An investigation aims to design a smart contract to “hold” Bitcoin transactions, that is, prevent their confirmation by miners.
More than a practical implementation, it is about an intellectual exercise to assess the anti-censorship qualities of Bitcoin, a protocol in which all its users are supposed to have the same freedom and opportunity to transfer value.
“Understanding the practicalities of retaining Bitcoin transactions helps to better understand the properties of Bitcoin in general and the security of certain protocols or use cases,” reads the research.
In short, the research poses a scenario where miners are incentivized to delay confirming transactions. However, achieving this is not easy, so the experiment contemplates that this does not really happen.
The exercise was carried out by developer Gleb Naumenko, who posted it on his personal blog. Subsequently, the signature BitMex, for which the researcher works, disclosed the experiment.
Lately I’ve been wondering if it’s possible to use a Bitcoin smart contract to blackmail miners into censoring (or withholding) a transaction.
Why is this interesting? First of all, many time-sensitive protocols rely on fast transaction inclusion, which resolves the dispute between two parties.
This can also be exploited by state actors. I think it is important to understand these risks. The question is still open as to whether miners will accept additional bitcoins (besides commission) for blocks that ignore a transaction, but I’ll pretend so.
How to guarantee that miners will be rewarded for this? How to guarantee that the transaction will be censored? With smart contracts!
Delaying a transaction can have serious consequences on protocols like Lightning, the Bitcoin payment channel network, which is sensitive to multi-signature transactions that need to be confirmed on the blockchain (on-chain) in a minimum time required.
The execution of this contract could be considered as a type of attack, as Naumenko explains, either to hinder protocols like Lightning or to delay the confirmation of transactions for political reasons.
TxWithold: the smart contract to retain Bitcoin transactions
The TxWithold contract, whose name derives from the phrase “withholding a transaction”, seeks to monetarily reward miners for delaying the confirmation of a Bitcoin transaction.
Thus, the contract should be made up of a mechanism that verifies whether the transaction was confirmed or not (proof of mining, or in Spanish, pmining test) and another mechanism to claim the reward.
In this sense, Naumenko affirms that the Bitcoin programming language is not expressive enough to determine which miner can take the reward for ignoring a transaction.
Therefore, the fact that the miner can receive a commission for ignoring a transaction could be done through an oracle, an external device in charge of validating the Proof of Mining.
A solution to deliver the reward could be to amortize it among several miners. Assuming the attack is long enough (say, a 100-block hold), an attacker could create the following UTXO or transaction output: If the oracle confirms the hold down to the last block, miners can get the reward by spending this UTXO with a pre-signed transaction that is proportional to your historical distribution of processing power or hashrate (and a small percentage for any user signature, encouraging anonymous miners to participate as well),
The challenges of creating a transaction retention agreement mean that Bitcoin is not such an easy system to corrupt. However, it is not ruled out that in the future some entities will invest time, effort and money in breaking the resistance to censorship of this protocol.