Hi all,

First, an encouragement: I just added another 40kH/s to p2.pool mini.

I have been following Monero for some time, since around 2017, but usually keep to myself. I’ve just a couple of days ago had an idea though for improving 51% attack resistance, so I made an account in order to share that idea.

Proposal Overview The idea is to give a difficulty penalty to new hash power in order to make 51% attacks more expensive. This would penalise short term hash rate increases whilst minimising the impact to long term legitimate miners.

How It Would Work

• Hash Rate Verification: Block producers (solo miners, or pools, treated as solo miners) periodically prove their hash rate to the protocol (e.g., 10 times daily).
  • Perhaps prove hash rate by submitting shares.
• Difficulty Penalty: If a miner’s hash rate spikes significantly, the protocol applies a higher difficulty to their new hash rate, reducing its effectiveness in mining blocks.
  • A miner’s difficulty would be an average of the standard network difficulty (for their existing hash rate) and a higher difficulty (for their additional hash rate) weighted by percentage of each.
• Normalisation Over Time: The penalty gradually decreases over, say, 3 months, as the new hash rate is sustained, the miners average hash rate trends towards it.
• Seasonal Miner Adjustment: A separate, decay rate applies to hash rate reductions which can be tuned to avoid overly penalising legitimate fluctuations such as seasonal miners who mine less during warmer months or those who mine on intermittent power sources such as wind or solar power.
  • The hash rate of a miner must decay to prevent a malicious actor ‘levelling up’ many miners and then utilising rented hash rate across them all at the same time later for an attack.

Benefits

• An increase in the cost to 51% attack the network by:
  • Requiring more hash power, to overcome the difficulty penalty or,
  • Forcing an attack to operate over a longer time frame, increasing the amount of time the hash rate is required for.
• Encourages legitimate, stable, long term mining of Monero, by providing a disincentive to short term pool swapping and gaming the difficulty adjustment speed by intermittently mining with a high hash rate.

Possible Challenges

I’m not a software engineer, so I’d like feedback on these potential issues:

• Barrier to Entry: The difficulty penalty will also affect new legitimate miners. How could the penalty be tuned to minimise this?
• Privacy Concerns: Proving hash rate may require identifying miners to the protocol. Is there cryptographic way to anonymize this?
• Resource Demands: Tracking hash rates could strain bandwidth or storage for nodes. Could pruning old data (e.g., after 3 months) address this?
• Cost of Defensive Hash Rate: Adding hash rate to defend the network during an attack would also face the penalty. Would this at least be no worse than how it is today, as defensive hash rate has equal power against an attacker?
• Implementation: Could this be done in Monero’s protocol? Are there similar mechanisms in any other blockchains?

I’m interested to hear what others think and whether or not you can see any other challenges or deal-breakers for this defensive mechanism.