{"id":10765,"date":"2024-02-16T15:34:18","date_gmt":"2024-02-16T13:34:18","guid":{"rendered":"https:\/\/forklog.com\/en\/coinmetrics-assesses-the-cost-of-a-51-attack-on-bitcoin-and-ethereum\/"},"modified":"2024-02-16T15:34:18","modified_gmt":"2024-02-16T13:34:18","slug":"coinmetrics-assesses-the-cost-of-a-51-attack-on-bitcoin-and-ethereum","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/coinmetrics-assesses-the-cost-of-a-51-attack-on-bitcoin-and-ethereum\/","title":{"rendered":"CoinMetrics Assesses the Cost of a 51% Attack on Bitcoin and Ethereum"},"content":{"rendered":"<p>States can no longer destroy Bitcoin and Ethereum networks through a 51% attack due to the &#8220;astronomical&#8221; costs involved, according to CoinMetrics experts.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">How much does it cost to 51% attack Bitcoin and Ethereum?<\/p>\n<p>To find out, we simulated what an attack would look like.<\/p>\n<p>Our paper, Breaking BFT, was published today with some interesting results \u2b07\ufe0f<a href=\"https:\/\/t.co\/fpcpkPhy5B\">https:\/\/t.co\/fpcpkPhy5B<\/a> <a href=\"https:\/\/t.co\/wMbm6b2v0Z\">pic.twitter.com\/wMbm6b2v0Z<\/a><\/p>\n<p>\u2014 Lucas Nuzzi (@LucasNuzzi) <a href=\"https:\/\/twitter.com\/LucasNuzzi\/status\/1758232805882970562?ref_src=twsrc%5Etfw\">February 15, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Theoretically, concentrating 51% of the mining power in a PoW network like Bitcoin allows a malicious actor to conduct various nefarious activities. These include profiting from double-spending transactions, manipulating fees, or executing a deep blockchain reorganization.<\/p>\n<p>For Ethereum, as a PoS protocol, this threshold is 34% of the total number of validators.<\/p>\n<p>CoinMetrics researchers Lucas Nuzzi, Kyle Water, and Matias Andrade used a metric called <span data-descr=\"Total Cost of Attack - \u041e\u0431\u0449\u0430\u044f \u0441\u0442\u043e\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438\" class=\"old_tooltip\">TCA<\/span> to determine the cost of such an attack on the blockchain.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">2\/ These are the boogieman of blockchain security but their costs and expected utility remain a mystery.<\/p>\n<p>To better understand these risks, we simulated these attacks using a new model called Total Cost to Attack (TCA).<\/p>\n<p>TCA is the sum of expenses an attacker would incur. <a href=\"https:\/\/t.co\/dnQgqK4akv\">pic.twitter.com\/dnQgqK4akv<\/a><\/p>\n<p>\u2014 Lucas Nuzzi (@LucasNuzzi) <a href=\"https:\/\/twitter.com\/LucasNuzzi\/status\/1758232811700449756?ref_src=twsrc%5Etfw\">February 15, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The experts concluded that there are no profitable ways to carry out malicious actions with network control. This nullifies the financial incentives for 51% attacks on the blockchains of the two largest cryptocurrencies.<\/p>\n<p>They noted that even in the most profitable double-spending scenario, an attacker could potentially earn $1 billion but only after spending $40 billion.<\/p>\n<p>There remains the possibility of a state attempting to attack the network to destroy it, the experts suggested. However, to conduct such an attack on Bitcoin, it would require purchasing 7 million Antminer S21 ASIC miners at a cost of about $20 billion.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">5\/ But what if a nation-state attacker was resourceful enough to manufacture ASICs for an attack?<\/p>\n<p>We simulated that too. As we describe in the paper, the only model that could be plausibly reverse-engineered is the S9, with a manufacturing cost north of 20B.<\/p>\n<p>The S21 would\u2026 <a href=\"https:\/\/t.co\/vZ4mv4GuH3\">pic.twitter.com\/vZ4mv4GuH3<\/a><\/p>\n<p>\u2014 Lucas Nuzzi (@LucasNuzzi) <a href=\"https:\/\/twitter.com\/LucasNuzzi\/status\/1758233623793205543?ref_src=twsrc%5Etfw\">February 15, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Such a volume of installations simply does not exist on the market, the researchers emphasized. If such a malicious actor finds a way to produce their own mining equipment, they would spend a similar amount. According to the experts, it is most feasible to reproduce the Bitmain Antminer S9. Based on performance, 40 million units would be needed.<\/p>\n<p>A 51% attack on Bitcoin has also never been so costly in terms of electricity expenses: depending on the scenario, the amount would range from $5 billion to $22 billion.