Topic: Bitcoin security risk? How many miners make up 51% of the hashrate? (Read 232 times)

No, such an attack would target miners. Or whomever was required to control Bitcoin. That would be the whole point.

Such a thing would target pools not miners, and as I said it would hurt the system temporarily as people migrate to other pools and issues are patched.

Many do. People who I've introduced to Bitcoin who don't see it as a "get rich quick" thing have a self-custodial wallet.

Got it. Can you tell me what IP addresses on the Internet are owned by AAPL? By TSLA? By... any other public company?

Could you tell me if this IP address is own by a terrorist organization or the Salvation Army: 81.201.75.9 ?

Based on that IP address, what does it tell you?

And we're playing with semantics here: ASICs are chips inside of servers that are owned and operated by companies who can be infiltrated, bribed, or ordered around by a government.


I completely agree. I am not trying to convey that Bitcoin is not, overall, very safe. If somebody asked me, I would tell them it's as safe as many major investment instruments like major stocks and so on. Indeed, most people who invest in Bitcoin will see far more risk from their broker's keeping of their Bitcoin than from Bitcoin itself.

But it's a fallacy to say that Bitcoin is "government-proof", or that it's "impossible" to be infiltrated through either legal or illegal means. There is certainly a risk there that exists. For a government, it would be matter of ordering two companies to do something (or say a small handful of companies) rather than a single company in the case of a bank.

I do not even need to read the rest of your Post.  Bitcoin is impossible to be controlled because it is not a fixed thing.  Bitcoin is not nailed to a wall, it can morph to our needs.  This is why we have so many Altcoins, they are supposed to be alterations to Bitcoin so they can fit particular needs better.

So if a 51 percent attack happens.  Besides the uncertainty and doubt it would create among Bitcoin users, there are ways to put Bitcoin back into a safe place very quickly.  This is automatically a reason for Miners to NOT organize an attack because it costs a lot of Money and at the end of the day all the waste would be on their bags.  If there was a way for them to profit off the attack, it would have already happened probably.  But with no incentive, why would they even try to do it?

Look it's true that mining is not that much safer to do and it is not safer enough to make the Investments but the point here is crypto safer to Invest either?

We have been seeing nowadays that blockchains have failed to provide the enough security that we are expecting. Recently a japani blockchain was hacked and millions worth BTc was stolen from it.  Nothing here is safer now we have to take care by ourselves. Try to avoid doing extra things as much as you can.

ill answer your question with your own words

as for you endlessly talking about nodes.. (facepalm)
miners are ASIC devices.. asic devices are not nodes

If their systems have been hacked, or they have been ordered by their government to do something, or they have been internally compromised then... they will brick their own investment. They wouldn't have any choice.



You can do the hard analysis to see what percentage of Bitcoin transactions are coming from brokers. My guess is that it's almost all of the volume.

Next, try to find somebody you know who doesn't have an account on this forum who has a self-custodial wallet . I personally know zero people like this. Every single person I've ever talked to in person who holds Bitcoin does so through a broker or an app. Anecdotal, I know, but it sure seems like a remarkable coincidence.



If no centralized exchanges existed, and nobody could buy Bitcoin through straight-forward means, I suspect Bitcoin would still be a dollar. Most average consumers don't want to go to all of that trouble.

Yeah, unfortunately there is a small number of mining pools and we need more in order to reach a better decentralization. But an attacker still needs to control miners not mining pools to pull off a sustained attack successfully.

Otherwise, lets say they only need two and pull off a 51% attack. What would that achieve?
A temporary crash + miners abandoning those pools + share holders dumping the hell out of the stocks of those pools (eg. MARA crashed 60% and that was just market reaction to censorship news) + those pools go bankrupt and shut down themselves.

After a while (maybe after 6 months) bitcoin would be back to $70k and rising + new pools pop up + devs get off their asses and find a solution to this centralization ... + the attack becomes impossible in the future!

As I said no business is going to shoot themselves in the foot. If they participate in an attack that would crash bitcoin price, they'll brick their own investment.

It is impossible to know what percentage of bitcoins do things the wrong way. Claiming "most" of bitcoins are like that is just a guess.

95% crash is debatable but they can definitely crash the market with a ban. However, it won't be because people use it in a centralized way. It would be because if dozens of countries suddenly banned bitcoin, people would start panic selling it which would crash bitcoin. Something that would still happen even if not a single centralized exchange (or any other centralized service) existed.

Right. But that was never the question. The question is, what if they are evil?

And over time, it would appear that decentralization is diminishing and the natural consolidation of businesses will probably consolidate it further.


Brands? Huh? What are you talking about?

