Bitcoin Q&A: Binance hack, chain roll-back?


The first and highest-voted question comes from Lee,
[about] the Binance rollback that was proposed. “Binance said they considered rolling back
the Bitcoin chain, but then decided against it.” “How on earth would that have even happened, if they
had decided to [do it]? What would have happened?” “Would this mean launching a 51% attack?”
Yes, that is basically what they proposed. In order to roll back the chain, Binance must
persuade enough miners, at least 51% or more, to [return to] a block before the attacker
made withdrawals of coins from Binance, set that previous block as the parent, and start
re-mining new blocks from that point onwards. Imagine that Binance had really decided
to do this, about one day after the attack. At that point, they would need to persuade miners to
re-mine about 145 blocks [in the Bitcoin blockchain]. [They would also need to muster] their
hashing power to overtake the 49% of miners… who [may continue mining] from the current block;
they will have the longest chain. Overtaking [the minority hash power]
would cause a reorganization of the chain. During this time, they would deliberately mine
a transaction from Binance that [pre-emptively]… spends the funds that the attacker tried to steal. Once that “recovery” transaction is confirmed,
the transaction from the attacker would not succeed. Those coins [are sent elsewhere] on the chain
being [built] by miners [performing] the rollback. But think about it for a second:
51% is not actually enough [to succeed]. With only 1% advantage in hash
power over the [minority] chain, the majority chain would only gain
on them by about 1.5 blocks per day. With every 100 blocks or so,
they would catch up by one block. Think about this: the chain that was re-organised starts
145 blocks in the past, compared to the minority chain. Let’s say that Binance didn’t manage to
launch this attack until one day after the theft. Gaining only 1% per day [is very slow]. As they mine block -145, the other 49% of
miners are extending the chain by block +1. After [the majority chain] has mined 100 blocks,
they are still about [144] blocks behind, because the minority chain has
mined another 99 blocks or so. They started 145 blocks behind;
100 blocks later, they are 144 blocks behind. After another 100 blocks, they are 143 blocks behind.
At this rate, it would take [the majority chain]… about 150 days to catch up
and overtake [the minority chain]. That is a very long time.
During that time, if anything goes wrong… [What happens if] just 1% of miners abandon this effort
[on the majority chain] and return to the other side? It is over. All of that energy put towards
rolling back the blockchain is wasted. Let’s say that Binance managed to [organise
this attack] in a much shorter period of time. They act quickly to collaborate with miners,
perhaps persuade some pools to join them. But the pools may start losing miners,
because this is a very contentious act. Let’s say they organised this within five blocks.
Well, even in that case, it would still require… a very significant effort to overtake the [minority] chain,
because they are still only about 1% faster. They would need an overwhelming [majority]
of the miners on their side, and very quickly… [for this recovery] to even be doable,
purely from a hash power perspective. Some people have suggested that
Binance could bribe miners to do this. They could bribe them by creating a transaction to
[preemptively spend] the funds with very high fees, which would incentivise the miners,
so they would be paid-off to confirm it. Those fees must be worth more than the rewards
from the blocks that the miners would be rolling back. Let’s say they rolled back five blocks.
The fees as a bribe must be more than 60 bitcoin, because miners make 12.5 bitcoin per block
just if they continued to mine on the normal chain. If they roll back the chain, the energy they previously
expended to mine those five blocks will be wasted. Even if they win [in the end]. Presumably, the miners who
took this chance have already received the rewards. If they go back and spend the energy twice,
they will not receive the rewards twice. Only one of the chains will succeed.
They will only be paid the block rewards once. This means that Binance must bribe
them with the entire reward amount… for however many blocks they are trying to re-write,
and then some more, because this is risky [operation]. If it fails, that is energy loss. They would lose the reward
from Binance [because that transaction is now invalid]. There is another wrinkle: the attacker
could offer a bribe of their own. They could add another transaction on top of
the withdrawal transaction for the stolen funds, which also pays a big fee to miners. The bribe from the attacker is much less risky;
the miners would not need to play the roll-back game. They could just continue to mine the normal
chain, a much less risky proposition [for them]. They would not be spending any
energy to go against consensus. They would be able to earn that
reward with almost 100% certainty. If they roll back the chain, they lose the
attacker’s [easy] bribe, and it is very risky. If they don’t roll back the chain, they could
receive the attacker’s bribe for much less risk. The attacker would need to bribe them
with an amount more than the block reward, because the miner would not be
wasting energy [to accept it]. The attacker wouldn’t need to bribe
them with more [bitcoin] than Binance. In fact, they could bribe miners with a lot
less, because it is a less risky proposition. The bottom line here is: how would the
proposed roll-back work? It wouldn’t work. It is as simple as that. It wouldn’t work. It is too risky.
It would require immediate coordination. There is no way, in my mind, that Binance
would be able to incentivize enough miners. Once miners understood that this roll-back could
be easily thwarted by a bribe by the attacker, [they would not be willing to risk] wasting energy. It is as not easy to attack the
Bitcoin blockchain as people think, even with motivated actors and
hundreds of millions of dollars at stake.

