Instead of punishing everyone whenever there’s a fork, like in fork punishment , is there another way? Perhaps we can instead prevent the block propagation race, and consider each submitted block at each block height.
For this, we can use uniform tie-breaking, which was an idea proposed by Eyal and Sirer in 2014.
When we have a race to propagate, the miner who has a network advantage is more likely to get their block accepted into the longest chain.
This is because they are better connected in the Bitcoin network and are able to get their block out to more people.
We can use uniform tie-breaking to protect against selfish miners who have a network advantage.
After each block is published, instead of taking the first seen block as valid, since this might be a block from a well-connected selfish miner, each miner first waits to hear about all competing blocks.
In the case of a tie, where a miner sees multiple blocks at the same block height, the miner randomly chooses which chain to mine on.
By randomly choosing which chain to mine on, miners mitigate an attacker’s network-level dominance.
Eyal and Sirer found that the default Bitcoin protocol has a profit threshold of 0% if there exist selfish miners that are really well connected in the network and can thus influence the way data flows through the network.
This would then mean that for Bitcoin to be entirely secure, 100% of the network has to be honest.
In their paper, with their proposed uniform tie-breaking, they claimed that it raised the profit threshold for selfish mining to 25%.
However, later in 2015, a separate paper published by Sapirshtein proposed a more optimal selfish mining strategy that reduced the profit threshold down to 23.2%.
A 25% profit threshold using uniform tie-breaking is pretty bad, considering that selfish mining is always profitable when you have 33% of the mining power.
Even more shocking is when we compare this to our original design for Bitcoin, which was supposed to be tolerant of up to 50% malicious miners.
How do we improve 25%? In 2014, Ethan Heilman proposed a defense of selfish mining using timestamps.
The idea is that timestamps would be issued by a trusted party and incorporated into every block by miners.
Timestamps would be global across the entire Bitcoin network, and would be issued regularly, say every 60 seconds.
They also would be publically accessible, but unforgeable because we’d use cryptographic signatures.
Blocks are considered in competition if they are received roughly within the same timeframe, say 120 seconds of each other, and when the situations arises when there is competition between blocks, then miners simply will pick the block whose timestamp is fresher, or the most recent.
In the paper, it says that the profit threshold for selfish miners using this method of unforeable timestamps goes up to 32%, a solid improvement from the 25% we saw with uniform tie-breaking.
As it turns out, selfish miners can easily break this defense.
Tie-breaking rules only apply when there’s a block propagation race, NOT when the selfish mining chain is longer than the public chain.
And as it turns out, it has been shown that if an attacker has a large amount of computational power, say greater than 40%, then these tie-breaking defenses against selfish mining are essentially worthless.
As you can see in the diagram on the bottom, a selfish miner can still invalidate the honest chain if they have the longest chain.
Miners will pick the longest chain, since it has the most work done on it, and will weight this more than the fact that a block in the honest chain is “fresher”, or more recent.
And another thing you might have realized is that this defense requires a trusted third party to distribute timestamps to everyone.
The drawback here is that Bitcoin aims to be as decentralized as possible, and while this might work with other systems, centralization certainly doesn’t mix with Bitcoin’s philosophy.
So, we’ll skip this for now.