Fork-After-Withholding (FAW) Attack

The fork-after-withholding (FAW) attack, introduced in 2017 research, fuses a block withholding attack with the deliberate forking logic of selfish mining. The attacker infiltrates a target mining pool, splitting its power between honest solo mining and infiltration mining, but it does not simply discard the full blocks it finds inside the pool.

How the Fork Is Engineered

Instead of always throwing away a withheld block, the FAW attacker holds it and submits it to the pool manager only at the moment an external miner outside the pool publishes a competing block. The manager then propagates the attacker's block, and a fork forms. Sometimes the attacker's branch wins the resulting race, earning the pool a reward the attacker shares in, on top of the share income it was already collecting. This added upside is what makes FAW strictly more profitable than naive withholding.

Why It Out-Earns Block Withholding

Against multiple pools, which mirrors the real network, the extra reward from an FAW attack has been estimated at roughly 56% more than a plain block withholding attack. It also reshapes the so-called miner's dilemma: when two pools attack each other with FAW, the larger pool can consistently come out ahead rather than both simply losing, removing the deadlock that discourages mutual withholding. Crucially, FAW avoids the practicality problems that limit pure selfish mining.

FAW shows how pool-level and network-level attacks compose into something worse than either alone. See related entries on chain reorganization, stale blocks, and PPLNS reward dynamics.