There is <i>absolutely no way</i> to 51% attack a major coin like Bitcoin for as little as $700k an hour. They are extrapolating from Nicehash's mining rental prices, but Nicehash doesn't have anything like the capacity you'd need.<p>You can see here[1] that nicehash has about 500 PH/s (500,000 TH/s) available for rent. However, Bitcoin's total hash rate right now is 100,000,000 TH/s[2]. This means that if you rented out the entire nicehash market, you'd have 0.5% of the hash rate you need.<p>Could you get the other 99.5% by buying lots of mining hardware? Theoretically yes, but realistically no. Bitmain is a major supplier of this kind of hardware, so let's use their prices as a reference. They're currently promoting a 67 TH/s unit for $1585 [3]. You would need more than 1.4 million of these units, at a cost of over <i>$2.2 billion dollars.</i> Not that any supplier can fill an order like that quickly.<p>And we haven't even gotten to the power and operations costs. You'd need dozens of huge data centers to run all this hardware, each one consuming astronomical amounts of electricity. You'd probably pick your data center locations based on availability of cheap power and labor, and you'd become a major commercial presence in each of those towns. The local papers would have photos of you shaking hands with the mayor as your data centers open up. Everyone would know what you're doing, including the FBI.<p>[1] <a href="https://www.nicehash.com/my/marketplace/SHA256" rel="nofollow">https://www.nicehash.com/my/marketplace/SHA256</a>
[2] <a href="https://www.blockchain.com/en/charts/hash-rate" rel="nofollow">https://www.blockchain.com/en/charts/hash-rate</a>
[3] <a href="https://shop.bitmain.com/product/detail?pid=00020200117151322700cA9h5cat0694" rel="nofollow">https://shop.bitmain.com/product/detail?pid=0002020011715132...</a>
Computational power is not a good proof of anything. It devours energy and disproportionately rewards weird market actors (like people with custom mines ASICs).<p>I always wondered whether storage could be used as proof of stake. It might use less energy and it probably will have much better effect on the IT industry as a whole. First, mining ASICs are not general computational devices and cannot be used for anything useful. On the other hand, storage is storage and can be repurposed. Second, it will up the prices for storage hardware, but that is probably a good thing in the long run. (Consider how super-cheap storage enabled unlimited surveillance and software bloat, for example.)<p>I don't know whether access to storage can solve all the problems a blockchain solves, but it can solve some. Like proving that you're a real actor in the system, rather than a temporary fake.<p>Some random ideas I had about how this could work:<p>If you want to transact with someone, they send you a challenge that consists of a set of addresses in a large file. You must respond with a hash of data at those addresses, problematically proving that you have the entire file.<p>This is the foundation. There are obvious challenges to how useful this is. Many of them are solvable.
If you're capable of playing a long con, it costs much less than the stated dollar prices.<p>With Bitcoin, for example, a smart malicious actor could infiltrate the Core development team and through their social capital make certain malicious pull requests get merged. This way, if the chain ever splits (let's say, due to a bug you planted), you can actually also influence miners to hop onto a minor chain without you ever owning any hashing power!<p>To see how this is done, look at the 2013 Bitcoin fork and see how a couple developers steered large miners away from the majority chain: <a href="https://freedom-to-tinker.com/2015/07/28/analyzing-the-2013-bitcoin-fork-centralized-decision-making-saved-the-day/" rel="nofollow">https://freedom-to-tinker.com/2015/07/28/analyzing-the-2013-...</a><p>The only counter-argument to this is how code reviews should catch this, but history has clearly shown that bugs (including supply-inflation-causing ones) make it into cryptocurrencies all the time: <a href="https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures" rel="nofollow">https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposu...</a><p>Hash Rate is security theatre.
By definition, to execute a 51% attack on Bitcoin, you would need to buy computing power greater than 100% of the entire network's current computing power. In other words, you would single-handedly <i>double the global demand for computing power in this market</i>.<p>Is there enough supply readily available to satisfy a doubling of global demand? How much would it cost to bring such computing power online? How quickly could it be done? Wouldn't the price of computing power skyrocket?<p>EDIT: Meekro's comment elsewhere on this page makes essentially the same point in a more concrete manner: <a href="https://news.ycombinator.com/item?id=22161500" rel="nofollow">https://news.ycombinator.com/item?id=22161500</a> -- I think his comment is better; read it. Also, see bencxr's analogy with trying to control 51% of global oil supply: <a href="https://news.ycombinator.com/item?id=22161575" rel="nofollow">https://news.ycombinator.com/item?id=22161575</a>
1) If a big crypto-community notices an attack, the cost of a 51% attack would rise<p>2) There are mechanisms to offer smaller cryptocurrencies Bitcoin level security, like Komodo's Delayed Proof of Work (<a href="https://komodoplatform.com/security-delayed-proof-of-work-dpow/" rel="nofollow">https://komodoplatform.com/security-delayed-proof-of-work-dp...</a>)
Can someone ELI5 how these numbers fit together? It costs me $3/hr to 51% DeepOnion, which has a market cap of $1.95M. In practical terms, what does that mean?
