Back in November 2023...
I wrote this long-winded 2000 word post about why it's impossible to 51% attack Bitcoin on a practical level within the current economic climate. This is something that even the most hardcore crypto enthusiasts and even career developers essentially fail to understand. So many of us live in this little bubble of what can happen in theory rather than what can happen in actual reality.
Recently I've been getting into debates within this vein, and not a single person I talk to seems to even understand what I'm talking about, which is disturbing on a certain level. I very much feel like so many of us in crypto have completely lost the plot in many respects. The technical knowledge of knowing what can go wrong does not sync up with how the world actually operates.
Take the Steem hostile takeover as the perfect example.
Look at what happened there. We got attacked in the most obvious way we couldn't have gotten attacked: a money-attack on a stake-based chain using a premine. It doesn't get any more obvious than that.
What wasn't obvious was the end result. Hive was created; we took away all the power of the entities attacking the chain. This was perfectly legal; a new token; a new brand. But even more interesting is that Steem copied our code and performed the same action right back at us. This was completely illegal and they lost a court case to prove it. That's the difference between WEB2 and WEB3 rulesets.
The exact same piece of code used in a slightly different context became a felony offense.
This is quite relevant to the concept of double-spend attacks.
Reorganizing the BTC chain is not illegal, but leveraging it for theft is.
With the halving event in the rearview mirror and BTC fees spiking to the moon due to Rune Etchings: many are using this as an excuse to jump on the "Bitcoin is centralized" bandwagon. I not here to argue that point either way in this thought experiment. I'm only making the claim that double-spending is not possible even with majority hashrate.
Rather than go on another long-winded diatribe explaining all the reasons why a 51% POW attack is impossible... I will instead resort to the basic rules of science. All anyone has to do is prove me wrong. My hypothesis is simple: it is impossible to profitably perform this kind of attack within the modern environment. At this point I'm so confident of this assessment that I'll give $100 to anyone who can even come up with a relevant example to the contrary.
Think you can do it?
Who wants a free $100?
Totally up for grabs.
All you have to do is answer some 'easy' questions:
1. Who is performing the attack?
The most obvious choice here would be a mining pool or a coalition of pools that join forces to attack the chain. But who knows: maybe you've got some wild theory about how Blackrock could pull it off or even a government agency.
2. Who is the victim?
Shouldn't be too hard to answer, right?
Who is the entity that loses resources due to the attack?
3. What type of asset is stolen?
When Bitcoin is double-spent it has to be traded for something of value, otherwise the attack is completely worthless. So, which asset was stolen with the fake vaporous Bitcoin?
4. How much was stolen?
What's the dollar value of the theft?
5. Why does the victim have no recourse?
The victim has lost a certain resource to the attacker.
Why can't they get that resource back?
Why can't they sue the entity that blatantly robbed them?
6. How is the attack repeatable?
Is this something that can only happen once before everyone wises up to it? If so it's not a real threat unless the amount of money stolen is in the billions (or at least 9 figures). One-and-done smash-and-grabs need to reflect a much higher payload.
7. What does the attacker lose?
The perpetrator of this theft has pulled off a heist of epic proportions. Do we know who did it? Do they have a business (like a mining company)? Did they have a high standing and reputation within the community? Do they have to drop off the grid and look over their shoulder until the statute of limitations kicks in? Or did they get away with it like a ninja? Explain.
What's in the box, man?
Seven questions
Should be easy enough, amirite? I will give $100 to the first person who can convincingly answer these questions. Wow me. I would be shocked if anyone could convince me they've found the solution... or any solution that's even close to plausible for that matter.
Self assessment
After the questions are answered I'd like to see a self-assessment that answers two additional follow-up questions:
What's the chance of this happening?
Do you think the chance of this version of events happening in the order described has a good chance of happening vs other theories?
Do you think you could convince anyone that this is the most likely attack vector?
Say you went onto Crypto Twitter with this theory. Would you be able to convince anyone there that this is a reasonable attack vector? Or would they just look at you like a crazy person?
Why are these questions important?
The one unified standard between everyone that talks about the potential for an attack of this nature is that they NEVER answer any of these questions. Never. Ever. They will always keep it as vague and generic as possible because once they start getting into specifics the entire concept completely falls apart.
