Op Ed: Bitcoin Mining Attacks Are Overblown
Whenever I claim that bitcoin is the only decentralized cryptocurrency, I get one of two arguments:
- My X coin is also decentralized.
- Bitcoin isn’t decentralized because of Core and/or miners.
I’ll leave 1 and the first half of 2 for another day, but the “mining centralization” argument is what I want to tackle in this article.
The questions I’ll be answering are:
- Is Bitcoin mining centralized?
- In what way do miners “control” Bitcoin?
- What are the risks of a 51% attack?
- Are the altcoiners right?
Decentralization is a key property of Bitcoin. If you remove decentralization, it’s not an interesting project. There have been lots of centralized issuers of money — that’s what causes inflation and why your savings lose purchasing power daily. The response by altcoiners is to argue that decentralization is a spectrum or, barring that, that Bitcoin is centralized.
First, decentralization is not a spectrum. It either has a single point of failure or it doesn’t. Centralized things are called centralized because there’s a single point at which everything can fail. You either have a centralized point of failure or you don’t. There’s no real in-between like altcoiners would have you believe. Altcoins all have one or more of these properties which create a single point of failure:
- A creator that’s still involved;
- A development team that forces upgrades on all the users (hard forks); or
- A foundation/organization which directs what the coin will do.
Some have more than others (ETH has all three vs. XMR which has just the second); in that sense, you can say something has more single points of failure than others. Nevertheless, the fact is that if at least one single point of failure exists, the token is centralized. A government could very well control the coin with whatever regulations it wants through that single point of failure. They could, for example, arrest the creator, tax the dev team or nationalize the foundation or organization. The method by which an authority can take over doesn’t really matter here: The fact that it can is what is of concern. Centralized coins have the potential to be taken over relatively easily.
The question here is whether bitcoin mining is a single point of failure. Could a government or other authority control Bitcoin through controlling a single entity in mining? Much has been speculated about this and that is the subject of this article. What would it actually take to “take over”?
What Miners Can Do
The miners’ job is to secure the network. They do so by finding proof of work. Having 51% of the network hash power gives a single miner the ability to attack the network. That, however, is not the same as controlling the network. The attack is limited in nature and affects only the account holders attacked (say, an exchange). This is in contrast to forcing upgrades on the network, which can reset entire balances, inflate the currency or change all sorts of incentives. The latter is real control of the entire network, a real choke point, as the network rules are dictated by a single group. The former is a possible way in which some participants become vulnerable. These are two different things!
This distinction is crucial as altcoiners often conflate the two. The two vulnerabilities are not the same. The first is an attack vector with a lot of conditions required to execute, affecting a limited number of people; the latter is the possibility of complete takeover. Think of the former as a weakness in your army defenses and the latter as a takeover of the army for whatever purposes the conqueror pleases. The former still requires the attacker to fight out in the open. The latter is something that can be accomplished without the knowledge of anyone but the inner circle.
It is with this in mind that we call altcoins centralized. They can be taken over, conquered, changed by the whims of a few people. Controlling a large amount of mining hash power is not the same as that and the vulnerabilities are limited, not to mention very expensive to execute. This is the difference between a single person in charge of a bank account (who can thus embezzle, run away with the money, etc.) vs. a possibility that a valid wire transfer can be forced to wait a long time before being deposited.
Requirements of a 51% Mining Attack
To bring this home, let’s go through how a 51% mining attack must be executed. In order to execute a 51% attack, you first need more hashing power than the rest of the network. This means getting lots and lots of mining equipment, which costs a good deal of money. The equipment currently has long lead times and acquiring the latest generation of miners is notoriously difficult as such equipment tends to be very profitable. Using old equipment is an option, but the savings and convenience of such equipment is more than offset by the inefficiency. Either way, obtaining and running the equipment necessary is really costly. This requires incredible capital investment in order to compete with miners who are mining honestly and making a good deal of money doing it.
Furthermore, not only do you need the equipment, but you also need the electricity. Most bitcoin mining is done at the margins of electricity profitability for power suppliers. Mining tends to move to where the power is and not vice versa. So using hydroelectric dams, solar panel farms and geothermal at the margins tend to be how mining equipment is powered. Typical miners get rates of anywhere from $0.025/kWH to $0.06/kWH. These tend to be the absolute lowest rates, and most power companies require very long contracts to supply at rates this low.