It feels surprisingly cheap.<p>Take bitcoin, a 105Billion cap can be subverted for just 700K per hour?<p>Not to mention DeepOnion for 3 bucks an hour. I can see people do that just for lulz.
These numbers are based off the current price of hashrate. As soon as you try to buy significant amounts for larger currencies like Bitcoin, the numbers skyrocket.<p>The nice-hashable column on the site shows how much hash power is available for purchase.<p>To read the page naively would be a little like claiming one could hoard 51% of the oil supply given today's price at the pump. In reality, as soon as you started buying in large quantities, the price would skyrocket (making that attack very much more costly), suppliers would cut you off, and others would notice.
I pointed this out elsewhere in this comment thread, but resurfacing here since it's perhaps not as clear as it should be: The attack cost is based on the the extrapolated cost of attacking the given coin based on the current hashing price on nicehash. If < 100% of the necessary hashing power is available via nicehash, it's greyed out, and the nicehash-able column shows a value of < 100%.<p>Another caveat: It's potentially cheaper to attack these coins than the number shown on this site since you receive block rewards from the time period when you attack a coin. In a lot of cases this will recover a majority of the money you spend on the attack. That said, this isn't guaranteed, and you are forced to put up this amount of money in order to carry out the attack.<p>Disclaimer: I built crypto51 ~a year ago
Since it took a while for me to understand this. A 51% attack doesn’t let you steal money from anyone. It essentially lets you block all transactions from making it to the blockchain. Nodes will still verify all transactions and ignore transactions that are invalid.<p>Edit: you can also create multiple forks and switch between them. External viewers will see both forks and if they don’t or can’t handle the difference they could experience a double spend.<p>That being said any miner has the ability to sort transaction any way they want which can give them an advantage. So if someone has a lot of hashing power they can use that ability to delay certain transactions or to give preference to others.
As I recall, last time this was posted, Monero was still on this list. Now it is not. Did the new PoW algorithm for Monero essentially remove the 'rentable hashing power' available?
Anyone know how to calculate the revenue side of these attacks? E.g. if it costs 700k to attack the bitcoin network for 1 hour, how much money could you make in that hour (say based on average transaction volumes)?
$705k per hour for Bitcoin - these numbers sound very expensive.<p>Do they take into account that during an attack the attacker will earn block rewards and transaction fees?<p>Because if not, then they vastly overestimate the costs.<p>This sounds like it is based on the some energy price that would be needed to do 51% of Bitcoins hashing.<p>Doing so could very well be profitable.<p>The reason it would be hard to do is that the attacker would have to gather a ton of hardware that way way exceeds the energy costs.
QuarkChain QKC $6.01 M Ethash 10 GH/s $7 69,816%<p>So 7$ is the nicehash cost? But isn't nicehash an out of the box solution? So if I wanted to actually execute a 51% attack I'd have to deploy my own malicious mining software to the nodes, that then issued an invalid transaction and <i>forced</i> consensus on it ... is that the idea? Can someone who knows a little bit more about this fill me in?
Also relevant, one the front page of HN today: Bitcoin Gold hit by 51% attacks, $72K in cryptocurrency double-spent<p><a href="https://thenextweb.com/hardfork/2020/01/27/bitcoin-gold-51-percent-attack-blockchain-reorg-cryptocurrency-binance-exchange/" rel="nofollow">https://thenextweb.com/hardfork/2020/01/27/bitcoin-gold-51-p...</a>
Interesting article on this topic:<p><a href="https://blog.coinbase.com/how-coinbase-views-proof-of-work-security-f4ba1a139da0" rel="nofollow">https://blog.coinbase.com/how-coinbase-views-proof-of-work-s...</a><p>Also, Ethereum is transitioning to proof of stake which will make attacks much more expensive because an attacker must acquire large amounts of ETH for each attack.
51% attacks on most currencies are quite easy if you attack the mining pools.
<a href="http://blog.kevmod.com/2019/01/pooljacking-easy-51-attacks-against-bitcoin-and-ethereum/" rel="nofollow">http://blog.kevmod.com/2019/01/pooljacking-easy-51-attacks-a...</a>
DASH's is incorrect. It has some protection against this vector of attack called "Chain Locks"<p><a href="https://cryptobriefing.com/chainlocks-dash-network/" rel="nofollow">https://cryptobriefing.com/chainlocks-dash-network/</a>