Will botnet mining be a worse problem than ASIC mining?

I think it is also worth pointing out that even though it looks like most botnets now are smaller, that is an illusion. Bot masters are deliberately keeping botnet sizes small, but they are able to exercise coordinated control of the multiplicity of them. The problem for them with very large botnets is that they attract more attention and more effort to bring down. Keeping them small reduces the incentive for bringing them down, and reduces the damage if one does fall. When looking at the many small botnets, one should assume that they may have the same owner who can coordinate them. This fact is very significant with regards to the possibility of a 51% attack if they mine zcash.

Here are two references to support the position that the many small botnets may have a central controller.

http://www.worksmanagement.co.uk/information-technology/news/botnet-swarms-are-shrinking-to-avoid-detection-confirms-finjan/11624/

http://www.internetsociety.org/sites/default/files/Army%20of%20Botnets%20(Ryan%20Vogt).pdf

Here is a historical look at 9 of the worst botnets.

If any botnet the size of those mines zcash, they would easily be capable of controlling the blockchain. Furthermore, it is possible that such a large scale botnet currently exists, disguised as many small botnets. Lastly, if such a botnet does get control of the blockchain, doing a hard fork to change the algorithm will not be possible if it requires the consensus of miners. If botnets gain control of the blockchain, they will not cooperate with any fork which would reduce their control of it.

2 Likes

If there is an illegitimate %51+ mining effort that promotes a blockchain fork with invalid blocks, won’t that just cause the rest of the network, small as it may be, to pursue the valid fork?

“Too big to fail”. Miners = bankers if they start dictating law. What business do gold miners have in Washington D.C.? When fake money was printed with derivatives of nothingness, instead of letting the banks fail with a hard fork after their 51% attack, we just gave them massive amounts of cash in the form QE to take the toxic assets of their balance sheets to place them on the backs of the taxpayers. The total bill was $30 Trillion according to the audit of the Fed (see Michael Hudson, et al). The taxpayer validated the defunct transactions that occurred during the 51% attack because the coders agreed with the miners out of fear of a hard fork that would destroy the biggest miners. This contrasts with the S & L crisis of the 1980’s where we convicted 1,000 bankers of fraud-related activity

Is miner cooperation required?

Giving miners a vote in coding is the same as giving lobbyists a vote in government law. The excuse is that big industries understand the consequences of proposed laws better than the populace. The effect is that they gain at the populace’s expense.

1 Like

Yes, many botnets run on Linux. It would only take a couple hours for a typical botnet ‘admin’ to port the code to Windows. Mining takes place when users are idle so its almost impossible for them to notice…

Botnet mining takes place when the user is idle…

It was on slack a couple of days ago. Someone talking with str4d. It looked like he was in the “doing it for fun stage”.

@zawy Yeah, that’s me. I gotta stop using different user names. :grimacing:

If botnets are mining, how would you distinguish a block mined by a botnet vs a block mined by somebody else? The only identifier of the miner is IP address. Botnets can use a different IP address for every block they mine. The blocks will be legitimate blocks conforming to all rules of the blockchain. However, the botnet can just keep mining its own branch and ignore blocks from anybody else than itself, and it will still have the longest branch. It will know its own blocks, but nobody else will know how to identify which blocks are from the botnet.

The zcash devs could unilaterally declare a fork without the consensus of the miners, but that gets into an issue of blockchain governance which hasn’t been addressed. With any purely decentralized POW blockchain, any change would require a majority of mining power to cooperate. Any deviation from that means the blockchain has some form of centralized governance. Centralized governance might be ok, but goes counter to the ideology accepted by a lot of people participating in blockchains.

If we have centralized governance administered by the zcash devs, then we might as well foregoe mining altogether, and just make it a permissioned blockchain. The zcash devs could maintain a list of PGP keys on their approved web of trust, and each approved keyholder would have a random chance of signing the next block.

1 Like

You’re making good points. They can hide from users and I.P. blocking can’t stop it. Is it like Miki said, easily ported to windows by someone skilled in botnets?

BTW, A few big miners dictating things to devs is also central governance. If done properly, the consensus of nodes is “might is right”.

That developers retain the power to change everything has always been a sticking point for me when people claim cryptocurrencies have no central, governing, middle agent. The big difference is the activity is out in the open. Less room for abuse. So it makes me wonder about Zcash not having ledger that can be audited to assure the public that hackers have not increased the number of coins.

Again, if users are not harmed enough to be aware their computer resources are being stolen, and if it makes the coin available at a lower price, and if it secures the network by being even more widely distributed (assuming there are a lot of botnet operators competing), where’s the harm? People interested in this coin want it to be anonymous no matter how much crime is committed by that virtue. Why should they care about a botnet, especially if it lowers their cost?

People interested in cryptocurrencies want most of government to not exist, and they generally seem aggressive in their pursuit of capital gains profit without having to work for it, even preferring to own the keyboard credit of digital bits on a blockchain instead of stock in a company that produces something for society. They do not want too much government that protects them from others, especially if it lowers their privacy. So based on the deeply-personal philosophies of the creators and users of Zcash, I see little that would motivate them to be too concerned about anonymous theft from botnets as long as it does not hurt the coin itself.

The axioms “privacy” and “government is bad” produce wonderful systems of logic that allow much more individual freedom, personal responsibility, and strong capitalistic values. We call these systems “Africa” and “Latin America”.

We call those systems “Africa” and “Latin America”.

No, you do that, despite the prevalence of the worst forms of government in those geographic areas. You look at black and call it white because endless reification is easier for you than escaping your collectivist narrative.