Here is how it goes every single time:
Mining is centralized so therefore Bitcoin can be 51% attacked.
That is where it begins, and that is where it ends.
This is a zero-thought argument.
Any type of follow up questions like the ones I just posed render it completely and utterly ridiculous.
For example:
If the attack is a doxxed entity like a mining company, hedge fund, or government... these people can't openly break the law like this and get away with it. They will be sued, and they will lose. Guaranteed.
The chance that a non-doxxed entity could acquire this level of hashrate is so close to zero we might as well call it zero. Was this true in in 2010 when we could mine a block on our laptop? Of course not. This is why I use terms like "in the modern economic climate". The passage of time has changed the ecosystem completely.
Who is the victim?
Imagine the person double-spending Bitcoin wants to steal 20 Lambos. Well that's going to be tricky because how are you going to pay for 20 Lambos with Bitcoin and then reorganize the chain to take back your Bitcoin within the span of 30 minutes? Block reorganizations past one or two blocks are extremely unlikely, which is why all exchanges require a minimum of three confirmations.
Given these technical limitations it becomes obvious that the only possible victim of a chain reorganization is going to be an exchange, and the only asset that can be stolen is some other cryptocurrency who's operations aren't going to get reversed. In almost every other case the attack simply isn't going to make any sense whatsoever.
And even in the case of an exchange getting attacked it makes no sense. Imagine being an exchange and someone sends you millions upon millions of dollars in Bitcoin to a non-doxxed account. Then immediately after 3 block confirmations they dump it all for alts and instantly initiate a cash out to other chains.
Does anyone actually believe that this type of behavior isn't going to raise multiple red flags and get that account frozen? Any exchange that gets tricked by a move like this is simply incompetent. It's not a real threat, and at best it happens one time and every exchange immediately beefs up their security as a result. Consider it a hard-learned lesson at worst... and a completely ridiculous plan on the average since it would almost certainly fail and be incredibly expensive to even attempt.
What does the attacker lose?
Again a question that never gets asked, let alone answered. An attack like this is almost certainly going to tarnish the reputation of BTC. If the attacker has a bunch of BTC... then they are attacking themselves. If the attacker has a mining company: they are attacking themselves. If the attacker loses their business or reputation: they are attacking themselves. Make it make sense.
Conclusion
I hope I have more adequately explained this issue. For anyone who believes I don't have this completely figured out go ahead and try to answer my questions. There's potentially $100 in it for you. Putting my money where my mouth is on this one. Profitable block-reorganizations on Bitcoin have become an impossible feat. Bitcoin has reached "too big to fail" mode in this regard. It still has many other problems to work through but this isn't one of them.
Even if a single entity had 90% of the Bitcoin hashrate it would not matter within the context of double-spend attacks. Not only would this entity be doxxed, but also the Bitcoin network itself would simply fork to not allow reorganizations longer than a certain length (say 5-10 blocks). Bitcoin has much bigger problems to worry about other than this tired and outdated Byzantine Fault Tolerance debate.
I don't think bitcoin can be 51% attacked. However, it could be rendered unusable due to etchings on sats. Who would want to do this? If a state actor wanted to stop bitcoin from challenging the USD, they could simply print to infinity and buy rune block space pushing $100 dollar UTXO's with $10,000+ transaction fees. BlackRock could certainly manage this and they would be getting their own money back since they own the miners as well. The question is, how long could they do this before the USD is toast? Would love to see a math formula for that.
edit:
Or maybe Blackrock eventually ends up with a lot of the bitcoin if they pursue this avenue (in the form of fees). They were too late to corner the market. But what happens if the value moves elsewhere to where there's less friction? Then BlackRock has sent itself into oblivion.
The biggest flaw with this angle is the assumption that Bitcoin challenges USD.
How is that possible?
The ultimate function of a fiat system is that debt is easy to create and that debt has a stablish value. Bitcoin, and in fact all crypto, is not trying to compete with these functions. In fact Bitcoin is the most pristine collateral the world has ever seen, which is something that all debt-based economies have been in desperate need of. So not only does Bitcoin not compete with fiat; it helps fiat quite a bit. This will become more obvious as the bankers start creating Bitcoin derivatives... the first of which has already been created in the form of an ETF contract.
