Bitcoiners don’t get Bitcoin’s security

This post originally appeared on the Unbounded Capital website and we republished with permission from its author, Jack Laskey.

Let’s take a look at two types of Bitcoin, BTC and BSV. They each have the same supply, 21 million total with roughly equal issuance to date. BTC can process about 7 tps, BSV 6,400 and growing. A BTC transaction costs $2-$10 where a BSV transaction costs $0.0001. BTC has limited programmability where BSV is a fully programmable Turing complete system. Perhaps surprisingly, given these metrics, BTC is currently valued about 100 times higher than BSV. This might sound like BSV is a bit of a steal at the current price, but a BTC advocate is likely to warn potential buyers that BSV’s low price makes it highly insecure.

In BTC-world, the security of Bitcoin is a function of the price. That’s because the security is rooted in decentralization. If the price is high, then it isn’t feasible for a motivated attacker to assume greater than 50% of the network’s hashrate, the amount of computational power being used to mine new Bitcoins. If a motivated attacker could amass this much hashrate, then it is alleged that this attacker could conduct a 51% attack. This is thought to be very bad. Because hashrate is the input to receive new Bitcoins, the hashrate on each version of Bitcoin is directly related to the price of the each asset. Therefore, because BTC’s price is about 100 times higher than BSV’s, the hashrate is also about 100 times higher, and it is thought to be 100 times more secure. Further, because BTC’s hashrate is so much greater than BSV’s, BTC poses an existential threat to BSV. If BTC began to see BSV as a threat, then miners could wipe BSV into oblivion through 51% attacks by directing just a small amount of BTC’s hashpower at the BSV chain. According to AMB Crypto, at the time of publication an hour-long 51% attack on BTC would cost $370k, compared to just $6.5k on BSV.

Thankfully, this hashrate-based view of Bitcoin’s security is incorrect. I’m thankful this is the case for a couple of reasons. First, I believe BSV is a far superior version of Bitcoin. If it could be stopped by a 51% attack by some spiteful BTC miner, then humanity would be robbed of a great tool. More importantly, however, is that this view of Bitcoin’s security is extremely pessimistic and would make any version of Bitcoin far less secure, and therefore far less useful than it is in actuality. If I thought that Bitcoin could be taken down by a motivated attacker conducting a 51% attack, I would be far less confident that Bitcoin could be the foundation of both the world’s financial system and a new internet.

Something doesn’t add up

Unlike BSV supporters who champion the utility of BSV, BTC supporters tend to use some variant of the “money-printing” thesis as a justification for the value of the extremely limited version of Bitcoin which they prefer. BTC as an unstoppable, uncensorable inflation hedge is extremely appealing to investors concerned about inflation draining their bank accounts of value. Many have speculated that the unstoppability of Bitcoin relative to a physical asset like gold makes Bitcoin an existential threat to currencies like the U.S. dollar. BTC supporters are betting that as more people wake up to the threat posed by central banks, BTC will stand out as the most battle-tested option that can soak up the world’s wealth and see the government and banking elites stripped of their power to “print money.”

I think the common view of “money-printing” is flawed (see air-quotes), but let’s take it as a given. If Bitcoin is unstoppable, uncensorable, poses an existential threat to world elites, but is also susceptible to a 51% attack, something doesn’t add up. I actually think all of these are mistaken tenets—Bitcoin is stoppable, censorable, not an existential threat to world elites, and not susceptible to a 51% attack—but at the very least we can see that something here must be wrong. Why wouldn’t at least some global elites find a way to throw half a million per hour to take down the biggest threat to their sovereignty? What’s another $10B hot off the printing press to attack BTC for the next three years? Plus, the price would drop from the attacks, so the cost of attack drops precipitously over time. Easy!

What is a 51% attack?

Before we proceed further, let’s take a closer look at a 51% attack. What is the alleged threat of a single actor controlling 51% of a network’s hashrate? The major concern is that an attacker can replace recent blocks in the blockchain with different blocks of the attacker’s choosing. In other words, the attacker could start from 10 blocks back and use their superior computational heft to outpace the other miners at some point in the future, perhaps after 15 total blocks. At this point, the blockchain would undergo a “reorg” where the last 15 blocks of the blockchain are swapped out for the 16 blocks submitted by the attacker who now has the longest chain (reminder—in Bitcoin the longest valid chain is “the” chain). 

That is all a little bit esoteric, so what are the actual consequences of a 51% attack and what is there to be gained for the 51% attacker? The major concern is that miners decide to execute a double spend. I think this is commonly misconstrued to mean that a 51% attacker can steal anybody’s coins. This isn’t the case. Rather, a miner could spend the miner’s own coins and then replace the blockchain with a new chain that reroutes those same coins back to the miner. In other words, it is a license for the attacking miner to defraud its counterparties. In the current BTC world which is not supported by actual usage but is instead fueled by speculation on exchanges, the concern about a 51% double spend attack translates to a fear by exchanges or exchange users that they will be defrauded by an attacking miner as the counterparty in a big trade.

Where does Bitcoin’s security actually come from?

Understanding why Bitcoin is actually secure equips us to understand why the 51% attack is really just fear mongering. We can already see that the threat of a 51% attack is rather niche. Only those who transact in huge amounts with miners come into the purview of the alleged double spend attack vector. Some may claim that the reorg itself is a threat to regular users, but a chain reorg is not an implicitly bad thing. It is a natural function of Bitcoin, something which all modern BSV based apps are equipped to handle seamlessly from the user’s perspective. The biggest realistic threat to the long term health of the blockchain would be a denial of service attack, mining empty blocks to stop users’ ability to transact. But at the end of the day, all of these concerns are moot. The nature of the harms are different, but the reason for their implausibility is the same—because Bitcoin is public and exists in a world of enforceable laws.

