By Aleixmateuc [CC BY-SA 4.0 (], from Wikimedia Commons

The Blockchain vs the ISP

Headlines: Hijacking Bitcoin: Routing Attacks on Cryptocurrencies for fun and profit, by evil ISPs! 

The bitcoin protocol does not seems to protect the network against routing attacks, which is created by concentration of hosts: 60 percent of Bitcoin traffic is visible to just three ISPs (as of mid-2017). As the bitcoin blockchain proof of work selects the sub-chains with the hardest proof of work, 60 percent concentration may just be enough to “outvote” the other 40% and initiate a very profitable branch of the ledger.

The news does not seem to have any effects on the bitcoin index (so far…). The authors of this wonderful discovery will present in the 
IEEE Symposium on Security and Privacy 2017 (occurred in May) and plan to include code for a prototype of the delay attack. Wonderful bit of responsible disclosure from their part. That is bound to hurt the bitcoin (or not). 

Note: I the time I wrote this the event was in the future. 
Let’s see if it actually hurt bitcoin by looking at one of those charts, where I marked the May IEEE event where the bad news was to be unleashed upon unsuspecting bitcoin users (red circular thing).

It did not hurt! Courtesy of

The bigger question is: does it affect bitcoin only?

Further reading on the “bitcoin ISP problem”. I think this topic will need its own blog entry.

To answer the question above (is Bitcoin alone on its ISP misery?) we need to look into the work of  Balaji S. Srinivasan, which proposed using the Gini Coefficient (already in use by other people) for the purposes of quantifying blockchain decentralization. 

Why is this a big deal? Well, the one thing that positions public blockchain as the disruptor of all things is their decentralization (and related disintermediation) capabilities. Anything that point to the other direct will be a concern, wouldn’t it?

Mr. Srinivasan created a new coefficient dubbed “Nakamoto” (for obvious reason I would say) to measure or quantify decentralization on a blockchain, and is to be applied to the subsystems that make any particular chain. The Nakamoto coefficient was defined as “as the minimum number of entities in a given subsystem required to get to 51% of the total capacity”. Notice the 51% is a reference to a “majority attack“, which is the one attack that directly relates to centralization for Proof of Work consensus.

If you have a TL;DR problem with long articles full of math here is what came out of the study

Directly from the study. Hopefully Mr. Srinivasan won’t mind.

So what do we have in here? The table above shows measurements for the Nakamoto coefficient for Ethereum(pre-fork) and Bitcoin(Core) , as a result of decentralization of their subsystems. Notice the network itself (ISP distribution) is not directly measured and I think that would change things a bit as per the article presented to IEEE (see above at the beginning of this blog)

Mr. Srinivasan offers his conclusions in the article and I recommend you go read there (I won’t make it easy on you TL;DR!). Let’s just say that I agree that this measurement has great significance for the security of any public blockchain transactions.

My conclusions: if we add the paper on network centralization Bitcoin is already in danger. The trend of Internet Service Provider concentration and reduction on Net Neutrality will not make things better as far as the network implications.

Some further thoughts: Decentralization is a big word. Probably too big to be any one thing we want it to be. For the time being I will follow Mr. Srinivasan in the hopes that he produces updates to this work, or new things to measure (one can hope).

I will leave you with words of wisdom from the ones leading the field, regarding “Decentralization”

And if you have time, here is a heavy read on Bitcoin Lightning Network Decentralization challenges, and a more optimistic read on same with more details.

December 18 Update: the death of net neutrality is bad news for public blockchains.

June 2018 Update: 51 percent attacks are now a common thing. This was predicted but not really believed. It is now a reality due to bad Cryptoeconomics.

About the Author


Enjoy this blog? If so, spread the word!