I have been following the ongoing debate about the capacity for eos to censor certain accounts. My interest lies in the fact that such censorship is in complete contradiction to everything I believe crypto should represent. In my reading, I stumbled on this steem post https://steemit.com/eos/@thecastle/oooohhhhhhh-x-wait-is-this-fucking-true, that presents tweets where @dan (Dan Larimer) claims that a given account could be censored by convincing only 3 of the top 5 miners to reject specific transactions. Deeper in this thread @dan claims *"Give me control of 51% hashpower if any chain and I’ll freeze all accounts to prove point."*

Here I show that @dan is positively mistaken and his statement qualifies as FUD against ethereum and any proof of work blockchain. In this analysis, I give @dan *a lot* of hashes with which to censor transactions and demonstrate he can not censor anyone temporarily with certainty, and can not censor anyone indefinitely with any chance of success.

Let's fist consider what is involved in a 51% attack. The way a 51% attack works is that you have two groups of miners. **Public** miners and **secret** miners. Secret miners aren't always secret, but I will call them secret to underscore how a 51% attack works.

The secret miners begin the 51% attack by picking a branch point on the chain on which it will add **secret** blocks. That is, these blocks are not broadcast to the public network. Exchanges don't see them, typical users don't see them, block explorers don't see them, etc.

The secret miners proceed to mine this secret chain until it has a significant length advantage over the public chain, then they publish the longer chain, at which point the public miners must reorganize chains and accept the longer chain that has more work.

To "censor" transactions, the attackers must systematically exclude particular accounts.

But there is a catch that @dan completely ignores: finality of transactions is not a function of the blockchain like @dan wishes it to be, it is a function of the real-world entities that interact with the blockchain. This concept of finality is what makes a 51% double spend attack work, by the way. (A 51% double spend attack is not the same as "censoring" with 51% of the hashes, which is the subject of the following analysis.)

Consider an exchange, like bittrex, that requires only two confirmations to credit a bitcoin transaction. Imagine if we "gave" @dan 51% of the bitcoin network to censor whoever he wished. Could he have success censoring this person from sending coins to bittrex? I won't present the math here, but this amounts to sampling problem where the chance of success for the **censored** party is about 44% on any try spanning two blocks (given some conservative assumptions about the variance of mining power--the more variance, the easier it is for Alice).

In other words, let's say @dan has 51% of the hashes, and is trying to censor Alice. Every 2 blocks, Alice tries to send her transaction to bittrex to spend it. She has a 44% chance each time she tries to push the transaction through.

Alice's censorship at this point turns into a joint probability, where after 1 day of 72 tries (144 bitcoin blocks per day) we calculate the probability Alice will fail all 72 times with a 56% (100% - 44%) probability of failure on each try.

Basically, Alices chances of failure are so infinitesimal (1 in 1.35x10^18), that her chances for **success** within one day is absolute, rounding to 100% after 16 decimal places.

Clearly @dan can not censor Alice, or anyone else, with only 51% of the bitcoin hashes.

Now, let's take an extreme example where we give @dan 66% of the ethereum network. Can he censor Alice from sending ETH if she can find an exchange that credits her balance after 5 confirmations? This would admittedly be a rare exchange, but she only needs one outlet to spend her ethereum to bypass @dan's censorship.

This turns into a sampling problem where Alice has an 0.01% chance of success over any 5 block interval. Now @dan has some real power. But can Alice push a transaction through in a day?

Because ethereum has 15 second blocks, Alice has 1152 tries per day to push her transaction through, each with an 0.01% chance of success (or 99.99% chance of failure). In this case, @dan is doing much better than he did with all the bitcoin mining power. Alice only has about an 11% chance after 1 day, about a 20% chance after two days, and about a 68% chance after 10 days. If Alice keeps trying for a month, she will have about a 97% chance of getting it through. And after 3 months she'll get it through with a 99.997% chance. Dan is likely to give up after 6 months because Alice will have succeeded with 99.9999999% probability.

Sorry @dan, you can't censor anyone indefinitely with only 2/3 of the ethereum hashes. You'll need much more.

futurethinker (61)· 5 months agoCould you explain what his finality concept means? As I understand it during a 51% attack when it is kept long enough, people will be "forced" to move to the longer chain.

steemed (64)· 5 months ago"Finality" is just a fancy way of saying that non-blockchain entities have their own definition of when they consider a transaction irreversible. For example, if Alice sends to bittrex, then bittrex will consider the transaction irreversible after two confirmations, and credit her balance.

If the secret miners (attackers) don't get two blocks before the public miners get two blocks, then bittrex will credit Alice's balance and she will circumvent @dan's attempt at "censorship".

This is the part that @dan ignored when he made his faulty claims about being able to censor with 51% of the hashes.

futurethinker (61)· 5 months agoAh now it makes sense, I had been speculating that this was the meaning of it.

