Cryptocurrencies and game theory
Game theory methods are widely used in the mathematical apparatus of cryptocurrencies, although so far their use has been mainly limited by the internal aspect. This approach leaves open multiple attack vectors.
In relation to any existing cryptocurrency project, we can say that at any time two games are played around it:
- Inner play
- Outdoor game
Sometimes these games overlap, and it is not always possible to make a clear distinction between them.
Internal game theory
The internal game theory deals only with players inside the system and stimulates the various actions of the participants. Unfair behavior should be punished, only in this case the system will be stable.
For example, in the Bitcoin network, if a miner decides to spend transactions twice, he will lose his mined bitcoins when bona fide nodes and miners declare his blocks abandoned. If miners with sufficient hashing power create a conspiracy to reverse transactions (51% attack), they will incur losses when the value of their mined and double-spent coins falls, and as a result, the cost of their mining equipment.
This type of structure, to one degree or another, is used in most cryptocurrencies, whether they are bitcoins or altcoins. Another example: Steemit, a cryptocurrency-based social network, has its own incentive and punishment system, with the help of which it tries to establish a harmonious level of internal operations – a system of upvotes and content flags. This example is all the more indicative, as it demonstrates the importance of accounting for game theory: a continuous drop in the cost of the system and the number of active users over the course of several months shows that harmony has not been achieved, and the system requires serious processing.
External game theory
External game theory is the least explored area in which most cryptocurrencies are most vulnerable. In this case, the network is not protected against intruders inside the system, the enemies are outside.
Example: the traditional banking sector may suffer losses from the widespread adoption of cryptocurrencies. In this case, he is the external enemy of the system. There are a lot of attack vectors: from lobbying for the ban on cryptocurrencies and introducing paid trolls into cryptocurrency communities, and ending with attacks that slow down the blockchain.
Similar actions can occur between altcoins, especially those that compete in the same space, be it smart contracts, anonymity, social networks, etc. Altcoin X will win if it carries out a successful attack against altcoin Z, since as a result It will offer users a faster and more reliable service than the war-ravaged altcoin Z.
An external attack is the most likely cause of recent events with Ethereum and Monero. Inflating the blockchain from within the ecosystem does not make sense, it makes no sense for users to pay a fee for empty transactions, because the blockchain requires disk space, RAM, processing power. Any user wants to see the blockchain as compact as possible, so, from the point of view of the internal theory of games, there is no point in attacks. However, attacks occur, therefore – these are attacks from outside.
Forms of attacks on external game theory
Range of external attacks: DDOS, trolling campaigns, custom articles, news feed combinations in conjunction with market attacks that expose shorts to currency, blockchain spam attacks.
The most insidious attacks use the Trojan horse when, in addition to an external attack, the attacker uses intruders inside the system (mining attack). This is just an analogue of what can be seen in politics: Democrats admitted that they hired intruders to destroy Republican support groups.
Cryptocurrencies are algorithmic, they do what is embedded in the code, but communities are social. In any community, situations arise that carry the risk of a split over ANY problem, even trivial. The process of solving the problem can cause disastrous disagreements. By introducing “bad actors” into the community, toxicity, hostility, trolling, and the like can be cultivated. These are extremely cheap attacks – Bitcoin has been testing them for several years.
Defense against external attacks
Many developers of Bitcoin and altcoin networks justify the lack of security measures by the fact that there will simply be no attack. The reason for such carelessness is often the desire to give the system more options in exchange for abandoning the security system.
For example, here is the problem of increasing the block size: what will stop an attacker from filling 32 MB of block with spam? Answer: ‘commissions cost money, there is no point in an attack.’ This is true from the point of view of the internal theory of games, but from the point of view of the external – no. If the attacker is a bank, it will not be difficult for him to spend several bitcoins per day on commissions if he can inflate the blockchain to a terabyte size. The situation will worsen further if the damage is many times greater than the cost of the attack, because the nodes and P2P wallets will have to maintain the bloated state of the network, and the increasing cost of maintenance will lead to additional centralization of the network.
Think like an attacker
The Monero community has seen first-hand that blockchain with resizable block sizes is not a panacea. The system was subjected to spam attacks, allegedly coming from a competing coin – Bytecoin. The problem was ‘solved’ by an increase in commissions. The next was Ethereum, who had to conduct a hard fork to increase the cost of commissions. From the point of view of the internal theory of games, these attacks were impossible.
Characteristically, despite the fact that the possibility of attacks was known before, Ethereum was not ready for them. The developers so wanted to sell the opportunity to create cheap contracts that they sacrificed security, which allowed the attacker to successfully carry out attacks at a meager price.
Another reason for vulnerability to attacks is the inability to think like an attacker. Developers can be extremely talented in writing new applications, but they are obliged to think like hackers, trolls, banks, governments, ask themselves: “What would I do in their place to destroy and destroy the cryptocurrency that I create?” Here is the answer, because the developers know the weaknesses of their own creations.
Reliability should be a top priority, even at the cost of reduced functionality.
There are scenarios, exits from which are not visible. Example: the US government has a multi-trillion interest in protecting the national currency. It is clear that at such rates, buying a mining farm to attack Bitcoin for 100 million does not seem expensive. If they spend billions on manipulating alternative assets such as gold and silver, why not spend a ridiculous portion of these sums to split cryptocurrency communities, or search for vulnerabilities on exchanges to destabilize the market.
Undoubtedly, not everything can be foreseen – but this is not the reason for refusing to increase reliability. Against technological attacks, you can protect yourself with the help of algorithmic security layers, developers should pay maximum attention to these attacks and make the blockchain as reliable as possible. Social attacks are a completely different issue.
How to protect yourself from a social attack, or “Sybil attack” on a community? This seems the most problematic. The only effective way here is to set a rigid set of rules from the very beginning of the project, so that the space for deviations is minimal. And even in this case, such an attack is possible:
‘When the rules were written, the developers did not provide for this or that, so we will take measures … for example, we will fork.’
The moment the participants start to flood the fire of the attack, cultivates a split in the community, followed by accusations of “censorship,” and toxicity increases if the community does not find alternative ways to deal with such problems.
As cryptocurrencies gain popularity, the surface of attacks increases. The most severe attacks are social. If DDOS, 51% attacks and the like clearly show the enemy on which developers can focus, the “enemies” within the community remain invisible until a certain point.
If social pressure, or even market pressure (and markets are not completely free, therefore, those who control the markets can indirectly control the development of algorithms) can influence the behavior of cryptocurrencies, the game can be considered lost.