If There Is an Answer to Selfish Mining, Braiding Could Be It
Centralization of mining pools is often considered one of the biggest problems Bitcoin faces. Only a handful of pools typically control well over half of all hash power on the network, and there is little indication this trend will reverse anytime soon.
While several dynamics contribute to pool centralization, one important factor is "orphan rates" - i.e., the number of mined blocks rejected in favor of conflicting blocks. Solutions to limiting orphan rates have been proposed, usually focused on decreasing block relay time. But, unfortunately, most of these solutions do not hold up very well if mining pools are willing to disadvantage competitors.
A different area of research trying to solve this problem is Directed Acyclic Graphs (DAGs), also known as "braided" blockchains. This solutions could tackle the selfish mining problem too... if worked out properly.
Here's an introduction.
Whenever two blocks are mined at (or around) the same time, they both "race" over Bitcoin's network to reach as many nodes as possible. The first of these blocks to have a new block mined on top of it becomes part of the longest chain and is therefore considered valid by the entire network.
The rejected block - while otherwise valid - does not become part of the longest chain, and is therefore disregarded by the network. The block is "orphaned."
This means that all hash power spent to find that block was wasted. Valuable resources - like electricity - are lost, with no block reward to show for it. That's bad news for the miner of the orphaned block.
Moreover, these mechanics open the door to types of selfish mining attacks, first described by Cornell University researchers' Ittay Eyal and Emin Gün Sirer. In short: large mining pools can strategically withhold blocks they mine to give themselves a head start against smaller competitors. This attack can be profitable even if a pool (or a combination of pools) controls as little as some 25 percent of all hash power on the network.
The best way for miners to mitigate these risks is to join a large pool and share profits. But, of course, this centralizes mining into fewer and larger pools, which is bad news for the decentralization of the Bitcoin network.
Most solutions that deal with this problem - as described, for example, in this two - part article - attempt to minimize relay time, so blocks can find their way across the entire network faster. This shorter relay time decreases the odds of two conflicting blocks circulating over the network. It also cuts down the total number of orphans, and in many cases works quite well.
But these solutions only work well if miners are "honest," and don't attempt some kind of selfish mining attack. If large miners do attempt a selfish mining attack, it doesn't matter much how fast blocks can propagate over the network. The blocks are withheld anyways.
Braiding offers a different solution.
Instead of speeding up propagation, braiding decreases the negative effect of slow propagation - and therefore also the negative effects of selfish mining.
In a braided blockchain, conflicting blocks are not orphaned at all. Rather, a subsequent block is built on top of both of the conflicting blocks. Both blocks become part of the shared history, and both blocks earn their respective miners a block reward.
The main challenge that arises when braiding a chain, is that there still needs to be a conflict-resolution mechanism for double-spend transactions. On a regular blockchain the solution is simple: miners decide which transactions they include in blocks, and the network agrees that the longest chain of blocks is valid. Braided chains require more novel solutions, such as voting schemes; this is where the different proposals vary most.
As an added benefit - assuming the double-spend problem is solved - braiding opens the door to significantly reduced block intervals. A perk of Bitcoin's 10-minute block interval is that it's relatively rare for two blocks to be mined at the same time by coincidence. However, as the block interval time decreases, the odds of conflicting blocks increase, which is undesirable.
Since with a braided chain conflicting blocks are no longer a significant issue, most proposals specify block intervals of much less than a minute.
Braiding is not a new concept.
DAGs were first proposed by researchers Yonatan Sompolinsky and Aviv Zohar in 2013, as the GHOST (Greedy Heaviest Observed Sub-Tree) protocol, a version of which is implemented in Ethereum. About a year ago, Dr. Bob McElrath presented a different implementation of the idea - now called braiding - at the Scaling Bitcoin workshop in Hong Kong . More recently, Sia developer David Vorick presented his braiding solution, called Jute, at Scaling Bitcoin Milan . As well, Sompolinsky and Aviv Zohar, along with Yoad Lewenberg, proposed their latest braiding-like protocol, Spectre in December of 2016.
That said, the concept is, generally speaking, still in the research and exploration phase. By braiding a blockchain, new problems are introduced - including the aforementioned increased risk of double-spends, but also a potential higher inflation rate and changed fee economics.
And the bad news is that, because braiding is still in this phase of research and testing, these solutions probably won't soon be rolled out on Bitcoin's main chain. Furthermore, even if all problems were to be resolved, braiding probably wouldn't be easily adopted by Bitcoin. All braiding proposals so far constitute a significant overhaul of Bitcoin's mining protocol, and can probably only be rolled out as a hard fork - a switch to an entirely new network that users come to consider "Bitcoin."
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.