Just because the creators of crypto said it competed with fiat doesn't mean it actually does. In the end it makes sense that permissionless systems that bankers could use for their own ends was actually going to help fiat and debt-based ecosystems; perhaps more than any other technology ever invented.
At this point I guess even if Blackrock would own 10% of all BTC, this influence would not be enough, but they are far from that.
Even though I do not have a humiliation fetish, I'll give this a go, but I'm not answering the questions exactly because I don't want the money.
The year is 2022, China becomes increasingly more and more worried about Bitcoin providing an alternative to the Yuan for its people, but in this new theoretical timeline, the CCP offers tax incentives to Bitcoin miners and builds a ton of renewables to provide cheap electricity.
The plan works and more than 51% of all Bitcoin mining power is within Chinese territories. The CCP acts, raids all the mining facilities and forces them to collude under threat of jail time.
The miners collude to force the network to double spend on a single 0.5 BTC transaction.
They leak the double-spend, or don't and wait until someone else finds it. The world freaks out that double-spending BTC is possible, panics and there is a run on Bitcoin because everyone is worried that their funds are next.
The CCP successful creates doubt in the Bitcoin network and as a result it's no longer a threat to the Yuan.
I know it's not exactly following your question format, and this idea isn't mine, I just remember reading someone's blog about it.
Hm yeah that's pretty good but I don't see the part where China made money.
All they did was discredit the chain and they were willing to actually pay and lose many millions of dollars millions to accomplish their goal.
The funny part about this scenario is that the actual attack on Bitcoin ends up being the cheapest bullet point by exponential margins. The tax incentives and the raids and the employed force are way more expensive than the actual reorganization. And while they are doing this they keep it all completely secret? And who did they steal from and why does anyone care about such a small 0.5 BTC theft?
This entire plan hinges on the assumption that Bitcoin is a threat to China. Which it is not as Bitcoin is actually a net asset to China so they lose even more money attacking it. My final thought on this is that a double-spend can't be "leaked". It doesn't happen in secret; every node can see that the "real" blocks were orphaned and new "fake" ones put in their place. It's a blatantly public ordeal.
Are you implying that Bitcoin is being stolen here?
Because it's actually the exact opposite.
Nobody has lost any Bitcoin.
The attacker spent their BTC twice.
See this is why I demanded everyone answer the questions.
Because simply the act of trying to answer them is a learning experience.
The relevant question here being what was stolen and how much.
It is not possible to steal Bitcoin with Bitcoin.
Nobody trades BTC for BTC.
Sorry! I got a phone call halfway through writing that comment and just kind of trailed off there... (and then forgot about).
My point was that the CCP wasn't trying to make money from this adventure, they were trying to discredit the Bitcoin network because they are an authoritarian government and want as much control as possible over the movement of value of it's citizens, ie, WeChat.
I misspoke when I said everyone would be worried that their funds are next.. I should have actually said something like "everyone is worried the perpetrators could double-spend as much as they like". The initial 0.5 BTC was just to show the network that it could be done, to undermine faith in the network, not to actually steal or extract any value. Keeping it a secret would basically aim to confuse everyone who doesn't initially know who, what or why the double-spend happened to inspire a bank run.
In this hypothetical the CCP isn't trying to make money at all, they're trying to undermine the integrity of Bitcoin and its decentralized nature.
But it is possible to calculate the private from a public key using quantum computing. Not now, but -and that is the point - in x years, whereby x is unknown! Could be 20y, but could be earlier.
Ah yes very nice I was thinking about this pathway last night.
It is a somewhat relevant concern.
But why stop there?
Why not just make up some other secret technology that can do the job today?
The ironic thing about the Quantum Computing angle is, just like the double-spend problem itself: it's entirely theoretical. The way quantum computing works is very niche with a narrow range. It can't just be assumed it will be able to perform this function.
And even if it can do the job: software development continues to prove itself exponentially faster than hardware development. We already have quantum resistant solutions ready to go live now. They are just more expensive to implement and everyone is waiting to be forced to use them. Capitalism is telling us that waiting to get attacked and fixing the problem in response is cheaper than fixing the problem now and never getting attacked.
