As I understand it,when mining BTC, and calculating a block, the goal is to find a SHA-256 hash below a certain value (with the previous block, a nonce, and other things as the input). Are pool miners all performing that calculation directly (just with different nonces?)
If so, what prevents the miner who "finds" the block from keeping it, and not reporting it back to the pool? I'm assuming there's some safeguard here, and the miners aren't actually going to find the full solution.
The blocks you mine contain a coinbase transaction, which pays the block reward to an address of your choice. When mining in a pool, you set the payment address to the pool's address. If you were to mine a block and try to change the payment address to your own address, this would change block hash and invalidate the block. You can't cheat a pool by mining with your own payment address because they will check that. Pools get a regular proof of work from their miners by giving them an easier difficulty target, so that the miner regularly passes mined blocks back to the pool which get checked.
So basically you either mine for a pool, which pays the pool, or you mine solo. You can't do both at once.
When you are running a miner in a pool, you communicate through
getwork protocol. It basically boils down to requesting work and sending back shares (and in rare cases, solutions to blocks). Work in getwork is a Block Header, not an entire Block. The coinbase transaction is encoded in the merkle root, but is not known to the miner. The block hash that creates a share or a block solution is ONLY valid for a given merkle root. If you change the coinbase, giving yourself all the money, you invalidate your solution and have to start over. If you are mining your own blocks, no pool should accept your shares (unless it is dumb).
To sum up - a miner does not know the coinbase transaction, nor can it change the block without invalidating it.
On the other hand, a miner can withhold a block solution while still submitting other shares. This will make the pool get less money while still having to potentially pay for those shares. This exploit can be detected by statistics though, so over a long period of time such a malicious miner can be found out.
This is a crucial topic for the future of Bitcoin and other PoW based cryptocurrencies since mining pools are the biggest thread to their network. It's indeed curious how the cryptospace deliberately ignores this issue which is bound to catastrophe sooner or later. The top five Bitcoin mining pools reach more than 60% of all hashing power.
Since coinbase transactions are embedded within the block the pools are safe from mischievous miners, but, the point is, mining pools should not be safe under no circumstances in a healthy network since they represent the weak link of the ecosystem.
In my opinion the coinbase transaction should be submitted along the nonce and not inside the block.
This way no pool would ever trust their client miners.