Due to the increasing price and, thus, energy requirements, obtaining sufficient electricity to run a mining farm has become much harder over the past few years. When the Bitcoin network was small, it was perhaps possible to obtain enough electricity to run equipment that could supply 51% of the hash power, but that’s become less and less feasible over time. The power consumed by the Bitcoin network continues to grow, and an attacker would need to obtain a significant amount of electricity in order to successfully execute the attack.
There probably are some power companies that can supply 51% of the total network energy consumption at once, but good luck trying to convince them to sell you that much in a single burst. The power business is one where consumers are locked into lots of long-term contracts: A short-term, intense burst of power for a week or two is not practical, and if it is possible, it tends to be very expensive. Remember, there are factories, businesses and farms — not to mention homes — that rely on the electricity that these power plants supply to continue operating. These can’t simply be shut off to supply a hypothetical attacker with electricity.
In other words, as an attacker, you’re going to need access to some serious amounts of electricity, which is not likely going to be available to you without controlling the power source yourself. So not only do you have to control 51% of the potential hashing power, but you’ll likely need to generate the electricity yourself.
The capital costs of doing a 51% attack are enormous. You’ll need a large supply of really good mining equipment and a ton of electricity, neither of which you can buy off the shelf. This means that you’ll likely need to produce your own mining equipment and possibly produce your own electricity. This likely requires years of lead time to produce the equipment and long-term contracts to get the required electricity. Economically, investing this much capital would only make sense if you could profit enough from the attack as to make the venture worthwhile. There are several ways to attempt to profit from this, including shorting the market or attempting a double spend, but they all require some off-ramp to take the money and run. This used to be much easier but is no longer due to the AML/KYC laws surrounding most exchanges.
Furthermore, getting an operation like this together means that the attacker has enormous revenue potential through honest mining. This is much less risky and requires much less capital investment up front as you don’t need 51% of the network.
In other words, economically, it really doesn’t make any sense to do a 51% attack due to the costs and risk involved. Altcoins with a much lower hash rate are much more economical to attack this way.
The only real potential for 51% mining attacks come from state-level actors. Assuming it’s a single sovereign, such an entity would need to not care at all about the cost, have access to incredible amounts of energy and have motive to attack Bitcoin. Again, this does not give the attacker control of the network, just the ability to attack a small slice of it. Leaving aside motivation, let’s look at the practical logistics.
In order to pull off something like this, even a sovereign nation would need to coordinate a lot of pieces to make it work. A government would need to get a large supply of hashing power, either through its own factories or through commandeering the needed equipment. This is not likely to be secret for very long and the community would likely be able to prepare. Similarly, a government would need to get a large supply of electricity in the same way. Again, this is not likely to be secret for very long. The coordination necessary would be at military levels and this is not something that most governments know how to do.
And all this for what? A single double-spend that screws over a particular exchange? Again, such an attack does not destroy Bitcoin. The rest of the network keeps chugging along and if the attack is sustained, there are decentralized ways to nullify even the most hash-heavy attacks. This is not a single point of failure in the least because, simply speaking, Bitcoin won’t fail that easily.
Why Altcoiners Are Obsessed With 51% Mining
So the question then turns to why so many altcoiners bring this up so often.
First, it’s one of the only things that’s even slightly perceived as a vulnerability in Bitcoin. Remember, altcoins are competition to bitcoin and like any good competitor, it helps to FUD your competition to make yourself look better. It’s a great way to distract people from the shortcomings of the centralization that their altcoin clearly has.
Second, they’re usually trying to sell proof of stake or proof of storage or some other nonsense. This is their way of showing the benefits of their system. Most altcoiners support their altcoin because they really want their coin to be bitcoin. They want to be rich like Trace Mayer but with their coin. That’s another whole article I need to write, but it’s an understandable emotion driven largely by envy.
Mining attacks are overblown, mostly by people that are trying to print their own money (or at least be the elite in the new currency). 51% attacks are too costly to be economical, have too little a payoff to generate much money and are too limited to hurt more than perhaps a few companies or individuals.
It’s even possible that a 51% attack that screws an exchange out of 100 BTC or so wouldn’t necessarily be a bad thing for Bitcoin. Much like the BCH hard fork, it’s possible such an event would prove Bitcoin’s antifragility and cause a large rally.
This is a guest post by Jimmy Song. Views expressed are his own and do not necessarily reflect those of Bitcoin Magazine or BTC Inc.