New Study Unveils the Total Cost to Attack Bitcoin and Ethereum

Revealing the Cost of Compromise: A Comprehensive Study on Attacking Bitcoin and Ethereum

On Thursday, the head of research and development at Coinmetrics, Lucas Nuzzi, revealed a new paper he co-wrote with Kyle Waters and Matias Andrade. "How much does it cost to 51% attack Bitcoin and Ethereum?" Nuzzi posted on the social media platform X. "To find out, we simulated what an attack would look like. Our paper, Breaking BFT, was published today with some interesting results."

The study presents a Total Cost to Attack (TCA) model, a pivotal metric that combines both capital and operational expenses involved in executing a 51% attack or breaking the Byzantine Fault Tolerance (BFT). This metric offers a new lens through which the economic viability of such attacks can be assessed, providing insights into the strong security measures of Bitcoin and Ethereum.

The research meticulously analyzes several scenarios, including the potential for nation-state attackers to compromise these blockchains. Such a detailed exploration of various attack vectors underscores the complexities and costs involved, further emphasizing the resilience of these networks against potential threats.

"As open source, nationless alternatives to systems like central bank digital currencies (CBDCs), nation states might become motivated to permanently disable these systems," the study notes. "However, this gets into a fundamental issue with regard to 51% attacks: it is very difficult to make them permanent. Even in a scenario where attackers simply mine empty blocks and perpetually attack, the network can fight back."

Among other scenarios discussed, the paper delves into the implications of declining block rewards on network security. Contrary to common beliefs, the findings suggest that network security may not directly correlate with transaction fee revenue, challenging prevailing narratives within the cryptocurrency community.

"Declining subsidies have been a particularly salient concern in the context of Bitcoin's long term security and its perceived susceptibility to attacks," the paper explains. "The concern relates to Bitcoin's security depending on subsidies being replaced by user fees." The paper's authors add:

The implicit assumption that justifies such concerns is that Bitcoin fees correlate with security. The higher the fees collected by miners the more secure the network is. Surprisingly while this intuitively makes sense we found this not to be a phenomenon observed historically. Other factors influence the behavior of miners and appear to challenge this assumption.

The study also explores the motivations behind potential attackers, distinguishing between profit-driven and ideologically motivated actors. This distinction is crucial for understanding the different threats to blockchain security and the economic impracticality of attacks for both groups.

Applying the TCA model to both Bitcoin and Ethereum reveals that, despite the myriad of theoretical vulnerabilities, the actual cost of launching a successful 51% attack is prohibitively high. This provides empirical evidence supporting the notion of Nash Equilibrium within these networks.

"As adversarial actions become unattractive when compared to other strategies, such as honest participation in the network or abstention from attacking, we provide the first empirical evidence of Nash Equilibrium in Bitcoin and Ethereum," the paper explains.

Finally, the paper contributes to the ongoing discourse on the long-term sustainability of Bitcoin and Ethereum's deflationary monetary policies. By highlighting the speculative behaviors of miners and the impact of these behaviors on network security, the authors offer a nuanced view of how economic incentives underpin blockchain resilience.

As Bitcoin and Ethereum continue to evolve, the findings underscore the importance of sustained research and adaptation in safeguarding the cryptocurrency frontier against adversarial threats. By challenging conventional wisdom, research typically paves the way for more resilient and economically viable networks, affirming the strength of these protocols against the specter of theoretical vulnerabilities.