[DINKDINK]

>miners control bitcoin

Incorrect, I can sign or construct any type of cryptographic payment I wish. Miners trade their Proof of work to prevent double spends in exchange for coinbase (currency issuance) that the market values. If miners chose to mine on a chain that no one wants, no one will trade for their coinbase.

The game theory nuance is, how do you organize an economy around changes to blockchain consensus? The only guaranteed way to ensure that that happens (from a game theory perspective) is to have miners lead the change. If user wish to lead the change, they still can but they take a risk in that no one will join them on the new consensus chain ("hey you guys said you'd construct payments like this and now no one is!"). There are more improved ways of rolling out these changes.

At worst miners can execute a denial of service for new transactions entering into the UTXO or attempt to double spend funds, or release blocks in a manner that negatively affects the profitability of other miners but they have _no control_ over how users handle their UTXO.

Bitcoin is anti fragile, each time it goes through a market challenger it gets better at handling it, not weaker.

[wildbunny]

If miners chose to mine on a chain that no-one wants, then everybody has to grudgingly go along with it, or cease to transact.

The longest chain is always the most valuable.

[DINKDINK]

>If miners chose to mine on a chain that no-one wants, then everybody has to grudgingly go along with it

No, if the miners mine on a chain that doesn't meet consensus rules, users will not follow it. If miners decide that the coinbase issuance schedule isn't to their liking, and decide to revert it back to 50 bitcoins per block, users will reject those blocks. This is a fundamental governance property of a blockchain.

[stale2002]

Kinda sorta.

Yes, users can reject Hard Forks.

But the problem is that soft forks can do basically anything. Yes, even increase the block reward, in a roundabout way, (by using added extension blocks that have special rules, and then requiring all transactions to go through the extension blocks.)

Although from the perspective of a non-conforming Node, this would just look like a DDOS style mining empty blocks attack.

At this point the only thing that users can do is change the Proof of Work algorithm. .... But, if the big players in mining have a bunch of GPUs on standby... well, it is not even guaranteed that this will work.

[KirinDave]

You're also referring to a major weakness in the distributed consensus of bitcoin: the longest-chain-preferred mechanism is almost certainly a vector of attack on the chain.

[simias]

Wouldn't you need to have a majority of the hash power to fork the chain and generate a longer one anyway? I think it's well understood that anybody managing to go above 50% of the hash capacity effectively "rules" the currency.

[KirinDave]

This is a common response to this but I don't think it's true in every case. I think if your goal is strictly to disrupt the Bitcoin service you can accomplish that by disrupting and attacking individual nodes in parallel and letting the resulting chaos from these cheaper attacks widen the scope of your disruption, stepwise.

[wildbunny]

On the contrary, this is the major strength of the system.

[KirinDave]

If by strength you mean, "A clear methodology from which a sufficiently large ec2 buy can rapidly fragment the Bitcoin consensus" then yes, I suppose that's fantastic.

From the perspective of people transacting on Bitcoin's infrastructure I suspect they'd call it "an attack."

[DINKDINK]

>a sufficiently large ec2 buy can rapidly fragment the Bitcoin consensus

You grossly underestimate the hashing capacity of the bitcoin network. The hashing capacity, at time of posting, is approximately 5,000,000,000 Gigahashes/second[1]. Spot measurement of the hashing capacity of an EC2 instance is 0.4 Gigahashes/second[2]. You would need 12 BILLION EC2 instances to 51% attack the bitcoin network.[3] Using EC2 to attack the network is impractical and inefficient.

[1] https://bitcoinwisdom.com/bitcoin/difficulty

[2] https://www.reddit.com/r/Bitcoin/comments/1btgl1/i_was_curio...

[3] x/(5e18+x)=.51 y=x/.4e8

[codeisawesome]

In the OP, the author says there are "approximately 5,000 computers" in the bitcoin network. I'm curious if you believe this is right too? Those are some powerful computers... (yes, "duh" indeed, I'm still awed).

[KirinDave]

I'm happy to be wrong, but I feel like I don't have to overcome the entire network's hashing, I need to overcome several individual instances. If I could isolate and attack individual members of the cluster quickly, I could begin to leverage their role in the cluster as they join, convinced that a single block must be true.

I don't need to overcome the network, I need to invite the network to have arguments with itself, by finding a way to introduce widespread partitioning of the network.

In this, the preference to longer hash chains seems like a good idea in a unified clock model but a somewhat optimistic decision in a split clock world.

[rlpb]

> The longest chain is always the most valuable.

Only the longest chain that users consider legitimate. If users reach consensus on using rules that have lower transaction costs, it won't matter how long miners mine their higher transaction cost chain.

The big question is: can users achieve such consensus politically, or in practice do the miners lead the users because they need less organization to do so?

[ateevchopra]

If miners chose to mine on a chain that no-one wants, they'll run into losses. Users will probably move to some other chain. As an example: Bitcoin users might wanna switch to Litecoin. And guess what miners will do then ?