image: Overview of ISM. An attacker’s infiltration miners find three infiltration blocks IB1, IB2, and IB3 in the victim pool in three different cases, respectively. Only IB3 leads to an ISM block ISMB before others find a block. Meanwhile, IB1 wins while IB2 loses in the corresponding intentional forks against the others’ blocks.
Credit: SUTD
Bitcoin is known to be secure by design, relying on proof-of-work puzzles that demand enormous computing effort to add each block to the chain. However, it becomes vulnerable to attacks in mining pools, where individuals combine computing power to secure steadier payouts. More than 80 percent of Bitcoin’s computational power now runs through a handful of open pools.
Past attacks on open pools—such as Block Withholding (BWH) and its successors Fork After Withholding (FAW), Power Adjusting Withholding (PAW) and Fork Withholding under a Protection Racket (FWAP)—showed how infiltrators could skew the rules. In these schemes, attackers join a pool, withhold valid blocks, and force forks that tilt the rewards in their favour.
There is, however, a catch. When multiple pools attack one another, everyone ends up worse off. This stalemate, known as the “miner’s dilemma”, has long been seen as an unavoidable feature of pooled mining games. Professor Zhou Jianying from the Singapore University of Technology and Design (SUTD) and his collaborators challenged that view in their new study, “Infiltrated Selfish Mining: Think win-win to escape dilemmas”.
In collaboration with researchers from China, the team developed a strategy that lets attackers create a private block with a guaranteed one-block lead over the public chain. Known as Infiltrated Selfish Mining (ISM), this novel attack could reshape the economics of pooled mining.
In ISM, an infiltrator who finds a full proof-of-work block, known as an infiltration block, does not immediately publish it. Instead, the attacker uses it as the foundation for a secret mining task, aiming to add another private block on top. If successful, the attacker then releases the infiltration block to the victim pool and quickly follows with the private block, ensuring both are accepted in the chain.
Through this, the attacker gains twice over: a block reward for the private block and a shared reward from the pool. If the private block fails, the withheld infiltration block can still be used to trigger a fork, much like in FAW.
The crucial difference is that ISM’s “one-leading” block allows attackers to collect rivalless rewards, rather than gambling on forks. This transforms the economics of the game. The researchers proved that ISM can avoid the miner’s dilemma altogether, enabling two or more attacking pools to profit simultaneously—the first time such a result has been established.
“ISM constitutes a significant breakthrough as it provides the first theoretical proof that multi-attacker pooled mining can yield a Nash equilibrium with simultaneous profits and explicit winning conditions, contradicting the long-held view that mutual attacks will reduce everyone’s payoff,” explained Prof Zhou.
Quantitative analysis confirmed ISM’s advantage over other attacks. Under certain parameters, ISM yields up to 1.52 times more rewards than FAW. Unlike PAW, it does not require complex dynamic rebalancing of mining power. It also does not depend on protection-racket payments between pools, unlike FWAP. Its simplicity makes ISM both more practical and more worrying.
The broader implications are sobering. If ISM spreads, even small pools might be tempted to attack, since the “win-win” feature lowers the risk of losses. Honest miners, meanwhile, could see their share of rewards diminish, intensifying pressures towards centralisation. Over time, repeated infiltration could erode trust in open pools and subtly distort the fairness of the network, even when no obvious forks are visible.
“This attack surface expansion is what makes ISM dangerous,” said Prof Zhou. “It does not just give large pools an edge. It can attract smaller ones too, eating into honest miners’ revenues and destabilising the balance of the network.”
The study also looked at ways to blunt the attack. The team proposed a pool-level countermeasure that requires miners to place deposits, with penalties imposed when withheld blocks are detected. Simulations showed that even modest deposits, combined with improved stale-block monitoring, could remove the attacker’s profit margin. Because these measures can be implemented at the pool level without altering the Bitcoin protocol, they are seen as feasible in practice.
The team cautions that artificial intelligence could further accelerate the search for profitable strategies, enabling attackers to tune infiltration levels and adapt in real-time. The community will need not only better pool defences, but also coordinated monitoring and stronger network-layer protections to keep pace.
Prof Zhou noted: “Our work shows how a small twist in strategy can change the entire equilibrium of Bitcoin mining. The challenge for the blockchain security community now is to anticipate the next twist, and be ready with countermeasures before it takes hold.”
Article Title
Infiltrated Selfish Mining: Think win-win to escape dilemmas