For Ethereum, EIP-1559 will undoubtedly be a very important improvement proposal. However, some people are worried about the potential 51% attack against EIP-1559. Do we need to worry about this?

I personally think that the threat of 51% attacks against EIP-1559 is not very big. Compared with the existing 51% attacks, the actual requirements for 51% attacks on EIP-1559 are higher and the potential benefits are less. Instead of participating in the attack, you can get more benefits.

Yes, you should be worried about 51% attacks, but not because of EIP-1559. The 51% of mining attacks that exist today are self-reinforcing, which means that once someone starts an attack, it is profitable to join the attacker.

But the 51% attack against EIP-1559 is not the case. In fact, it is to leave the alliance of the attackers, and it is always more profitable than joining them.

EIP-1559 Overview

EIP-1559 is a proposed change in the way that Ethereum processes gas pricing, so that each block has a fixed block-wide gas fee (base fee), which can be automatically increased/directed according to block space requirements Down adjustment. If the block is full, the base fee will increase, and if the block is not full, the base fee will decrease.

In order to prevent miners from forging the entire block (incorporating their own garbage transactions) to increase future income by increasing the basic fee, this basic fee will be burned instead of being given to the miner. Then, in order to incentivize miners to actually include transactions (which brings opportunity costs to miners), instead of just digging out empty blocks to obtain block rewards, transactions will also have a separate fee for miners (called miner tip fees).

We expect that the base fee will account for most of the related expenses under normal circumstances, and the tip fee of the miner may be slightly higher than the opportunity cost, which is about 1 gwei/gas. There is a small exception here, that is, the runners and others who are expected to participate in the block gas price auction will appear in the form of bribing miners.

51% attacks against PoW

If you are a miner who controls 51% of the hashrates of a certain PoW coin, then you can perform a double-spending attack. Through this attack, you can basically rewrite the history by mining the side chain, and then in the future Reveal it at some point. This is the 51% attack we most often discuss, but this attack is quite difficult to execute in reality, because you need to have enough available capital to convert on-chain assets into off-chain assets, and you need one or more willing to perform this The supplier of this transaction. Considering the 51% attack cost of attacking some larger blockchains, this attempt proved to be unworthy, because you simply cannot cover the cost. However, for smaller blockchains, we have seen this type of attack executed many times, because the revenue you can get is worth the cost of attacking the blockchain.

Another type of 51% attack that is rarely discussed is a censorship attack (aka selfish mining). In this attack, you own 51% of the mining power, but you refuse to work on any blocks that are not mined by your mining alliance. Since you have more than 51% of the hashrates, this means that your chain will be the longest chain, and any blocks that do not belong to your alliance will be ignored. The end result is that you will get a 100% block reward instead of a 51% block reward, which means your income will double, but your workload will not.

This kind of 51% censorship attack, as long as miners can unite to form an alliance and control at least 51% of the mining power, they can carry out this attack. These attacks have no direct negative impact on users (except for a period of difficulty adjustment, which will eventually pass). And this kind of mining alliance does not need to trust each other very much. Any alliance member can see if another alliance member has defected and kicked it out of the alliance (or, if enough members have defected, it is possible that the alliance will fail. Will disband.)

The 51% computing alliance’s censorship attack on the PoW blockchain can cause the income of members to increase by about 2 times. It is worth noting that the selfish mining strategy similar to the above censorship attack can achieve profit with about 33% of the hashrates. But this is indeed a bit complicated and beyond the scope of this article, because what we are concerned with here is only the 51% attack against EIP-1559.

51% attack against EIP-1559

For the 51% attack of EIP-1559, the most common version is this:

Create a 51% hashrate miner alliance that agrees to mine empty blocks, and reduce the base fee to 0;
Once the base fee is reduced to 0, there will be a permanent congestion state, which means that the miner bribe (tip fee) will become the deciding factor in determining whether the transaction is included in the block, which will bring us back to the current state , That is, bribery of miners is the only factor included;
Miners profit from higher tip fees;
It is worth mentioning that, in the worst case, we will eventually return to the current state, so EIP-1559 actually does not exist.

100% attack

To better understand this attack, let’s see what happens if a coalition of miners controls 100% of hashrates and they decide to do so.