71 thoughts on “Bitcoin Q&A: Binance hack, chain roll-back?”

  1. Can you please check out ASG on p2pb2b ? They opened a limited token sale on are talking about serious capitalization, I’ve heard 10x and more ROI is possible.

  2. Ecology is hugely popular right now because of all the environmental issues, do you know any crypto projects based on it? I think it can provide a good only one I know is ASG on p2pb2b

  3. What you are saying is: Rolling back the chain was a very stupid uneducated guess. And it should bother us that Binance and CZ where even thinking about it.

  4. Thank you Robert
    Me and friends can never forget to appreciate your great hack after clearing the bills I still have 4 bitcoin left in wallet,contact him and thanks me later via WhatsApp ‪+1‬ (919) 525-1318

  5. What about getting most of the miners on-board with an even distributed of the bribe to the 10 largest mining pools? A large enough bribe must become the greater economic incentive at some point.

  6. This was by far the best response I've heard. Please tell us Justin has already invited you to the Buffett lunch?

  7. Here’s food for thought: the fact that CZ even suggested this goes to show how little he understands bitcoin and blockchain. He’s simply a casino operator masquerading as a crypto/blockchain pioneer.

  8. The Moment CZ mentioned this absurd thought he lost credibility. What was he thinking? Shouldn't he be smart enough knowing this? Doesn't he know that without BTC his business would also be lost???

  9. Great explanation about this scary topic. Assuming Binance would have detected this immediately, do you think they could have simply used a RBF transaction with different outputs?

  10. if the attacker were to offer a bribe, wouldn't they have to ID themselves? so-and-so is counter-bribing binance? or would it just come out of the stolen funds' addrs?

  11. andreas doesn't mention the moral hazard risk the miners would face of colluding in a 51% attack would harm the immutability reputation of bitcoin. if they "do this once" for binance, why not a national banking authority one day?

  12. AHAH! Thank you Andreas I was right too. CZ is an idiot he don't know what he's talking about. Andreas said "Idiots don't know what they don't know" 🙂 fuck you CZ

  13. Andre, What happened to ETC? I owned it and when it went to around $20 it suddenly tanked to $5.00 one day. Some said it was a 51% 'hack'. Was It?

  14. Thanks! Poor CZ looked so exhausted when he suggested he 'considered a 51% attack'. He probably figured out quickly that what is explained in this video

  15. Thank you Mr Antonopoulos for your amazing work educating people in the crypto space 🙂

    Can I ask you which mobile phone you use please? iPhone or android / which is better for security?

    Many thanks

  16. miners have no incentive in rolling back the chain unless the chain suffers a fatal flaw. rolling back the chain will cause massive devaluation, there is no incentive for miners to get paid in worthless coins, and if bitcoin gets rolled back so easily, it is worthless. the incentive system in bitcoin works because of that.

  17. Off topic: You look great and healthy, like easily 10-20 years younger than many of your previous videos. Whatever it is you doing, keep doing it.