I have been going through your little quarrel :P. And I think both you and @dan are right depending on the situation. If we take your Bittrex example, Alice's transaction will be censored whenever she has

no prior knowledge of the attack of Dan, because as you say her coin will be destroyed. If she knows dan is after her she can trade her coins or move her coins to another exchange. But in the case when her coinsdoesn't get destroyedwhen there is a fork (like btc vs bcc), she is in fact never censored.It all comes down to the finality, if people accept both Alice's chain and @dan's chain. I am not sure how EOS works, but applying the PoW logic to the system and your probability function, it would indeed be impossible to censor Alice over a long period of time based if miners accept both Alice's and Dan's chain, in which case there will be 2 EOS coins. But as I understand the goal is to only have 1 EOS network. In which case censoring is successful on the new accepted chain, but total censoring will never happen because there exists a chain where Alice accounts still exists.

Your probability function is also very relevent in that Dan is not able to

immediatelycensor Alice on a PoW chain as with 49% of the mining power she will still be able to put through messages for a while.Well this is my two cents on this subject and please correct me if I am wrong. My reasoning followed logical conlusions from my current understanding of PoW :P

sazzadh (18)· 4 months agohttps://steemit.com/health/@sazzadh/5-ways-to-keep-kidney-healthy

kiaazad (59)· 5 months agoit's great to know that the blockchain technology is this resistant to censoring, two questions comes to mind:

of curse I know it's a totally different platform but it's a mind exercise for me to imagine these cases.

sazzadh (18)· 4 months agohttps://steemit.com/health/@sazzadh/5-ways-to-keep-kidney-healthy

kryptoncrypto (25)· 5 months ago@steemed what do you think the exact reason for the failure of EOS Network and why it is down???

sames (61)· 5 months agoYou made an excellent point that I totally forgot to write in my post

https://steemit.com/bitcoin/@sames/bitcoin-vs-eos-understanding-the-drama

I was more focusing on a generalized aspect of my post and countering what Dan had commented to me.

sujonxr (50)· 5 months agoThis is excellent point.

I also agree with you.

Thanks for sharing sir @steemed.

zerokun (52)· 3 months agothought we are in a world of free speech... don't understand why exist the word "censor" ...

meno (70)· 2 months agoI apologize for commenting here on a subject that is unrelated, but in the off chance that you do see it. I wanted to let you know about this new initiative called @steem-ua

I realize you might get stupid amount of memos asking for support and what not. But, I'm not here to waste your time, to ask for altruistic behavior, quite the opposite.

Because I realize my voice may not have enough weight, if you get a second check out this post written by @cryptoctopus to see what I'm talking about.

Conversations are happening on discord, the project is taking off and I think you could also play a role here. This is something the community is doing, outside of steemit inc, to pull steem out of the gutter and in that sense, I'm sure you can see its value.

Anyways, hope all is well

Meno

garudi (61)· 4 months agosteemed (64)· 5 months agoReplied to wrong post.

thecastle (66)· 5 months agosteemed (64)· 5 months agoNo, you are wrong and so is everyone else "you are talking to". The thing all of you are missing is that censoring Alice is a race, where the attackers (secret miners) have to get a longer chain in the time it takes the public miners get only two blocks.

Rememberbittrex gets its blocks only from the public miners.I already did the analysis, so I won't do them again. But the chief considerations are: (1) attackers have to mine

secretlyuntil they have a longer chain, (2) each N-length race isprobabilistic, and (3) exchanges and vendors will confirm the transaction after twopublicblocks.thecastle (66)· 5 months agoA race they already win by default for for having better hardware. Why would they need to do it secretly. They can JUST DO IT. Theres nothing more to it than that. Alice would be screwed in this situation. Period. She made some powerful enemies and is now rocking a nearly useless wallet.

steemed (64)· 5 months agoNO THEY DON'T.51% of the hashes only gets you 51% of the blocks. Alice can submit transactions that stay in the mempool and get accepted on 49% of the blocks. There is absolutely NO censorship in this case. It doesn't even inconvenience Alice because her transaction can stay in the mempool for hundreds of blocks. @dan fails.

To conduct a 51% attack, @dan has to mine secret blocks until he has a longer chain then force a chain reorganization by publishing his fork. While he is trying to get a longer chain, Alice can push a transaction through to bittrex because @dan is going to lose a 2 block race many times over the course of a day. That's how @dan fails.

isacoin (63)· 5 months agoyou make the argument as if the mining pools own all the hashing under the pool

all miners would leave when they see the attack happening and woulnt take more than 10 minutes, not very long to do anything and most sites use more than one confirmation for a transfer so attack is obsolete with high cost and 0 incentive

thecastle (66)· 5 months agoI honestly think they would just either not give a crap or switch to another coin. Exasperating the problem further. Also you are making the argument that anyone would even know the attack was happening.

