Bitcoin Selfish Mining and Block Withholding — Attack Vectors Explained
Mining isn't just hashing — there are game-theoretic attacks that can give dishonest miners an edge. Here's how they work.
Uvin Vindula — IAMUVIN
Published 2025-10-12 · Updated 2026-03-10
Mining Attack Vectors
Bitcoin's security model assumes honest miners follow the protocol. But what if they don't? Several theoretical (and occasionally practical) attacks exploit the mining process. Understanding these is crucial for evaluating Bitcoin's security.
Selfish Mining
Discovered by Emin Gun Sirer and Ittay Eyal in 2013, selfish mining is a strategy where a miner finds a block but doesn't broadcast it immediately. Instead, they continue mining on top of their secret block, trying to build a longer private chain.
How It Works
- Selfish miner finds block N. Keeps it private
- Continues mining block N+1 on their private chain
- If the honest network finds block N before the selfish miner finds N+1, the selfish miner immediately releases their block N, causing a race
- If the selfish miner finds N+1 first, they have a 2-block lead and can keep mining privately
- When the honest network catches up, the selfish miner releases their longer chain, orphaning the honest blocks
The math shows that selfish mining can be profitable with as little as 33% of hashrate (under ideal conditions), versus the 51% threshold people usually cite.
Block Withholding Attack
In a pool context, a miner can submit valid shares (partial proofs of work) but withhold any share that happens to be a valid block. The miner still gets paid for shares but prevents the pool from ever finding blocks. This sabotages the pool while the attacker still earns from shares.
Defense
This is genuinely hard to detect because the attacking miner's work looks identical to honest work — they're just "unlucky" at finding blocks. Some pools use statistical analysis to flag miners with anomalously low block-finding rates.
51% Attack
The classic attack: a miner with majority hashrate can:
- Double spend: Send Bitcoin to an exchange, get paid, then rewrite the chain to reverse the transaction
- Censor transactions: Refuse to include specific transactions in blocks
- Empty blocks: Mine empty blocks to deny service to the network
With 600+ EH/s of honest hashrate, acquiring 51% would cost billions of dollars in hardware alone, plus ongoing electricity costs. It's economically irrational — you'd earn more by mining honestly with that hashrate.
Time Warp Attack
A subtle exploit where a miner manipulates timestamps in block headers to trick the difficulty adjustment. By carefully setting timestamps, a majority miner could artificially lower difficulty, mining blocks faster than intended. This has been known since 2010 and there's a proposed fix (included in the "Great Consensus Cleanup" soft fork proposal).
Practical Risk Assessment
In reality:
- Selfish mining: Never observed at scale on Bitcoin. The risk of failed execution (losing the race) and the capital requirements make it impractical
- Block withholding: Has occurred in the pool wars era (2014-2015). Mostly a concern between competing pools
- 51% attack: Economically unfeasible on Bitcoin. Has occurred on smaller PoW chains (Ethereum Classic, Bitcoin Gold)
Bitcoin's security isn't just cryptographic — it's economic. The cost of attacking the network far exceeds any potential gain. That's the genius of Satoshi's incentive design.
Explore more Bitcoin security topics on our learning center.
By Uvin Vindula — IAMUVIN
Sri Lanka's leading Bitcoin educator. Author of "The Rise of Bitcoin".
Learn more →Related Articles
The Bitcoin Brief: LK
Weekly Bitcoin insights, market analysis, and Sri Lanka crypto news. Join 1,000+ readers.
Unsubscribe anytime · Educational content only