Using Discreet Log Contracts To Attack Bitcoin Forks

Currently, various factors disincentivize attacks of minority chains; DLCs might create a workaround that returns the incentive to these attacks.
Currently, various factors disincentivize attacks of minority chains; DLCs might create a workaround that returns the incentive to these attacks.

Currently, there are many blockchains with miniscule amounts of hash power compared with Bitcoin’s, and yet, they rarely see attacks. I believe that this is because of external factors that prevent miners from taking advantage of this potential revenue stream. Discreet Log Contracts (DLCs) are a method to mitigate these external factors so that miners have the ability to attack minority blockchains.

The Problem

If one wanted to attack a minority blockchain (e.g., BSV), the current best way would be to steal bitcoin from an exchange. This could be done by depositing some BSV into an exchange, selling it for bitcoin, withdrawing said bitcoin, and then executing a 51% attack such that the original BSV deposit never happened. At the end of this, the attacker has received Bitcoin without having to spend any BSV.

There are a few problems with this attack scenario that make it difficult to execute. One is that most exchanges require know-your customer (KYC) procedures for trading and withdrawals. This means that if such an attack were perpetrated on a blockchain like BSV, the exchange could see exactly who was doing it. Another problem is that the attacker would clearly be stealing from the exchange, which is immoral, and it could destroy a miner/mining pool’s reputation if they were to execute such an attack.

Collectively, these factors mitigate and arguably remove the incentives that large-scale miners would need to find such attacks to disrupt minority blockchains worthwhile.

Solution

DLCs provide a way to establish contracts on Bitcoin that are contingent on a set of oracles’ attestations. If one wanted to attack minority blockchains, it would be useful to be able to bet that they will experience 51% attacks, or to better quantify such attacks, one could bet that a blockchain reorganization (reorg) greater than or equal to 100 blocks will occur. Once a miner has made such a bet, they have an economic incentive to attack the minority blockchain, as it would allow them to receive the payout without having to steal from an exchange. Such a miner could then attack the blockchain themselves to force a 100-block reorg to occur, after which the oracles would attest that the event occurred, and the miner could then claim their reward by executing the DLC. Thus, the miner could attack the minority blockchain and get paid for it while not having to steal from anyone.

The only thing missing is that the miners need someone to fund the other side of this contract by betting that the minority blockchain will not experience a large reorg. Anyone could take this bet, whether holders of the actual coin or simply gamblers. The non-malicious miners of the target blockchain would have a large incentive to take this side of the bet, as they are the defense system that prevents these large reorgs from happening. In the event that the attacker fails, or no attack ever comes, the bet would provide free extra income for the minority blockchain’s miners.

If a market developed around this, it could create a signalling mechanism that would show when a block reorg attack is about to occur. If a miner were about to execute a large reorg on a blockchain, they would likely purchase any available contracts betting that the reorg will occur. This mass buying of the contracts could signal to the market that a reorg is coming, and entities like exchanges could temporarily halt deposits and withdrawals to mitigate risk.

In summary, today Bitcoin miners do not have a way to profit from attacking minority blockchains without stealing from a regulated entity. DLCs provide an alternative that could function as a marketplace for pricing the cost to attack minority blockchains.

This is a guest post by Ben Carman. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc. or Bitcoin Magazine