Given your objections to the general concepts and practices of crypto currency, and Zcash in particular, why do you intend to participate? Aren’t your moral values worth standing up for? Or are you in the habit of putting them aside?

I participate because it is the most profitable legal route for me.

In what way would botnets hurt Zcash’s objectives if there were many of them competing in a way that was just as effective as any in preventing a 51% attack? I can’t think of any. It would reduce anything I could make from CPUs. They would also reduce the value of Zcash’s founder’s coins as the botnet operators could sell coin on exchanges for a lot less. It’s kind of ironic: the most expensive coin to produce results in the most profit for the founders. It’s an inherent measure of value. I’m sure we all have moral qualms about the pollution and waste, but when it’s built into the devs profit, who can blame them if they try? Botnets are reducing pollution by using computers that were already on. Maybe it’s morally wrong to be against them. ha ha

Centralized and decentralized governance are like yin and yang. One moves into the other and back again in an eternal cycle. When things become too centralized, the administrators become corrupted by power, and then the people revolt, and things become decentralized again. When things are too decentralized, any problems that need a centralized solution go uncorrected, and such problems build up until people welcome a central authority again to solve these problems. An ideal governance needs to balance power between centralized and decentralized administration, so that they stay in a dynamic equalibrium. The triune governance model of executive, legislative, and judicial branches as implemented by democratic voting for elected representatives, fails at the task of keeping a balance. The executive branch continually expands its powers unchecked. We need a different form of governance which successfully maintains a balance between centralized and decentralized power. POW blockchains go too far on the side of decentralized governance, and have difficulty with governance problems when they need a major change that would be easily implemented by centralized governance. We need a form of governance which successfully balances centralized and decentralized power. How to do this is as yet an unsolved problem.

Botnets having control over a blockchain will not save any electricity, but will waste more electricity. Also, if a single botnet has control over a blockchain, it will be able to double spend infinitely. It can spend its coins, and let that branch continue until the recipients release whatever was purchased, and then the botnet can grow a different branch where they spent the same coins to themselves at a different address. The botnet could do infinite spending by repeating this process over and over.

1 Like

Our thoughts on governance seem in agreement.

Wouldn’t a botnet that gained that much control soon kill the value of the coin and hence it’s own future profits? From the beginning the 51% has been the disclaimer flaw, but it was also said it may not make much sense to “kill the host”. People can see a 51% attack on bitcoin and can thereby abandon it. A pool once reduced its power because it was getting near the limit and did not want to rock the boat. Will Zcash be able to see a 51% attack if it occurs?

I agree that a botnet would more likely disguise and hide its ability to control a blockchain rather than kill the host. It would probably confine itself to mining only about half the blocks and would not do the 51% attack to invalidate other miners’ blocks even though it could. It would probably also not double spend even though it could. A 51% attack would become apparent if everybody finds that the blocks they mine always get invalided by another branch. It would especially be apparent to any mining pool which finds blocks fairly often, if all of its blocks start getting invalidated.

I don’t support the notion that would be just fine and we should just not care about it, and just stay blissful in our ignorance. In reality that situation would be dangerous and unstable. The botnet operator won’t rock the boat while things are going well for him, while he is able to take a long term view. If he starts having any kind of trouble he may shift to a short term view. In the short term, he can get more money faster by destroying the coin. Many things might cause a botnet operator to shift to a short term view. Maybe his botnet is getting taken down. Maybe the law has caught up with him and he needs money to pay his lawyers. Maybe a rival gang is taking over his territory. Maybe he is dying of cancer and doesn’t have a tomorrow to worry about. Maybe he overdosed on drugs and is losing his mental facilities. Having the whole system be at the mercy of one criminal is the worst kind of centralization. The whole point of decentralization is to have a system which is not at the mercy of one person. In the case of a botnet having a hidden ability to control a blockchain, the whole system would not only be at the mercy of one person, it would be at the mercy of the worst kind of person, a criminal, and that vulnerability would be a hidden, unknown risk. People would be blissfully ignorant, thinking that they were using a safe decentralized currency, and then suddenly the criminal could destroy the value of everybody’s currency.

Wouldn’t a functioning full-node wallet detect invalid blocks?

Blocks mined by a botnet would be just as valid as any other blocks. A full node wallet has to allow competing branches to exist at the same time, and does not have any way to distinguish one branch as more valid than another, except by length of the branch. A branch which is shorter can grow and come from behind to become the longer one.

1 Like

When people talk about a %51 attack to facilitate double spending, aren’t they necessarily talking about invalid blocks?

There is a difference between a block being valid and being accepted as part of blockchain history. The blockchain can fork into two different branches, both of which contain valid blocks, but only one branch will be considered to be blockchain history and the other branch will be abandoned because it is shorter. I may have caused confusion when I said the botnet could cause blocks to become invalid. I should have said it could cause blocks to be abandoned.

1 Like

This paper by Michael Neilsen was part of my path to understanding Bitcoin, and what is meant by blockchain forking and how double spending can happen. It is an explanation of how blockchains work, starting with a simplified “infocoin”.

http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/

Hopefully this will help you understand how a 51% attack would work. If Alice has enough computing power, she can double spend.

Yes, many botnets on Linux. In fact, most recent prolific DDoS attacks were run by Linux devices, and “admin:password” is very frequent login combination in the Linux world.
Linux system code is written by amateurs and has generally low quality and very little testing. Just today a critical bug has been discovered that affects billions of devices Dirty COW - Wikipedia.
For most devices where it exists, this bug will never be patched, due to non-existing update mechanisms in Linux, making all those devices available for use in botnets.