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">6\/ Accounting for all attack scenarios and factoring in OpEx (electricity), it has never been this expensive to attack Bitcoin, from the &#8220;naive&#8221; scenario of 5B all the way to 22B USD: <a href=\"https:\/\/t.co\/tBnAy7jLlU\">pic.twitter.com\/tBnAy7jLlU<\/a><\/p>\n<p>\u2014 Lucas Nuzzi (@LucasNuzzi) <a href=\"https:\/\/twitter.com\/LucasNuzzi\/status\/1758234009920766015?ref_src=twsrc%5Etfw\">February 15, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h2 class=\"wp-block-heading\">The Risk of a &#8220;34% Attack&#8221; on Ethereum is Overstated<\/h2>\n<p>Based on TCA modeling for Ethereum, researchers noted that common narratives about the threat of takeover through liquid staking platforms like Lido with a 34% validator share are misplaced.<\/p>\n<p>According to their calculations, using LSD protocols to attack the blockchain would be extremely labor-intensive and costly. Due to withdrawal restrictions from staking, it would take about six months.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">7\/ We also simulated TCA for Ethereum.<\/p>\n<p>Contrary to popular belief, an attacker could not leverage LSDs to buy access to block templates.<\/p>\n<p>Just like the S9 scenario, we need to assume the attacker would have to purchase ETH.<\/p>\n<p>We estimate an attack on Ethereum would take 6 months\u2026 <a href=\"https:\/\/t.co\/hIAWLQ8iBw\">pic.twitter.com\/hIAWLQ8iBw<\/a><\/p>\n<p>\u2014 Lucas Nuzzi (@LucasNuzzi) <a href=\"https:\/\/twitter.com\/LucasNuzzi\/status\/1758234012122861689?ref_src=twsrc%5Etfw\">February 15, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;It would cost over $34 billion. The attacker would have to manage more than 200 nodes and spend $1 million just on <span data-descr=\"Amazon Web Services\" class=\"old_tooltip\">AWS<\/span> services,&#8221; the experts noted.<\/p>\n<\/blockquote>\n<p>Nick Carter, general partner at Castle Island Ventures, co-founder and board member of CoinMetrics, called the research &#8220;extremely important.&#8221;<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">previous &#8216;cost to attack&#8217; analyses of bitcoin have been vague or theory driven. no longer. the CM team developed mine-match, which meant they were able to identify virtually every ASIC mining on bitcoin (based on karim helmy&#8217;s research). this, combined with ASIC 2ndary\u2026<\/p>\n<p>\u2014 nic ? op_cat-er (@nic__carter) <a href=\"https:\/\/twitter.com\/nic__carter\/status\/1758237777718546680?ref_src=twsrc%5Etfw\">February 15, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;Previous analyses of the cost to attack Bitcoin were vague or theory-driven. Not anymore. The team developed a mine-match function, which allowed them to identify virtually every ASIC miner in coin mining,&#8221; he wrote.<\/p>\n<\/blockquote>\n<p>Combined with secondary market data, this allowed for the first time to estimate the &#8220;actual probable cost&#8221; of equipment to gain control over the digital gold blockchain, Carter emphasized.<\/p>\n<p>In January, Trezor analyst Josef Tetek suggested that Bitcoin miners controlling 51% of the power could theoretically <a href=\"https:\/\/forklog.com\/en\/news\/expert-affirms-theoretical-possibility-of-lifting-bitcoins-supply-cap\">lift the coin&#8217;s supply cap<\/a>. However, experts in rebuttals noted that in practice, even 75% might not be enough.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>States can no longer destroy Bitcoin and Ethereum networks through a 51% attack due to the &#8220;astronomical&#8221; costs involved, according to CoinMetrics experts. How much does it cost to 51% attack Bitcoin and Ethereum? To find out, we simulated what an attack would look like. Our paper, Breaking BFT, was published today with some interesting [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":10764,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1395,18,1394,46,1150,167],"class_list":["post-10765","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-51-percent-attack","tag-bitcoin","tag-coin-metrics","tag-ethereum","tag-news-plus","tag-research"],"aioseo_notices":[],"amp_enabled":true,"views":"79","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/10765","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=10765"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/10765\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/10764"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=10765"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=10765"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=10765"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}