Can you tell me the "brands" of each of the severs below?

a) 33.171.87.6
b) 103.52.102.88
c) 65.191.4.49

All I see are IP addresses, which can be changed on the fly and spoofed. That's all any software on the Internet sees. How would miners magically know what nodes are "good" and which ones have been compromised? And what actual mechanism is there to "decide" any of this? Certainly no centralized mechanism.

no.. mining pools cant edit transactions owned by others to change the destination of funds.. they can:
edit old BLOCKS to not contain transactions and then catch up with the blockheight to then re-org the chain
then edit only their own transactions to then spend their utxo again if it has been un-wound via a re-org

its not about spending other peoples value. its just about reversing payments and if the reversed payment was one of their own then yes they can respend it to a different destination.. however other peoples now reversed transactions(if reversed) are deemed not spent, which they can either try to rebroadcast to get it confirmed again or the key holder can make a new transaction to spend the utxo value to a new destination..
emphasis third time to save reposting.. mining pools cannot 'take control' of other peoples value to edit the transaction to a different destination

miners know many pools of different brands and which are affiliated or not.. heck even you know which ones are affiliated and which are not. so if 2 pools were colluding. and miner owners working for their pool notice dodgy stuff happening to their pools blocks. the miners can hop to a different pool thats not colluding


as for your mentions about nodes.. well yes we did see the NYA group in 2017(group of economic nodes (main exchanges/services)) collude to say they wont accept blocks from pools that didnt vote positively for an upgrade.. and the opposite can be true too, economic nodes can ignore blocks that do certain things like empty blocks or multiple chain re-orgs or other anoyances

mining pools can change ip addresses of their stratums, but then it will cause continuity of hashrate issues as miners would need to change addresses their asics point to each change. meaning the pool loses power until everyone they had on old address moves over, thus not really a good method to "hide" and still remain powerful.. infact it would be a sign of them doing this that would make miners hop away and avoid that type of pool that keeps switching IP's

51% is not about nodes.. its about hashrate

anyways the many preventatives are about monitoring the blockchain and noticing if:
one pool keeps getting too many blocks in a row
one pool keeps getting too many blocks too quickly
a re-org occurred
one pool keeps doing empty blocks
one pool does [insert many annoyances]

where miners then hop to a pool that does not do the annoyances

it also helps by miners hopping to different pools when pools have a high percentage even when there are no annoyances..  to not get near the odds of them repeatedly making blocks in succession.. as the more miners on one pool the more the reward needs to be shared meaning the miners get less reward and risk having the block rejected if pool does annoying things.. so they are risk adverse to not even let things get to those potentials
also if pools have too much hashrate and making blocks too quickly, it shoots them in the foot by raising the difficulty which hurt their income.. so they naturally try to find a safe balance even when pools are not nefarious
its financially incentivised to:
not make too many blocks too quickly and have too much hashpower in one pool
act honourably to ensure blocks are not rejected(rewards cant be spent if rejected)

Controlling is not an option, it can possible since the possibility don't fall to zero. But it will only be temporary by means it can be rollback or fixed in later blocks by bitcoin devs. So attempting to do so is just a waste of time, money and resources.

The simple answer here would be is that it would take a great deal for any entity to try and control most of bitcoin.

Satoshi is right that as long as they are not evil, they will not do anything to sabotage the decentralized nature of bitcoin at all. Since miners can work independently, it would be difficult to try and convince a lot of them to work under a specific entity especially one with malicious intent.

I don’t know if there is any recent data but bitcoin’s decentralization must be strengthened over time in order to prevent this.

Well okay, maybe it would require controlling more than just two companies in order to take over the network? That's good to know. But it doesn't sound like it would be that many more.


Or, their government of jurisdiction could pass a law ordering them to submit; or, a government or other large entity could bribe, extort, or otherwise convince them to submit; or, their systems could be taken over by hacking.

No "SWAT teams" are necessary to do this.


I have brought this up in other threads as well: today, most holders of Bitcoin do so in a centralized way (a broker or an app with KYC), leading one to conclude that most consumers are not at all interested in "decentralization".

And while a government take-over of control over the whole network is a source of debate here, it's clear if the US or the EU decided one day that Bitcoin was "bad", they could take steps that would easily drop the price of Bitcoin down by about 95%. Again, this is because most consumers of Bitcoin use it in a way that is completely centralized and therefore subject to government regulation. They may not be able to fully "kill" Bitcoin, but they could very easily eliminate it as a mainstream product that average consumers use.

They can't do that anyway, that's because there's a regulations about this and when they reach that, they will have no choice to split up again right so the 51% isn't a possibility. People have been speculating about this problem for a really long time and so far, no one's been able to do it so I don't think that it's ever going to be ever worth it.

