Bitcoin Mining Undermined: A New Attack Allows Infiltrators to Win Twice

A new attack called Infiltrated Selfish Mining (ISM) has been developed that can reshape the rules of Bitcoin mining. ISM allows attackers to create a private block with a guaranteed one-block lead over the public chain, gaining twice over - a block reward for the private block and a shared reward from the pool. This new attack overturns a long-standing assumption about Bitcoin's security economics and could reshape the economics of pooled mining.

A groundbreaking study by a team of researchers from the Singapore University of Technology and Design (SUTD) and their collaborators introduces a novel attack strategy called Infiltrated Selfish Mining (ISM) that could significantly alter the landscape of Bitcoin mining. The study, titled "Infiltrated Selfish Mining: Think win-win to escape dilemmas," challenges long-standing assumptions about Bitcoin's security economics and the economics of pooled mining.

ISM allows attackers to create a private block with a guaranteed one-block lead over the public chain. This private block is used as the foundation for a secret mining task, with the attacker aiming to add another private block on top. If successful, the attacker releases the infiltration block to the victim pool and quickly follows with the private block, ensuring both are accepted in the chain. This strategy enables the attacker to gain twice over: a block reward for the private block and a shared reward from the pool. If the private block fails, the withheld infiltration block can still be used to trigger a fork, similar to the Fork After Withholding (FAW) attack.

The study's authors, Professor Zhou Jianying and his collaborators, demonstrated that ISM can avoid the miner's dilemma, enabling two or more attacking pools to profit simultaneously. This is the first time such a result has been established, contradicting the long-held view that mutual attacks will reduce everyone's payoff. Quantitative analysis confirmed ISM's advantage over other attacks, with ISM yielding up to 1.52 times more rewards than FAW under certain parameters. Unlike Power Adjusting Withholding (PAW) and Fork Withholding under a Protection Racket (FWAP), ISM does not require complex dynamic rebalancing of mining power or protection-racket payments between pools. Its simplicity makes ISM both more practical and more worrying.

The broader implications of ISM are sobering. If it spreads, even small pools might be tempted to attack, as the "win-win" feature lowers the risk of losses. Honest miners could see their share of rewards diminish, intensifying pressures towards centralization. Over time, repeated infiltration could erode trust in open pools and subtly distort the fairness of the network.

The team proposed a pool-level countermeasure that requires miners to place deposits, with penalties imposed when withheld blocks are detected. Simulations showed that even modest deposits, combined with improved stale-block monitoring, could remove the attacker's profit margin. Because these measures can be implemented at the pool level without altering the Bitcoin protocol, they are seen as feasible in practice.

Prof. Zhou noted, "Our work shows how a small twist in strategy can change the entire equilibrium of Bitcoin mining. The challenge for the blockchain security community now is to anticipate the next twist, and be ready with countermeasures before it takes hold."

References:
[1] https://www.asiaresearchnews.com/content/new-attack-reshapes-rules-bitcoin-mining
[2] https://www.ainvest.com/news/bitcoin-news-today-bitcoin-mining-star-iren-surpasses-rivals-1b-ai-btc-growth-2508/