By Ashish Rajendra Sai
Article: “Merged Mining: Curse or Cure?”
Authors: Aljosha Judmayer, Alexei Zamyatin, Nicholas Stifter, Artemios Voyiatzis, Edgar Weippl
Affiliation: SBA Research, Vienna, Austria
Article Category: Security
Why this article? : As discussed in our last installment, Proof-of-Work consensus algorithm acts as the backbone of prominent cryptocurrencies such as Bitcoin and Ethereum. The security of Proof-of-Work heavily depends on the control of computing power in the network. If an attacker is able to control over 50% of the computing power in the network, they can perform the double-spending attack.
In a double-spending attack, the attacker attempts to spend the same coin twice. As Bitcoin is considerably mature with a very high computational power required to perform a double-spending attack, it is considered safe. However, other newer cryptocurrencies such as Namecoin that are based on the Proof-of-Work that use the same cryptographic primitives are vulnerable to the high computational power of bigger cryptocurrencies like Bitcoin. These small cryptocurrencies came up a clever way of circumventing the issue of being overshadowed by the large computing power of Bitcoin and similar currency. They implement something known as “merged mining.” In merged mining, the miners operating on Bitcoin can use the same work on the smaller cryptocurrencies such as Namecoin.
This clever solution is not without its own issues; one of which is the high degree of dependence on the larger cryptocurrency. The article that we review this week aims to look at the security issues related to merged mining.
Background: Merged mining refers to the process of performing mining on multiple Proof-of-Work cryptocurrencies at the same time. This process is considered beneficial because it helps in reducing energy wastage. A less understood side of merged mining is its impact on the security of the cryptocurrency that adopts merged mining. The shortlisted article reviews prominent merged mining based cryptocurrencies and reports that these cryptocurrencies are often operated beyond the level of security provided by classical Proof-of-Work.
Attacks on Blockchain: Most of the attacks devised on the Proof-of-Work blockchain rely on the consensus power of the attacker. These attacks include selfish mining and double-spending attacks. An attacker with more than 26% consensus power can easily conduct a selfish mining attack.
This type of attack is particularly interesting from the perspective of merged mining cryptocurrencies as most of the mining on merged cryptocurrencies is performed by mining pools. The authors analyze a number of merged mined cryptocurrencies to determine if merged mining leads in power concentration. In the following text, we overview the methodology employed by the researcher.
Methodology: The authors first identify prominent merged mined cryptocurrencies, including Litecoin, Namecoin, Dogecoin, Huntercoin, and Myriadcoin. After the identification of the target cryptocurrencies, the historical mining data is retrieved by either using a public API or crawling through the blocks. This historical data is used to attribute blocks to a mining pool. This attribution process is formally defined as the “Block Attribution Scheme.” The block attribution scheme aims to identify the miner of the block by examining the public coinbase address of the miner. More details on the block attribution scheme can be obtained from the paper. After the identification of the miner of the block, the authors examine the trend of mining over time.
Results: The authors report that when the target cryptocurrency adopts the merged mining, it sees a significant increase in the overall difficulty as miners from the bigger Proof-of-Work chains indulge in calculating the proof. This growth in the difficulty of mining is considered a security attribute. One surprise finding is the fact that only big mining pools indulge in merged mining on a large scale. This high concentration of computational power in the hands of a few may be contradicting to the decentralized manner of the blockchain. The authors also propose a possibility of security threats due to the domination of mining pools over these small Proof-of-Work cryptocurrencies.
Implications for the greater blockchain community:
This article serves as an important step towards understanding the wider impact of design choices for newer cryptocurrencies. A high difficulty for mining is a prerequisite for ensuring security; thus, newer cryptocurrencies are trending towards the concept of merged mining. Irrespective of the benefits of merged mining, the cryptocurrencies may suffer existential threats due to the power concentration. This power concentration essentially translates to trusting the big mining pools that they will remain honest.
In this quest of usability and security, what do you think is a better design choice? Would you favor a less decentralized cryptocurrency that adopts merged mining?
Check in each Wednesday for digestible insights surrounding the most influential research publications in the crypto/blockchain domain.