The security of Bitcoin comes from its public nature and its existence in a world of laws. How is Bitcoin public? By its very nature Bitcoin is designed for use in a public way. The system can only be valuable through being public. Ownership of Bitcoin is defined by entries in the Bitcoin ledger. If users can’t see the ledger, they can’t be sure that they really own Bitcoin. Other use cases which use the ledger to store and communicate data are similar in that one can’t know if one’s data is recorded in the blockchain without access to the blockchain. For these reasons and more, Bitcoin will always remain publicly accessible. This is done most easily through the Bitcoin blockchain’s block headers. Each block in the blockchain has a block header which serves as a key to understand what is and is not in that block. Anything in a block can be linked to the block header. Anything not in a block cannot be linked to the block header. Thus, the block headers serve as a map of the entire blockchain’s contents.

Because Bitcoin is public, if a 51% attacked resulted in a reorg, the associated block headers would change. All users, either directly or through their proxy of choice, would instantly realize that this reorg had occurred. The success of the attack requires this realization to occur. If no one realizes that the block headers changed, then the attack hasn’t actually happened since the users would be using the not attacker’s version of the blockchain. Thus, if illegal activities like a double spend or a denial of service attack had occurred, then these activities would need to be announced to the world via the public blockchain. In other words, there is no secret attack. Fifty-one percent attacks are necessarily announced to the whole world and any changes made to the blockchain, where specific damage can be done, is similarly made public.

Committing crimes in public is a bad idea, even on Bitcoin

The nature of a 51% attack is that individuals must be able to command huge amounts of resources to execute one. Even though the hourly cost of conducting an attack can be low, the costs to set up facilities that can execute an attack are very high. Deploying billions of dollars over many years into large data centers that must be able to access large amounts of electricity and connect with other users over the internet is impossible to keep out of sight. Therefore, any miner able to conduct a 51% attack, and realistically any miner who can meaningfully participate in the network at all, will be known to law enforcement. The fact that Bitcoin’s mining process reveals miners to law enforcement is actually a key feature of Bitcoin which brings accountability to the miners—the actors who maintain the blockchain through their efforts. This means that overt illegal activity will be highly disincentivized. When one commits a crime in clear view of the public, one is simultaneously known to law enforcement, and one has invested in facilities now worth billions of dollars, it is unlikely that one would jeopardize their investment and their freedom in a very likely unsuccessful attempt to defraud one’s counterparties.

Not only are these attacks strongly disincentivized because of legal consequences, but they are also strongly disincentivized by economic incentives. It is always more profitable to add to the end of the blockchain than to try and redo old work. It is also more profitable to include transactions in blocks than to deny service. Therefore, the most profitable use of hashpower is always to act honestly within the rules of the system. The system is not gameable because of economics, and it isn’t attackable because of law.

Finally, stealing Bitcoin, the main incentive for a 51% attack, is a bad idea because it is technically simple to reassign stolen Bitcoin to the rightful owner. Admittedly, there isn’t precedent for reassigning Bitcoin. However, it would be technically simple to add an amendment to the ledger which miners honor. I believe an international court order would likely be necessary to spur this process, but a bounty that would justify a 51% attack would likely be of a size that warrants court proceedings which could result in an international court order to reassign stolen Bitcoins. Thus, even if one can evade the law, the fruits of one’s crime could be ripped away regardless.

Misunderstanding Bitcoin’s security has been costly

The fallout of this misconception around Bitcoin’s security model is far greater than just wasted emotional energy over frivolous concerns. The entire design of BTC and most other blockchains has been warped to fight against the 51% boogeyman. The costs have been catastrophic.

The most costly change to Bitcoin has been the limit on block size. In an effort to fight against 51% attacks, changes were made to Bitcoin to increase the decentralization of miners. Among these changes was a 1 Mb limit on the block size, a comically low volume of data in a world where many homes can download a Gb/s and underwater cables exist which can send terabits per second. In fact, this comically low limit has resulted in a false narrative that Bitcoin is highly inefficient. Because the limit placed on the block size severely limited the capacity of the network, many other competing networks emerged which made fatal mistake after fatal mistake in attempting to reinvent Bitcoin’s wheel. Developers mistook a boot on Bitcoin’s wheel for a flaw in the wheel. The fracturing of blockchain efforts across 1000s of doomed projects has hugely retarded the progress of the industry.

The result the misconception around Bitcoin’s security has been billions of dollars and millions of man-hours wasted on projects that have no future and a delay of many years in bringing the benefits of Bitcoin to a large population. Luckily, we have BSV, a version of Bitcoin which is able to function properly because it operates with an accurate view of Bitcoin’s security model. At Unbounded Capital, we believe that this early realization has placed BSV in a commanding position within the blockchain industry, one which has not been recognized by investors. However, this realization is increasingly being had by blockchain entrepreneurs which are flocking towards BSV in increasing numbers. We are extremely excited to see how Bitcoin progresses, in the form of BSV, without having to constantly look over its shoulder to see if the 51% attack boogeyman is on the hunt.

See also: Jack Laskey’s presentation at CoinGeek Live, Transaction Processing: A Key to Drive Adoption of BSV Businesses

New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.