First, they will need to mine empty blocks for a period of time in order to reduce the base fee from the original level to a level close to zero. During this time, they will receive block rewards, but no transaction fees will be charged. The base fee can only change about 12.5% ​​per block, which means that if all blocks are empty, the base fee can be reduced by half every 5 blocks, every 17 blocks Reduce by 90%. In other words, to reduce the base fee to a level close to zero, about 1 hour of empty blocks are sufficient to complete this attack.

Once the base fee is low enough, the mining alliance hopes to keep it at this level. The easiest way to achieve this is to divide the hashrates into two parts, half of which are empty blocks and the other half. Mining double full blocks (this means that the size of these blocks is 2 times the current gas limit). In this case, the empty blocks mined by the alliance still do not charge any transaction fees, but the double full blocks mined can get a bunch of transaction fees, and there is no need to worry about the base fee (base fee) will erode its transaction fees profit! This is a profitable attack.

99% attack

Assume that the coalition of miners controls 99% of the hashrates instead of 100%. The effect of the attack is basically the same, except that in the initial stage of the attack, when you use 99% of the hashrates to mine empty blocks, 1% of the hashrates will earn you a fee, and these hash powers will also slow you down slightly. The rate of base fee, so you need a longer time to reach the base fee target close to zero.

Once you reach your goal, you still need 50% of the hashratres to mine empty blocks, while the other 50% is used to mine double full blocks. Since 1% of the hashrates is not part of the mining alliance, they will almost certainly mine double full blocks, which means that only 49.5% of the alliance’s hashrates will receive a generous fee reward. Overall, this is still profitable for you. For non-alliance miners, your attack is great, because it makes them rich, but they cannot join your team because joining the alliance makes less money than not joining.

51% attack

Assuming that your alliance only controls 51% of the hashrates, as mentioned above, 49% of the hostile hashrates will almost certainly mine double full blocks, which is certainly not a good thing for mining alliances. First, reducing the base fee to 0 will take a very long time for the alliance, because it requires every 51 blocks to reduce the base fee by 12.5%, and then every 49 blocks will reduce the base fee Increase by 12.5%, of course, you will eventually reach your destination, but this means that it takes days or weeks to attack, and hostile miners can enjoy transaction fees.

Once the base fee is sufficiently reduced, you will start to implement a split mining strategy, and as before, 50% of the hashrates will be mined for empty blocks, and the other 50% will be mined for double full blocks. Since you only control 51% of the hash power, this means that 98% of the mining alliance’s hashrate is mining empty blocks (no transaction fees), and only 2% of the hashrate is mining double full blocks. At the same time, all miners who have not joined the alliance are digging double full blocks and earning a lot of money from transaction fees…

??%attack

In addition, there is a certain degree of hash power, in which the alliance changes from profitable (>50%) to profitable (≤100%). The threshold depends on the average amount users are willing to pay for gas (for example, 1 gwei VS 100 gwei). However, the attacker alliance makes less money in the attack than the non-alliance member earns. Therefore, while the alliance continues to attack, it is always more profitable to defect (in other words, pretend to participate in the alliance, But actually not participating is more profitable).

Do we need to worry?

The 51% attack on PoW cryptocurrency is indeed a serious problem. If the mining alliance starts to censor the non-alliance miners, then they can make huge profits (2 times). The advantage of the Proof-of-Stake (PoS) consensus mechanism is that it solves this particular problem by creating an out-of-protocol mechanism to severely punish anyone who tries to carry out such attacks (it is worth writing an article on this topic).

If EIP-1559 is indeed adopted, 51% of mining alliances can bring considerable profits to non-alliance members, but they will suffer losses themselves, so from this perspective, it is irrational to launch an attack. If the mining alliance controls 99% of the hash power, it can bring profits for itself, but for non-alliance miners, the profits will be more.

If someone has 51% of the hashrates, then it is best to only conduct censorship attacks, then his profit will be higher and simpler, and then attack EIP-1559 after completion.

So yes, you should be in awe of the 51% attack, but for the 51% attack of EIP-1559, you don’t need to worry, because the resulting benefits are far less than performing a review attack, even in theory. .