There is no way we would be able to genuinely know an attack like this was going on. All you have to do is get a couple shills on reddit to respond and say things to confuse the topic more and you can launch attacks like this consequence free forever.

isacoin (63)· 5 months agobots would know when this happens, more accurately described as there algorithms would identify and act accordingly

thecastle (66)· 5 months agoWhat bots, what algorithms and how would they act accordingly?

isacoin (63)· 5 months agoa bot is an algorithm

programmers use algorithms(bots) as tools to automate functions and program commands for possible scenarios

do you think miner's review blocks manually and initiate commands manually

steemed (64)· 5 months agoActually, now that I think of it, @dan is not only failing at censoring Alice, he is paying for her to have a nice income based on double spending.

Consider what happens every time Alice is able to push a transaction through on bittrex. This happens when the public miners beat the private miners (attackers) over a given 2 block interval. @dan later comes along with his 51% attack and negates her transfer to bittrex because censorship is an ongoing process. Bittrex has credited her balance, but since @dan has negated her transaction from the block chain with all that censorship, she gets to send to bittrex again. @dan is conducting a 51% double spend attack on Alice's behalf instead of censoring her.

Derp.

thecastle (66)· 5 months agosteemed (64)· 5 months agoWhen Alice executes the double spend, bittrex won't shut her account down, they will put the wallet on maintenance. If it happens more than once, the coin in question gets delisted. There is plenty of precedence for delisting PoW coins that are double spent through 51% attack. Alice can then move to a new exchange.

Dan's 51% hashes don't censor Alice, it kills the coin.

You are struggling to defend @dan, but he's not even here defending himself. He's hiding because he knows he is wrong on this issue.

Check this out: Na na na na na na -- @dan you are wrong!

See? No @dan.

thecastle (66)· 5 months agosteemed (64)· 5 months agoYou aren't getting it. Think about how it plays out instead of blindly trying to defend @dan. Let's imagine you are Alice (not the real person but the

account). Alice realizes @dan has 51% of the hashes and is trying to "censor" her. I have shown that she can push a transaction through with certainty over a finite number of blocks. Let's say @dan is dead set on killing the chain to stop Alice. Alice sends the entirety of her balance to trex by pushing that transaction through.Hungry to double her money she tries again after @dan graciously negates her original spend, then she executes a second (double) spend, maybe going so far as to dump her account on bittrex for the second time and transferring all of whatever she dumped into off the exchange. Alice is now 2x rich and out, @dan is wasting gobs of money mining a tainted coin.

Who won from this "censorship"?

thecastle (66)· 5 months agosteemed (64)· 5 months agoI downvoted you with full weight because you are not working to understand the concepts here and instead you are resorting to nonsense statements like "lets stop turning this into a secret agent movie".

You obviously have no understanding of game theory, strategy, security, probability, or how blockchains work. I'm proving to you that I do because I got this voting power by being a student of all these things. I really recommend learning from someone who knows their shit rather than @dan who is just trying to promote his latest revenue venture with unsubstantiated and erroneous claims.

steemed (64)· 5 months agoYou failed right there. The success of an ongoing, persistent, indefinite attack can't rely on the victim's not finding out about it. That is a recipe for a failed attack, and boom Alice is uncensored. It's easy to discover these attacks. Everyone will know something is up when the chain keeps re-organizing every 2+ blocks. They will spot who is behind the 51% attack and identify it as such, with these new 2+ block forks suddenly coming out of nowhere and reorganizing the chain, and possibly causing other havoc, not just to Alice.

The rest of your post is based on this same fallacy, so isn't worth responding to.

isacoin (63)· 5 months agoif 3/5 mining pools colluded for a 51% attack they would lose power within 10-30 minutes as miners would notice what is happening and leave the pools

thecastle (66)· 5 months agoNot really, because we saw this happen with Bitcoin when they wanted to force 1mb blocksize completely crippling the coin and all it did was cause a schism. Also who would even notice if this were to happen. Its normal for ETH to take several hours to do a single transactions on peak times.

An attack like this against a single person would probably not even be possible to prove. They would just think ETH is being a little worse than usually today. It would take weeks before it clicks "Hey wait a minute" lol

isacoin (63)· 5 months agoon the bitcoin 1mb fork this wasn't a 51% attack and was caused due to the limit on blocksize being lower than thought and unknown untill was tried.

Miners would notice this or more accurately what ever bots they use to manage would identify and i would imagine most have corrective actions readily programmed for such a scenario

i speak on bitcoin not ethereum big difference

thecastle (66)· 5 months agoYeah it was, it was a massive propaganda campaign fueled by Blockstream to defend their ownership of Bitcoin. Don't you remember when Bitcoin was suddenly not money anymore? That was where the "store of value" meme began and it was insanely stupid. Bcash / Bitcoin cash was a massive disaster and it all stemmed from Blockstream having full control over Bitcoin and using that control to prevent larger blocks to be implemented on Bitcoin.

isacoin (63)· 5 months agowhat are you talking about?

blockstream doesnt have full control of bitcoin

big blocks are stupid and uneeded

seems you've been hitting the roger ver koolaid a bit too hard

maybe try researching and learning yourself rather than listening to what your being told