blocks from the blockchain.
Theoretically, a group of miners with 51% of the hashpower have a probabilistic chance of solving new blocks and adding them to the blockchain faster than anyone else. Let's say we have a fictional PoW network currently on its 999th block.In a reorg attack, a group of miners will begin mining a chain of blocks without broadcasting it to the network for confirmation.
A mining group with 51% of the hashpower could pick block 1000 as the point of attack and start mining a secret/private chain based on this block. This group will mine faster than the rest of the network so that when the public chain is on block 1010, the mining group could be on block 1011 (for example). Everything will run smoothly until the attackers broadcast their chain to the network.
When that happens, there will suddenly be two separate versions of every block from 1000 - 1010. The network has essentially forked, and this needs to be resolved.
In the event of a conflict like this, the network is designed to default to the longest chain, and a successful blockchain reorg attack would result in the original 10 blocks from 1000 - 1010 being orphaned and replaced with the new blocks mined by the attackers.
This attack could be used to double spend (spending funds, erasing the transaction from the record, and spending the same funds a second time), which is essentially what Binance was considering. It could also be used to censor certain addresses by blocking deposits or withdrawals and to disrupt the network in general. Bitcoin actually underwent a fairly major reorg in 2013 when the network accidentally forked due to a bug in a client update.
For six hours, there were two versions of the same blockchain (one running on client version 0.7 and another running on 0.8). The problem was solved when the developers reached an agreement with miners to combine the hashpower of major pools and orphan the 0.8 version of the chain along with the 600 BTC or $26,000 in block rewards, which was rendered worthless. Although, it was against the miners' best interests in the short term, a network split would have had a far greater long-term impact on their source of income.
Understandably, the reorg sparked debate at the time surrounding the issue of network centralization. While it saved the network, the situation highlighted the fact that it's technically possible to attack the network and undo confirmed transactions with enough collaboration from mining pools. However, whether or not that could or would happen today is a different story.
What a Reorg Attack Would Look Like Today
On May 7, when Binance found that 7,000 BTC, worth around $40 million at the time or $59 million at the time of writing, were missing, it's safe to say that the staff was desperate to see if there was any way of recovering the stolen funds.
The next day, Jeremy Rubin proposed a reorg attack as a possible solution to the problem, and Binance reportedly consulted with major mining pool operators to consider it. However, as we'll see, a reorg of that scale wasn't going to be as straightforward or publicly accepted as the 2013 reorg for many reasons.The idea was this:
- Mining pools begin to mine a private chain starting with the block right before the block containing the hacker's transaction on May 7.
- The private chain contains all the same transactions as the main chain except the hacker's transaction. The 7000 BTC are still in Binance's hot wallet on the private chain.
- To incentivize the miners to help, Binance sends funds to an address that it also owns and configures the transaction to include a major reward for the miners in order to make it more profitable to mine than the original chain.
- This results in two versions of the Bitcoin ledger temporarily co-existing, one in which the funds were stolen and one in which the funds were entered as an unusually high transaction fee payable to the mining community.
- Finally, the miners compete for the transaction fees, rewriting over 100 blocks of Bitcoin transaction history to do so and then orphan the chain where Binance's funds were stolen, completing the reorg. While Binance still loses a lot of money, hackers are discouraged from wasting their efforts on hacking a chain that is not immutable.
However, there are a number of problems with this reorg proposal.
Ramifications of the Binance Reorg
There are a lot of game theory elements to the suggested Binance reorg that made it potentially catastrophic. Below are the many different things that would have likely gone awry had Binance attempted to reorg the blockchain.
- 100 block reorg could be technically infeasible.
- The hacker could fight back.
- The miners could abandon reorg pools.
- The community could reject the reorg and implement a fork.
- A reorg of this scale could result in a major selloff as people would lose faith in the decentralization and immutability of the Bitcoin Blockchain.
The Binance reorg would have involved rewriting well over 100 confirmed blocks. Miners would have had to forego $10 million worth of orphaned block rewards at the very least, and the longer the reorg takes, the more expensive it becomes in terms of electricity costs and lost rewards.
A speedy reorg would require closer to 100% of the mining hashpower, not just 51%, in order to wrap things up quickly. Otherwise, the cost of the reorg would eventually exceed the potential reward being offered by Binance, leaving miners with little to no incentive to help.
Bitcoin Core developer Bryan Bishop stated that a reorg of that length would require a lot of “infrastructure in place already that you can quickly deploy to miners who already understand the situation and already know what this technology is,” adding that, “It would be impossible for Binance to do this after the fact.”
It's also important to bear in mind that the hacker could also offer high transaction fees to bribe miners.
The hacker's goal here would simply be to incentivize the miners not to do a massive amount of work and reorg the chain. It's actually a lot more technically feasible and cost-effective for the hacker to bribe miners than it is for Binance, as the miners would just have to accept massive tx fees and carry on mining as usual instead of engaging in a reorg that may not work and could harm the network.
Besides, even if miners could help Binance, would they really want to? Let's say the reorg was technically feasible, and the miners managed to mine a longer chain excluding the hacker's transaction. Suddenly, we're attacking one of the central tenets of Bitcoin - immutability.
For a currency relying on the public's belief in its value, the ramifications of a centralized exchange rewriting the blockchain could be very serious. It's very likely that a 100 block reorg would negatively impact public perception and price action, which would directly affect miners trying to run a business based on mining and selling BTC.
Even if mining pools agreed to a reorg, individual miners could abandon the pool (as happened with DeepBit pool in 2009 when it briefly gained 51% of the hashpower).
Finally, there's the fact that a reorg could actually lead to a hard fork. When Ethereum developers agreed to edit a smart contract to reverse a major hack, the community split in two, leading to a hard fork where those who disagreed with the decision supported the blockchain where the smart contract was left untouched.
The Bitcoin community believes in the values of decentralization and immutability and could take similar measures. If miners continued mining the original chain, it would never be orphaned and would create a hard fork instead.
In the End, Bitcoin Saves Itself
The reorg debate demonstrated that Bitcoin's design is holding firm against potential threats. Even if Binance incentivized the miners and the hacker did not, the miners are already incentivized by the network not to pursue short-term gains in favor of long-term profits. The security of Bitcoin is deeply rooted in it's economic system / model.
People mine the Bitcoin network to earn BTC. Supporting a frivolous reorg likely to tank the price of BTC and perhaps create a fork is simply not in the miners' best interests.
Over 10 years after the launch of the network, Bitcoin's secure design continues to function and protect it in the ever-evolving space of cryptocurrency and blockchain technology. Miners are the foundation of Bitcoin, and in mining, they're essentially voting in a democratic network. Convincing them to vote for something that damages their livelihood is always going to be extremely difficult, if not impossible.
For now, issue is resolved, and the Bitcoin network continues to uphold the standards outlined by the community - free from censorship and control.
If this article interested you in pursuing mining yourself, you're in luck - Honeyminer software allows you to instantly start mining whatever the most profitable altcoin is at a given time, converting the profits into Bitcoin! Try it out for free.