Fee Sniping

What Is Fee Sniping?

Fee sniping is a mining strategy where a miner, instead of building on the most recent block, attempts to re-mine a previous block to capture its high-value transaction fees. The attacker creates a competing version of an already-confirmed block, includes the same fee-rich transactions in their version, and tries to extend their fork faster than the honest chain.

In a normal mining process, miners always extend the longest chain by building on top of the most recently found block. Fee sniping breaks this convention: the miner looks at block N (which just confirmed), sees it contains lucrative fees, and starts mining an alternative block N that includes those same transactions. If the attacker succeeds in outpacing the honest chain, they orphan the original block and pocket the fees themselves.

Today, fee sniping remains purely theoretical. The block subsidy (currently 3.125 BTC per block) dwarfs transaction fees in most blocks, making the expected return from sniping negative when accounting for the cost and risk of the attack. However, as Bitcoin's subsidy continues to halve and the network matures into a fee-driven security model, the economics of fee sniping shift. Understanding this attack is critical for evaluating Bitcoin's long-term fee market dynamics.

How It Works

The fee sniping attack exploits the gap between what a miner earns by playing honestly versus what they could earn by rewriting recent history. When a block contains unusually high fees, a rational miner faces a choice: extend the chain and collect the subsidy plus average fees in a new block, or attempt to orphan the previous block and capture its above-average fees.

1. Block N is mined by an honest miner and propagated to the network. It contains several high-fee transactions totaling, for example, 2 BTC in fees.
2. An attacking miner observes block N and its fee-rich contents. Instead of mining block N+1 on top of it, the attacker begins mining an alternative block N that includes those same high-fee transactions.
3. The attacker includes the original high-fee transactions from the mempool (or directly from block N) in their competing block. Transactions not yet confirmed are still available from the attacker's own mempool.
4. If the attacker finds a valid block before the rest of the network extends the honest chain, they broadcast their alternative block N. Other miners now face a choice between two competing chain tips at the same height.
5. If enough hash power builds on the attacker's version, the original block N becomes orphaned. The honest miner who found it loses their block reward, and the attacker claims the fees.

Why Orphaning Works

Bitcoin's consensus rule is simple: follow the chain with the most cumulative proof-of-work. When two competing blocks exist at the same height, whichever chain gets extended first wins. The attacker doesn't need majority hash power to succeed: they only need to find one block before the rest of the network extends the honest chain. However, the probability of success increases with hash power, and a miner with a small share faces very long odds.

The key distinction from a 51% attack is scope. Fee sniping targets a single recent block and its fees, not deep reorganizations. Even a miner with 20-30% of total hash power could occasionally succeed at sniping the most recent block, though the expected value would need to justify the risk of wasting proof-of-work on a failed attempt.

nLockTime: The Primary Mitigation

The most effective defense against fee sniping is already deployed in most Bitcoin wallets. When constructing a transaction, wallets set the nLockTime field to the current block height. This makes the transaction invalid for inclusion in any block at a lower height.

// Transaction with nLockTime set to current block height
{
  "version": 2,
  "locktime": 830000,  // Current block height
  "vin": [
    {
      "txid": "abc123...",
      "vout": 0,
      "sequence": 0xFFFFFFFE  // Signals nLockTime is active
    }
  ],
  "vout": [
    {
      "value": 0.5,
      "scriptPubKey": "OP_DUP OP_HASH160 <pubKeyHash> ..."
    }
  ]
}

With nLockTime set to height 830,000, this transaction can only appear in block 830,000 or later. If a miner tries to re-mine block 829,999 to steal fees, they cannot include this transaction in their competing block because the locktime prevents it. The transaction was crafted for height 830,000, so it is only valid at that height or above.

Bitcoin Core implemented this behavior in 2014 (PR #2340). The wallet sets nLockTime to the current block height for all new transactions by default. Some wallets add slight randomization, occasionally setting nLockTime to a slightly earlier height, to improve privacy by making it harder to fingerprint wallet software based on exact locktime values.

// Bitcoin Core nLockTime assignment (simplified logic)
// Set locktime to current chain tip height
nLockTime = chainActive.Height();

// Occasionally (10% of the time) set to a slightly earlier height
// This improves privacy by preventing locktime-based fingerprinting
if (GetRandInt(10) == 0) {
    nLockTime = std::max(0, (int)nLockTime - GetRandInt(100));
}

Why Fee Sniping Becomes More Attractive Over Time

Bitcoin's security budget consists of two components: the block subsidy and transaction fees. The subsidy halves approximately every four years through the difficulty adjustment cycle and halving schedule. As the subsidy diminishes, transaction fees must increasingly sustain miner revenue.

When the subsidy is large, a miner who attempts fee sniping risks losing the guaranteed subsidy of the next block. If they spend hash power re-mining block N and fail, they've forfeited time they could have spent mining block N+1 (which carries the full subsidy). The opportunity cost makes sniping irrational except in extreme cases.

As the subsidy approaches zero, this calculus changes. In a purely fee-driven regime, a block containing 0.5 BTC in fees sitting next to a block containing 0.01 BTC in fees creates a strong incentive to re-mine the richer block. The variance in fee revenue between blocks becomes the dominant factor in mining profitability, and fee sniping becomes a rational strategy for maximizing returns.

