The Defense Advanced Research Projects Agency (DARPA), an entity attached to the Pentagon, financed a recently published report that claims that Bitcoin is not as decentralized as it is thought.
The investigation was carried out by the firm Trail of Bits, which produced a report entitled Are blockchains decentralized? Unintended centralities in distributed accounting. It presents a series of arguments with which it is intended to show how insecure and centralized the distributed accounting technology isalso known as blockchain.
For its analysis, Trail of Bits focused especially on Bitcoin and Ethereum. The report describes different types of centralization that may be present in this type of network, including those related to authority, consensus, motivation, software, among others.
Bitcoin and blockchain are not the same
Yes ok such a blockchain can be as centralized as its developers wishTo claim that Bitcoin is a centralized network or that it will be imminently very soon is a statement that requires well-crafted evidence.
According to some of the organizations that reacted to the publication financed by DARPA, the arguments that try to show that Bitcoin is a network that is very prone to being the victim of cyberattacks or centralized in any way are flawed.
Replies on Bitcoin to the report financed by the Pentagon
The strongest response to the Trail of Bits report came from Swan Bitcoin, a company specifically focused on providing services related to facilitating BTC savings for its users.
In a recent post on the Blog of Swan, Yan Pritzker (co-founder) and Tomer Strolight (editor in chief) explained why many of the arguments in the report in question are flawed.
Among the report’s claims that were refuted on this blog is that the code for Bitcoin can be easily modified by its developers. In this regard, Trail of Bit emphasizes that only four programmers constantly contribute to the development of the network.
Swan’s blog explains that both the activation of a protocol, whether it is a novelty or a modification, does not depend on the developers, but on the network of nodes. The administrators of the Bitcoin nodes are the ones who decide whether to update them to the version with the new feature or not.
Another controversial accusation made by Trail of Bits in its report is that only the union of four entities (referring to the mining pools with the highest hashrate) is enough to attack this network effectively. To which they added later that there are enough incentives for internal attacks on the Bitcoin network.
As for the apparent ease of attacking Bitcoin, a 51% attack perpetrated by one or more pools in sync would be combatable immediately. It would be enough for the miners to change their pool and move their hashrate to others that are acting properly. The pool change process is simple and fast, so a supposed attack of this type could not last forever.
On the subject of incentives, the writers of the Swan blog post argue that it is the complete opposite of what Trail of Bits claims. The administrators of nodes of Bitcoin are the most interested in the network running smoothly and in preventing it from being violated. Otherwise, “they would be wasting energy that is expensive in the real world.”
In total there are thirteen arguments that Swan presents in detail with those who deny a series of claims about Bitcoin made in the report financed by the Pentagon.
The responses of the mining pools mentioned in the report
Other reactions to the Trail of Bits report came from mining pools that were mentioned in the document. One of them was ViaBTC, which was designated as a pool that assigns all its accounts the password “123”.
To this, the pool replied that such an assertion was false and clarified that they do not assign passwords to any type of account. Both the assignment and the change of password of your account is carried out by the initiative of each user. particular.
Braiins, the company that manages the first mining pool that ever existed, Slush Pool, was more blunt in its reply to the report financed by the Pentagon. “This is completely wrong, absolutely everything.” These were the words with which Braiins refers to said report and with which he began a short tweet thread where they explain why they believe the claims made by Trail of Bits are wrong.
In his response, Braiins clarifies to the researchers in charge of the report that the password that is placed in the line of code when programming a miner “is a legacy field that is used to send additional information to the mining pool.”
In fact, The most invasive thing that could happen in case of not setting a password is that someone else can mine with the user’s account; who would benefit, because the rewards mined by another would fall into their account.