A handful of major mining pools now control Bitcoin's hash power, making the network more vulnerable to attack. This concentration hasn't triggered many actual exploits (though some classify SegWit2x
A handful of major mining pools now control Bitcoin's hash power, making the network more vulnerable to attack. This concentration hasn't triggered many actual exploits (though some classify SegWit2x as one), but the risk grows when considering protocols built on top of Bitcoin, such as the Lightning Network and various sidechains.
Matt Corallo, a Bitcoin Core contributor and developer at Chaincode Labs, has spent months promoting BetterHash as a potential solution. During an interview on Peter McCormack's What Bitcoin Did podcast, Corallo explained the risks of mining concentration and what his protocol offers to address them.
The central question, according to Corallo, comes down to a single principle. "I think the key, kind of, trust model in Bitcoin is ultimately that hashpower is decentralized enough that no one, kind of, takes full control over it," Corallo said. Without that decentralization, problems compound.
Corallo identified transaction censorship as the most direct threat. Miners who refuse to include certain transactions create obvious problems. Second-layer networks face greater danger from transaction censorship. "This idea that some group of miners might either be forced to, might decide to, might because of a technical bug, or whatever not include certain transactions could result in people losing money [in the case of the Lightning Network and sidechains]," Corallo explained. The Lightning Network's security model depends on users' ability to broadcast specific transactions when others attempt fraud.
Censorship also undermines fungibility. If miners maintained a blacklist and rejected transactions from certain addresses, those coins would hold no practical value.
The mining protocols running today contain another vulnerability. "They're completely unauthenticated, they're not secure in any way (they're not intended to be), and it would be rather easy for someone to hijack a large percentage of Bitcoin hash power for some medium to short period of time," Corallo said. With sufficient stolen hashpower, an attacker launches a 51% attack, mining empty blocks, reversing transactions, or suppressing specific transaction types. "When you have more miner centralization and more centralized control, it just makes the system much more brittle," Corallo added.
BetterHash restructures how mining works. The protocol gives individual miners control over which transactions get included in blocks. Pool operators lose that authority, which removes pools as potential attack vectors. Decentralization no longer depends on how hashrate distributes across pools. Corallo has said that miners could direct all of Bitcoin's hash power to a single pool running BetterHash, and mining would remain decentralized.
Getting pools to switch presents its own challenge. Corallo first posted about BetterHash on the Bitcoin development mailing list in June 2018, and adoption has remained slow. Switching provides no financial reward. Pool operators would need to rebuild their infrastructure from scratch. "It requires mining pools to restructure their code to support a whole new protocol essentially — potentially run a completely parallel infrastructure, so they have to essentially run two mining pools. Existing mining pools have done a ton of work on optimizing their infrastructure and making sure everything is really well tuned, and now I'm showing up and asking them to run a completely parallel infrastructure for no additional money and less control," Corallo said.
Corallo believes most pools have no interest in maintaining strict control over mining operations. Slushpool and Poolin, for instance, have indicated they would prefer individual miners hold that authority. Still, obstacles remain. Pool operators worry about whether enough miners want this change. Technical implementation would require substantial effort. "They'd love to see something like BetterHash exist, but of course there are practical challenges in terms of actually getting customers who want to do this. And so, there's questions about customer demand, and of course just the technical reality of having to run this thing is steep. And so, there's a steep cost, and so seeing that kind of customer demand would go a long way to convincing folks to want to spend all of their time to build this. But of course, it's also just going to be slow, right? Because engineering takes awhile, and so getting that kind of adoption is just going to take people awhile," Corallo said.
Conversations on this topic continue. "I am talking to some folks," Corallo said. "Hopefully we'll get there. We'll see."
