Share Withholding Attack in Blockchain Mining: Technical Report

TL;DR

This paper introduces the share withholding attack (SWH) in blockchain mining, revealing a new threat where attackers withhold shares to unfairly increase their rewards, undermining the fairness and security of PoW-based cryptocurrencies.

Contribution

The paper presents the novel SWH attack, analyzing its incentive mechanisms, scope, and impact, and discusses potential countermeasures to mitigate this new threat.

Findings

SWH allows attackers to gain unfair rewards by withholding shares.

SWH combined with block withholding amplifies attacker's advantage.

Rational miners will adopt SWH to maximize profits.

Abstract

Cryptocurrency achieves distributed consensus using proof of work (PoW). Prior research in blockchain security identified financially incentivized attacks based on withholding blocks which have the attacker compromise a victim pool and pose as a PoW contributor by submitting the shares (earning credit for mining) but withholding the blocks (no actual contributions to the pool). We advance such threats to generate greater reward advantage to the attackers while undermining the other miners and introduce the share withholding attack (SWH). SWH withholds shares to increase the attacker's reward payout within the pool, in contrast to the prior threats withholding blocks, and rather builds on the block-withholding threats in order to exploit the information about the impending block submission timing, challenging the popularly established assumption that the block submission time is completely random and unknown to miners. We analyze SWH's incentive compatibility and the vulnerability scope by identifying the critical systems and environmental parameters which determine the attack's impact. Our results show that SWH in conjunction with block withholding yield unfair reward advantage at the expense of the protocol-complying victim miners and that a rational miner will selfishly launch SWH to maximize its reward profit. We inform the blockchain and cryptocurrency research of the novel SWH threat and include the potential countermeasure directions to facilitate such research and development.