  18. thoughts about IOTA looks like having a solution to blockchain trilemma? does it still make sense for users to pay fees then? does it make sense to maintain this bitcoin mining when there is a scalable and fee-less DLT without the need for miners?

  19. Binance rolling back BTC would result in yet another fork of BTC, call it Binance BTC, and it would go on to do its thing while the BTC fork would go on being the real Bitcoin.

  20. Does bitcoin need to keep growing in fiat value to keep the 51% attack from happening? Is there a correlation between bitcoin's security and its fiat value?

  21. Not to mention, the loss of trust people would have in the network after a roll back would likely cause the price to crash, devaluing the miner's bitcoin.. Ya, not going to happen.

  22. People Cz was on a live stream, and someone mentioned the reorg, he said he didn't know what that was, and he would consider it, but after learning what it was, he didn't even considered it. Here it seems like if he was proposing a reorg.

  23. Aa is very educated. Yet he fails to mention these cpus have backdoors in them (spectre meltdown) and all software money is vulnerable with no fdic security

  24. Exchanges are digital banks ? they will soon die off and DEX’s will take over. We simply can’t continue with centralized exchanges in a decentralized ecosystem. $NEX ftw ?

  25. Andreas, please correct me if I'm wrong. In the end, what CZ proposed is alarming. It shows the centralization of hashing power in the hands of a few. Not only POW is bad for our society as it wastes energy, but it is also centralized in the hands of big miners and 3-4 pools. Yes, rollbacks are expensive, but doing a 51% attack by adding a new malicious transaction that would affect the network does not cost as much as a rollback and it is totally doable and cost under 1 million $ by renting the hash power (so no stake at hand). If 51% or 2-3 entities control the network it is just not enough decentralized. In the end, Andreas says miners would not do a 51% attack because it is too risky, it would require coordination, it would have to be done immediately and there is no way its possible. Let me correct that, 51% attacks are risky for the Bitcoin network but maybe not for the attacker, maybe the attacker as an incentive to attack it. Yes, it would require coordination and speed, just as any important hack. Andreas, please correct me if I am wrong. I'm not as familiar with Bitcoin technicals compared to EOS where we have 21 entities with equal power using multi signatures to control the chain.

  26. Is it not possible that CZ is behind the hack so he can justify certain centralization in Binance itself by weakening the belief in Bitcoin's decentralization? I am not accusing, just wondering why everyone seem to be rulling out this possibility?

  27. Great info! To add one thing: the miners would have to take into account heavily collapsing bitcoin value because the trust in immutability is lost the moment they succeeded or even nearly succeeded.

  28. An other problem I see with rolling back. So Bob hacks 1 BTC from Binance. And so he launders it by buying 1 BTC worth of Monero from Bill.

    Bill didn't do anything wrong. All he did is exchange his Monero for Bitcoin. And now you roll back and you litterally steal this BTC from Bill. And Bob who was the thief, still has his Monero.
    Rolling back would get the BTC to Binance. But not necccesairy from the guy who stole it.

  29. The fact that he suggested it almost as if they could just decide is very alarming!!! EVIDENCE that miners and Chinese leaders truly control BTC!!!!! Mining needs to diversify and that should be a video on how to get BTC mining to become more diversified which will be good for everyone including Chinese BTC leaders. Over 60% of the BTC miners have not even removed the Bitcoin Core Bug CVE-2018–17144 which allows for double-spending!!! that 7000 BTC gone missing from Binance is very suspect….exchanges need to be more transparent else a Mtgox repeat is inevitable and this project can't afford another shit storm

  30. This was suggested by a bitcoin-core developer. Binance briefly pondered the idea and then threw it out. The mistake was CZ being open about their internal thought processes (which is why people usually praise him).

  31. Why would they have to bribe them the full amount of reward? Couldn’t Binance just offer a bribe at a considerably higher reward based on the probability the miner would normally have for the reward ?? Like not every miner gets 12.5 BTC reward if they don’t win calculation !! Some insight please ??

Leave a Reply

Your email address will not be published. Required fields are marked *