Here’s another interesting talk from RIPE77: Routing Attacks in Cryptocurrencies explaining how BGP hijacks can impact cryptocurrencies.
TL&DR: Bitcoin is not nearly decentralized enough to be resistant to simple and relatively easy BGP manipulations.
Is that a BGP problem? Obviously not – it’s just that what people think they know about bitcoin has no basis in reality. According to the talk all you have to do to disrupt bitcoin global infrastructure is to take ten prefixes offline. Oh, and then there’s the small matter of “bitcoin messages being propagated unencrypted and without any integrity guarantees.” Looks like the whole thing really was a proof-of-concept that escaped from the lab.
On a totally unrelated note, that talk follows the great recipe a friend of mine working in academia his whole life described decades ago when looking for the topic of his PhD thesis: “Take two unrelated research areas, and find a way to mix them together. You’re almost guaranteed to have something unique and publishable.”
Not unexpected, some people quickly latched onto this unique combination, resulting in articles like Real Money Can’t Buy Routing Security… But BitCoin Might. Unfortunately that’s just wishful thinking.
BGP routing security is a business problem, and there’s orders of magnitude more money made on the Internet the traditional way… yet none of those players are willing to pay the ISPs to build a secure infrastructure and use non-public infrastructure for mission-critical communication. Bitcoin miners might just find it easier to go down that same path.