This dynamic connects directly to the broader discussion around Bitcoin's long-term security budget. For deeper analysis of how transaction fees sustain network security, see Bitcoin Fee Market Dynamics.

Game Theory: Why Miners Don't Do This Today

Several factors keep fee sniping theoretical in the current environment:

• Subsidy dominance: with the block subsidy at 3.125 BTC and average transaction fees typically between 0.1 and 0.5 BTC, the expected gain from sniping rarely exceeds the opportunity cost.
• Hash rate risk: a miner with 10% of total hash power has only a 10% chance of finding the next block. Spending that hash power on re-mining a previous block instead of extending the chain means a 90% chance of complete loss.
• Reputational damage: large mining pools are publicly known entities. A pool caught fee sniping would face backlash from the community and potentially lose miners from their pool.
• nLockTime deployment: most wallet software already sets nLockTime to the current block height, preventing many high-fee transactions from being included in re-mined earlier blocks.
• Network propagation: by the time a miner observes a new block, other miners have already started working on the next one. The head start of the honest chain makes sniping even less likely to succeed.

The result is a Nash equilibrium where honest mining is the dominant strategy. Every miner is better off extending the chain than attempting to re-mine previous blocks, as long as the subsidy remains substantial.

Related Attack Vectors

Fee sniping belongs to a family of mining incentive attacks that become more relevant as transaction fees grow:

• Time-bandit attacks: a generalized version of fee sniping where a miner with significant hash power reorganizes multiple blocks deep to capture accumulated fees. While fee sniping targets only the most recent block, time-bandit attacks may rewrite several blocks of history.
• Selfish mining: a strategy where miners withhold discovered blocks to gain a strategic advantage, wasting honest miners' work. Unlike fee sniping, selfish mining aims to increase a miner's proportional share of all blocks rather than targeting specific high-fee blocks.
• Transaction withholding: miners observe high-fee transactions in the mempool and delay including them, hoping fee pressure increases and they can capture even more fees. This relates to replace-by-fee dynamics where users bid up fees on pending transactions.

These attacks share a common thread: they all become more rational as the ratio of transaction fees to block subsidy increases. Understanding fee sniping provides a foundation for analyzing the broader category of mining incentive problems. For more on how timelocks protect against reorg-based attacks, see Bitcoin Timelocks: CLTV and CSV.

Long-Term Implications for Finality

Bitcoin does not offer absolute finality: every transaction is only probabilistically final, with confidence increasing as more blocks are built on top. Fee sniping threatens this model by creating incentives for miners to undo recent confirmations.

If fee sniping became common, users and businesses would need to wait for more confirmations before considering a transaction settled. A payment that was "safe enough" after one confirmation today might require three or six confirmations in a fee-dominant future. This would degrade Bitcoin's usability for time-sensitive transactions and increase reliance on layer-2 solutions for fast settlement.

Several proposals aim to address the long-term fee sniping risk:

• Mandatory nLockTime: consensus-level enforcement requiring all transactions to set nLockTime, rather than relying on wallet-level convention. This would make fee sniping impossible by construction but requires a soft fork.
• Fee smoothing: mechanisms that distribute fee revenue across multiple blocks, reducing the variance that makes sniping profitable. If every block paid roughly the same fee reward, there would be no incentive to re-mine a specific block.
• Forward blocks: a proposal where miners commit to future block templates, making it harder to retroactively change transaction selection after seeing which transactions pay the highest fees.

None of these proposals are currently under active development for deployment. The Bitcoin community generally regards fee sniping as a distant concern that will be addressed as the subsidy diminishes and real-world fee market dynamics become clearer.

Risks and Considerations

Impact on Small Miners

Fee sniping disproportionately benefits miners with large hash rate shares. A pool with 30% of network hash power has a meaningful chance of winning a one-block race, while a pool with 2% does not. If fee sniping became prevalent, it would accelerate mining centralization as smaller miners face increasingly unfavorable odds.

Interaction with Transaction Selection

The replace-by-fee policy allows users to increase fees on unconfirmed transactions. In a fee sniping scenario, this creates a complex dynamic: sniped transactions might be replaced with higher-fee versions during the reorg window, further complicating the attacker's expected payoff calculations.

Layer-2 Relevance

Fee sniping is a layer-1 concern. Layer-2 protocols like the Lightning Network and Spark settle transactions off-chain, bypassing block-level fee competition entirely. However, layer-2 channels rely on on-chain transactions for opening and closing, meaning fee sniping could still affect the security of settlement transactions that anchor layer-2 state to the blockchain.

The Wallet Developer's Role

The most practical defense against fee sniping depends on wallet developers consistently setting nLockTime. While Bitcoin Core does this by default, not all wallet software follows this convention. Wallets that omit nLockTime create transactions that are valid at any block height, making them vulnerable to inclusion in re-mined blocks. Developers building on Bitcoin should ensure their transaction construction follows this best practice.

This glossary entry is for informational purposes only and does not constitute financial or investment advice. Always do your own research before using any protocol or technology.