Introduction
Lucas Nuzzi and fellow researchers have put out a paper that seeks to cut through speculation by providing empirical data on the true costs of attacking cryptocurrency networks.
To find out, we simulated what an attack would look like.
Our paper, Breaking BFT, was published today with some interesting results
papers.ssrn.com/sol3/papers.cf…
1,892
In the realm of digital currencies, Bitcoin and Ethereum stand as pillars of innovation, revolutionizing the way we perceive and interact with money and technology. Bitcoin introduced the concept of decentralized peer-to-peer transactions, challenging traditional financial systems. Ethereum, on the other hand, expanded this vision by enabling smart contracts and decentralized applications, paving the way for a new era of programmable money/value.
At the core of these blockchain networks lies the concept of Byzantine fault tolerance, a mechanism crucial for ensuring the security and integrity of decentralized systems. In simple terms, Byzantine fault tolerance refers to the ability of a network to withstand malicious actors or faulty nodes without compromising its overall functionality. This resilience is achieved through consensus algorithms (For Bitcoin see Proof-of-Work and Ethereum see Proof-of-Stake) that enable nodes to reach an agreement on the validity of transactions, even in the presence of adversarial behaviour.
Throughout this essay, I will delve into the economic viability and security implications of attacking Bitcoin and Ethereum. To provide clarity, let me briefly explain the terms used in this context.
Bitcoin's consensus algorithm is vulnerable to a 51% attack, while Ethereum's is a 34% attack.
A 51% attack refers to a scenario where an entity controls more than half of the Bitcoin network's mining power, potentially allowing them to manipulate transactions or double-spend coins.
Similarly, a 34% attack involves controlling a significant portion of the network's staking power in proof-of-stake systems like Ethereum, posing a threat to the network's
Now that's out of the way, let us embark on a quest to understand the inner workings of two of the most influential digital currencies of our time and the challenges they face in an ever-evolving landscape of innovation and disruption.
So How Much Does This Cost?: Cost Estimation Model
Understanding the costs associated with potential attacks on networks like Bitcoin and Ethereum is paramount to assessing their resilience and viability. A cost estimation model serves as a valuable tool in quantifying the economic barriers that deter malicious actors from compromising the integrity of these decentralized systems.
When we talk about a 51% attack in the context of bitcoin, we refer to a scenario where an entity gains control of more than half of the network's mining power. This significant control could potentially allow them to manipulate transactions, leading to double-spending and undermining the trust in the network. On the other hand, a 34% attack in proof-of-stake systems involves controlling a substantial portion of the network's staking power. For Ethereum than means staked $ETH, posing similar security risks.
The paper's cost estimation model 'Total Cost to Attack(TCA)' takes into account various factors, including hardware expenses, electricity costs, and the overall network hash rate. By analysing these components, it can calculate the financial investment required to execute such attacks, thereby highlighting the economic impracticality and deterrent effect that these costs impose on potential attackers.
Bitcoin:
Hashing Power Costs: The cost of acquiring a majority of the network's hashing power through mining equipment and electricity expenses.
Double Spending Expenses: Potential costs related to executing a successful double spend attack, including the value of the transactions to be reversed.
Operational Costs: Ongoing operational expenses for maintaining control over the network and sustaining the attack.
For Bitcoin, the TCA is estimated to be at least $5 billion and up to $22 billion based on the costs of purchasing enough application-specific integrated circuits (ASICs) to control 51% of the network's hashrate and pay for electricity costs. The article models different scenarios for acquiring ASICs including buying on the open market or manufacturing them.
Ethereum:
Staking Capital: Post the migration to Proof-of-Stake, the cost of acquiring and staking a significant amount of ETH to control the network.
Slashing Risks: Potential losses due to misbehaviour and slashing penalties for validators engaging in malicious activities.
Network Participation Costs: Expenses related to participating in the consensus mechanism and maintaining control over block production.
For Ethereum, the TCA is estimated to be over $34 billion due to the costs of purchasing enough ether to control 34% of the network's validators over a 6 month period. This accounts for limits on how quickly stakes can be deployed. Running over 200 validator nodes would also incur $1 million in cloud computing costs on Amazon Web Services.
In both cases, the costs are significantly higher than most people expect, demonstrating the blockchains are well protected against 51% attacks according to this analysis.
Implications for Blockchain Security
The paper uncovers valuable insights into the dynamics of blockchain security and the resilience of decentralized networks.
One key takeaway is the concept of a Nash Equilibrium, where the costs and risks associated with attacking Bitcoin and Ethereum outweigh any potential benefits for malicious actors. This equilibrium underscores the effectiveness of the security measures in place, making adversarial actions economically unattractive compared to honest participation in the network.
Moreover, the analysis challenges conventional wisdom regarding the relationship between deflationary monetary policies, user-generated fees, and network security. By dissecting the dynamics of fee revenue and miner incentives, the research reveals a nuanced picture of how security is maintained in blockchain networks.
The findings also highlight the proactive role of miners and stakers in securing the network through speculative investments and continuous addition of hashing/staking power. This behaviour, driven by long-term price expectations for Bitcoin and staking rewards for Ethereum, acts as a bulwark against potential attacks, enhancing the overall security posture of Bitcoin and Ethereum.
By emphasizing the economic underpinnings of blockchain security and the importance of a holistic approach to evaluating network security, the research sets a new benchmark for understanding the intricate interplay between technical and economic dimensions in decentralized systems. As Bitcoin and Ethereum continue to evolve, these insights pave the way for further research and advancements in blockchain security practices.
Conclusion and Key Takeaways
In conclusion, the paper's analysis of blockchain security through the lens of cost estimation models and implications for network resilience offers valuable insights for the future of decentralized systems like Bitcoin and Ethereum. By distilling complex concepts into actionable strategies, we can shape the trajectory of blockchain security in the following ways:
Enhanced Resilience: By refining Byzantine fault tolerance mechanisms and leveraging advanced consensus algorithms, blockchain networks can fortify their defences against evolving threats, ensuring greater resilience in the face of adversarial actions.
Proactive Defence: Integrating cutting-edge monitoring and detection tools enables network operators to detect and respond swiftly to security incidents, bolstering the proactive defence posture of blockchain systems and safeguarding against potential attacks.
Community Collaboration: Fostering a culture of collaboration and knowledge-sharing within the blockchain community is essential for elevating security standards. By exchanging insights, disseminating best practices, and engaging in collaborative research, stakeholders can collectively enhance the security posture of decentralized networks.
Innovation and Adaptation: Embracing innovation and a commitment to continuous learning are key drivers for advancing blockchain security. By staying abreast of emerging technologies, adapting to new threats, and fostering a culture of innovation, the blockchain ecosystem can evolve to meet the challenges of tomorrow.
By embracing these principles, we can pave the way for a more secure and resilient future for blockchain technology.
