Reports this week show that two mining pools, Etherdig and F2Pool, are publishing significant numbers of empty blocks and making a lot of money. While they’re not technically breaking any rules, their actions do present a security risk. Here’s how they might be doing it.
Apparently, some Ethereum miners are reaping significant rewards by validating empty blocks. On October 2, Alex Svanevik, chief data scientist at CoinFi, posted a Medium article with data showing an increasing number of blocks containing zero transactions. At one point in late September, almost three percent of validated blocks were completely empty. Also on October 2, Decrypt Media published an article showing that number has continued to rise well above three percent.
While three percent may not seem particularly significant, it adds up fast. Block time on Ethereum is about 15 seconds, which means there are roughly 5,760 blocks added to the chain every day. If three percent of those are empty, that means there are 170 empty blocks per day. The block issuance is currently set at 3 ETH. The price of ETH fluctuates, obviously, but if it’s selling for $220, then that’s almost $40,000 a day. Of course, the number of empty blocks per day fluctuates, but Decrypt Media‘s article points out that it has increased 637 percent since September.
According to Decrypt Media‘s data, one mining pool, Etherdig, has made more than $850,000 in the last three months “without validating a single transaction.” Another mining pool, F2Pool, estimated to be the third largest in the network, is also mining empty blocks.
In some circumstances, miners can begin mining an empty block more quickly than one that includes transactions, leading to faster completion. This gives miners of empty blocks a competitive advantage, but this practice can potentially slow the network down, which is obviously not great and could lead to higher gas prices. As it is, three percent is not so significant that it’s a major problem, but if more miners get in on this hack it could spell disaster for gas costs and network speed.
Or maybe I should say “these hacks,” because though both mining pools are validating empty blocks, as Decrypt Media and Svanevik point out, they seem to be using differing strategies. The most obvious point of difference is that F2Pool mostly mines blocks containing transactions, whereas Etherdig only mines empty blocks.
But there’s more to it than that. F2Pool seems to be doing some combination of what is known as selfish mining, SPV mining, and spy mining. Etherdig, meanwhile, is likely SPV and spy mining.
Selfish Mining Is Bad, Maybe
The term selfish mining, coined by Emin Gün Sirer and Ittay Eyal in 2013, refers to a strategy miners can use to earn more block rewards. The practice involves forking a blockchain off the main chain and hiding new blocks until the privately mined chain is longer than the main chain. This does not necessarily involve mining empty blocks, but often does.
A practice called SPV mining makes it possible to give selfish mining pools a leg up over the main chain, even if their hash power would not, under normal circumstances, be competitive. If you’re a miner, in order to add a regular, transaction-holding block to the chain, you need the previous block’s block hash to determine whether all of the included transactions are valid and therefore will not be rejected by other miners.
This means that if a miner adds a block that contains transaction data, they also need to download and validate the rest of the previous block to ensure their new block does not contain any double spends. However, if someone wants to mine an empty block, they do not need to spend the time to download and validate the transaction data from the previous block – they only really need to download the block header hash. This is effective because it means miners in the pool can begin to create the next block before completing the first one. Some selfish miners do this to beat the clock and make their competing chain longer than the main chain. It’s likely that this is what F2Pool is doing, because it is creating both transaction-containing and empty blocks.
It’s also true that some miners will practice SPV mining to add transaction-containing blocks to the chain, but this requires the miner to trust the previous block’s validity without having verified it, which could lead to the rejection of that block once miners outside the mining pool attempt to validate it. Other miners in the same mining pool might hypothetically be more trustworthy than miners in another pool, but it’s still possible for a miner to include double-spending transactions (which will be rejected by the network) in their SPV-mined block under this method. Therefore, it is undesirable to put transaction in the SPV-mined block.
Many people do not think that these approaches necessarily present a huge risk to the security of the network. Of course, if the network is near to its capacity, empty blocks can slow things down, but if it’s not, there’s no major loss. Arguably, transaction-containing SPV-mined blocks are riskier, especially when combined with selfish mining, because if it’s later found that the SPV miner trusted a block header hash of an invalid block, it can lead to a whole series of blocks being rejected and all of the transactions therein being reversed.
It could also be said that selfish mining increases miner profitability, and so it can incentivize participation and increase security. However, if enough miners are creating enough empty blocks and the network lags as a result, then this could have a significant effect on gas prices.
Spy Mining Is Probably Just Bad
Spy mining, on the other hand – which relies on SPV mining – is really not great.
Spy mining describes the situation where a miner from one pool joins a competitor’s pool, but instead of actually participating, they just take the block header hash being created by their host pool and share that information prematurely with their native pool. The difference between spy mining and SPV mining is that an SPV miner might have the whole previous block’s block hash – or may have obtained the block header hash ethically from its own pool – but chooses to only download the block header hash and builds off that. A spy miner is also an SPV miner, but a spy miner is necessarily a double-agent and a thief.
Just as any SPV miner, a spy miner can do two things with the block header hash from the previous block: They can mine a transaction-containing block and risk having it invalidated later (but gain the transaction fees associated with a full block), or they can mine an empty block. This could be used in combination with selfish mining, because it would allow a selfish mining pool to get a jump start on its competing chain. But, again, this would require the spy miner to gamble on the trustworthiness of the previous block’s miner. It’s possible this is what F2Pool is doing, but it’s not certain.
The problems with spy mining are more definite. Selfish mining combined with spy mining is a gamble; it’s a risk that a large number of transactions could be thrown when a whole competing chain of blocks is ultimately rejected. When used only to mine empty blocks, as it appears Etherdig is doing, it’s a practice that in no way contributes to the network. When a miner spy mines, they steal the rewards of other miners who did the work to create usable blocks containing actual transactions. They are only a parasite.
The Bitcoin network has been facing issues with spy mining for years. Decrypt Media suggests that Ethereum might take a cue from Bitcoin’s 2016 code changes that made it more difficult for miners to spy on each other. Further, it points out that the Ethereum community seems to be less prone to in-fighting than Bitcoin, so it might not actually be that hard to implement changes. It might be right about that.