On the nature of 51% attacks and pronged cutlery

Ross Nicoll bio photo By Ross Nicoll

Sorry everyone, this one's going to be very serious again, and I'm going to start with administrivia. First of all, a few people have mistake me for lead deveveloper recently; I'm not, I'm just the one that's more vocal and therefore gets attention. /u/langer_hans is lead dev, and has been working on the coin much longer than I have.

Quick reminders of a couple of things; for new shibes getting started with the main client, you can download a  blockchain boostrap file which helps you get going faster. So Chain is hosting instructions (https://bootstrap.chain.so/), and copies of the bootstrap.dat are hosted by themselves and Moolah (see links on that page). We've also seen a few people asking about the 1.7 release; yes it's out, no you don't have to upgrade, but it does seem a lot faster to us, so we would encourage upgrading. Also there is a mailing list for announcements of upcoming client releases at https://lists.sourceforge.net/lists/listinfo/dogecoin-releases which I would recommend subscribing to.

So, yesterday /u/lleti asked about an idea to see if there was community support for it. A developer asking does not mean something is going to be done. Even if it was done, it does not mean you have to follow (I'll talk about that in a moment). Feedback to date has been overwhelmingly negative, though, so consider the idea abandoned.

A few people asked have why the idea was suggested; the intent would be to remove sharp shocks from the mining schedule, and spread it over a longer period of time in order to give adoption of Dogecoin a chance to catch up. One thing I'm not sure was clear was that there was consideration of changing block time to reduce the resulting inflation. As said, we're not seeing community support for it.

Talking of adoption; /r/dogecoin has just ticked over 87,000 subscribers. Some Dogecoin users don't read the subreddit, some subreddit readers don't use the coin, but lets use that as an estimate for user base. That's huge for a coin that's 6 months old, and tiny in terms of an Internet service. And it's worth remembering Bitcoin is 5 years old, Litecoin 2 years. Peercoin, almost 2 years. That's the coins we're in the midst of right now. The developers are cautious of making big technical changes because we want to stabilise the coin so the more cautious companies can know the coin is rock solid, and encourage them to get involved.


So, everyone's been all about the price this week, and while I hate talking price with you guys, I need to as background on a lot of other stuff. So, the DOGE/BTC price is down, yes. DOGE/USD also a bit, but much less. DOGE/DOGE still solid, though. We're Dogecoin, though, the price shouldn't matter... well, agreed, but it's worrying people, and in particular there's a lot of people worrying the price drops will lead to a 51% attack. So lets talk about 51% attacks, and lets also talk forks.

A 51% attack is where someone gains control of over 50% of the hashrate of the network, and maliciously uses that hashrate to make their own private blockchain which grows faster than the default blockchain. The malicious part is really important here; it's an attack, not something that happens accidentally. In doing this, they can spend money on the current blockchain, then release their private blockchain. The network sees the longer blockchain and moves to it as part of the fork handling code (note the fork, it's important). This effectively reverses the spending of Dogecoin that they've done.

Note that this is only really an attack on exchanges, as the attacker has to get their Dogecoin into another form (i.e. Bitcoin) before the transaction reverses, or the whole thing has no effect. So far, no exchange has communicated any serious concern about a 51% attack on Dogecoin to myself, and I am unaware of them having done so to any other developer.

The concern over price is raised because as Dogecoin rewards per  block diminish over time (which they continue to do for the next 6 months or so), the payments to miners become less valuable (in USD/BTC terms) unless the price goes up. Many of our miners are here to support the coin (with thanks to /r/DogecoinDefenseForce), but some are just here for the money, and people worry that losing them will make it easy to 51% attack the coin.

So how does one a get enough mining power to 51% attack a coin? I mean, our hashrate is in the 40-50GH/s range, how do you get 51% of that (or more, if it's a group not currently mining us)? Well, a hacked mining pool is the main scenario that worries people; it's considered unlikely any mining pool would decide to attack their own funding source (and the big pools are making big money through entirely legal means). When Bitcoin had the same problem back in January, there was a major push to adopt what is called p2pool , which is a distributed alternative to conventional mining pools. There's been a few issues with p2pool and Dogecoin which is part of why it's not more widely used, but I'd really like to see more people looking at it, and talk to the devs about what (if anything) it needs for wider adoption. Ideally I'd like to get all new miners picking up p2pool, so if anyone wants to help with tutorials that would be awesome.

A number of other ideas (apart from p2pool adoption) have been proposed; change proof of work, change to proof of stake now, change to proof of stake later, merged mining, multi-protocol mining... all of these have something in common, they require that we fork the coin.

Now, a deliberate planned and controlled fork is quite different to a 51% attack fork, but that does not mean that it's risk free. One scenario would be a disagreement with the developers over path the coin is taking (as we're seeing with the tapering suggestion), and the community not updating, leaving the developers on their own very small fork.

Other scenarios could include significant numbers of exchanges stuck on the wrong "prong" of the fork for an extended period of time. We've had at least one exchange get "stuck" for days or weeks on every fork so far, causing significant confusion and distress to those trying to send coins to or receive coins from the exchange. Same for merchants, who might report not receiving coins if they or the sender are on different forks.

Although unlikely, it's also possible that the fork would introduce a serious bug. There are a number of coins which have been PoW at launch and intended to move to PoS shortly afterwards, and failed to actually switch. Certainly any such change is not without its risks.

Lastly, on a personal note, I'm going to be focusing primarily on co-ordination and communication from here on in, rather than working on the code base directly. I'd like to give a shout-out to our many other devs, there are far too many people now involved to name them all, but  /u/langer_hans as lead developer, /u/leofidus-ger, /u/patricklodder have all worked extensively on the 1.7 client. Go give them a hug! If any of the community want to get involved with development, please do swing by #dogecoin-dev on IRC Freenode and we can help get you started.