So the reason I demanded everyone answer the questions (but nobody has yet) is that we come up with something like this:
Now who are they stealing from and for how much? Is the project secret and nobody knows the USG is pulling this off? The problem here is two fold.
The United States Government has a much higher financial incentive to allow Bitcoin to flourish and simply legally confiscate anyone's Bitcoin who they deem to be a criminal. The USG holds BTC. The USG is in bed with characters like Blackrock who want BTC to succeed. Attacking it in this way is not an option when stealing the asset directly is far more profitable and legal.
Monero's XMR and privacy Zero Knowledge Proofs?
The one last final thought here is that quantum computing absolutely could completely destroy tokens like XMR. The government actually does have a reason to attack privacy coins hard. And if they can rig a quantum computer to pull this off that means they can secretly print as many privacy coins as they want and never get caught. Unlike BTC where everything is public: no one will even be able to know that an attack exists. Now that's a real threat worth exploring (later).
Agree on the USG motives, my intention was not to proof any point, just that QC should be added in the context, as we can´t be 100% sure. Wasn´t aware that such solutions are already in the drawer - even better then.
Agree also on XMR, therefore I am very cautious with buying this and likewise tokens.
That is a close case.
This is one of the most under-celebrated moments in all of crypto. Even Vitalik was tipping his hat to the community.
It's evident that you were so unsure that someone actually would be able to snatch you off those $100 of the prize that you are offering through a good and very convincing argument against your theory. That you even had to add two more questions to the seven from which you hope to obtain an answer that will convince you of the opposite of what you think and claim so you can loosen those 100 buck$.
Because in fact, there is basically only one answer that encompasses and convincingly answers each and every one of the nine questions. Have you ever heard of "The Dark Side Of The BTC Rainbow" theory? Because if you haven't heard of this theory before, I'll just tell you that the correct answers to each of the nine questions you've asked, are all already in the body of your own post. Now give me my hundred dollars stingy!
That's cute.
Someone thinking they could win without doing the bare minimum requirement was not on my Bingo card. The community never ceases to amaze.
¿What bare minimum requirement?
I admit that in my previous comment the flowery, different and extravagant prose that I used to express my opinion and point of view in relation to the fact that I agreed with your vision of what you had written and therefore it didn't give room to answers that could respond satisfactorily to any of your questions to convince you otherwise, perhaps it was a bit confusing.
I guess I should have just responded with a simple: "Yes, I agree that it's impossible to 51% attack Bitcoin." But as you know, I am not one of those who give answers that are too short and simple. No, I like to make people think!
And now we can already see that in the midst of your amazement, you got lost along the way to clearly understand the true meaning of my overwhelming prose by telling you that all the answers you were looking for; you had already written them yourself in your own post and therefore there was nothing more to add.
But nope, now you look for any excuse to not give me my 100 buck$.
Sounds like we are both misunderstanding each other.
These things happen.
LoL yeah, with me that seems to be more than frequent.
Here's something we can agree on.
What is this theory about, in 2 sentences? I have unfortunately no time to dive through your 10 linked videos.
In 2 sentences?
Well, better in just one sentence. That it always will be a big problem for people who don't have the time to dive through few links and a handful of videos to learn or find out anything new if it really was something that made them curious and caught their attention. };)
But that sentence was not about the BTC rainbow theory. Makes me suspicious you are either not able to focus, or that the theory has no point.
Of course. You are right. Either of the two options you point out could be the correct one to dispel your suspicions. However, you will never find out unless you find the time to confirm it. Take your time mate, there really is no rush. :)
One wise guy once said, if it is not possible to summarizes a concept in 2 or 3 sentences, it probably is not worth it to find out more about it. Even the highly complex relativity theory or quantum interference one could without any problem summarize in one sentence, what it is about. But if you prefer to hide the concept in 5 videos, so be it.
Great saying that of that wise guy. I agree.
However, if I already explained everything extensively and intensively in my post, why would I now want to summarize the theory in one or two sentences for anyone who doesn't have the time to absorb it?