Bitcoin is decentralized and has a certain level of privacy that makes it hard to answer this very question because in order to know the degree of centralization of mining we have to be able to measure how much of the hashrate we see in total or on mining pools belongs to the pool itself and how much of it belongs to independent miners who would go away if the pool turned malicious.

This is why you are already getting false information here about Foundry USA and Antpool that leads you to the false conclusion "two public companies in the world that control over half of the Bitcoin network". These companies do NOT control the entire said percentage of hashrate. They are mining pools that actual miners with actual hashrate connect to. The hashrate in their own control is less.
That means if the pool turns malicious, miners would migrate and that percentage would fall.

Also keep in mind that in order for an entity to perform a 51% attack they will have to have actual control over the mining equipment. Meaning the said government has to kick down doors and send SWAT teams to physically seize people's ASICs from their homes (the solo home miners) or from the companies (farms) to be able to first control that much ASIC then provide the infrastructure to install and start mining (ie. massive location, electricity, cooling, staff, etc).
That's because no miner in their right mind would ever participate in an attack against something they are making a profit from because the moment that attack takes place, their revenue would head toward zero. So they either migrate their business elsewhere (offshoring) or just shut down and enjoy whatever bitcoin they already have.

I'm not familiar with NBER works but I skimmed through the 55 page they published and I have to say that's an interesting effort but I still don't like their methodology and the logic they used like the following:
"The idea is that miners in a particular region would most likely send their rewards to an exchange that is
also in this region."
This is a weak logic at best that makes their conclusion unreliable as well.
https://www.nber.org/system/files/working_papers/w29396/w29396.pdf

In any case we should be concerned about centralization creeping in at all times. But I wouldn't make any conclusions on whether things are already centralized or not.

One of the biggest hits on decentralization of mining was when China shut down mining in its territory, forcing them to migrate elsewhere increasing the hashrate concentration elsewhere. We needed this kind of diversification so that if one independent "bloc" went crazy the rest remain sane.

You've talked about the control of governments of Bitcoin but you haven't talked about the big investors that control and manipulate that market of Bitcoin. You can't just hide one thing by  enforcing over another thing.Yoh should have a debate on control of big investors on BTC prices.

Ive seen people applying the best techniques and skills that could be possibly applied for the prediction of trade but often then they have seen suprisingly behaviour of BTc that wasn't expected by anyone so why's that?

Really? What regulations? Under which jurisdiction? And Bitcoin mining is... regulated? Are you sure? Are you telling me there's a law saying Bitcoin miners can't "monopoly" the hashrate? I find it pretty crazy that the US Congress was able to construct such a law on such a specific and complicated technology.

(Of course there would be no "monopoly" necessary here since all that is required is 51%).

And we're talking about a scenario where these two (two!) companies would either be compelled by a government using the law or attacked by a government using force of some kind (network infiltration, etc.).

If they do that, both Foundry USA and Antpool will be sued for breaching regulations, remember that big companies are under regulations and they can't monopoly the mining pools. Many mining pools had been sued for done something that give them own benefit, so I wouldn't worry so much about conspiracy thing.

So far many of the posters here seem to have missed the point I was making about the risk.

1. The attack would not entail one lone miner, but rather many miners in a coordinated attack/government order.

2. There would be no incremental cost for such a move since these are companies that already have the servers in place and are mining for the network every single day. The challenge here is convincing/forcing/tricking a smaller number of companies to do something, not duplicate what they are doing already.


So... there are two public companies in the world that control over half of the Bitcoin network. Okay. So much for being "decentralized" .

Seriously, what is to stop the USA/EU/some other country from simply ordering these two companies to change Bitcoin's central software in order to make it do different things e.g. give Satoshi's blocks to charity?

One other thing that keeps coming up here is the notion that "somebody" could reject the participation of miners who are, upon deep analysis, breaking the rules. Who enforces that rules? How? I get that any of us here could simply do our own calculations, but what would be the exact mechanism wherein the network, without any central authority whatsoever, would "reject" this software change?

Perhaps I have my answer below?


Um, that sounds like... total control of Bitcoin to me . Seriously, if I could double-spend and validate blocks without the private key, that's... absolute control of the network, at least in terms of Bitcoin's actual function.


How would you know which is which on the fly? And what is to stop the majority hashrate from doing it's own "pool hopping" or for that matter any individual miner today? If users of the network can simply pick and choose the nodes they will and won't work with, then that means a 51% attack is even easier since the "good" nodes would be instantly iced out and deemed "evil" by the "evil" nodes.

And if you are talking about doing things based on ip addresses, then boy oh boy, there are lots and lots of problems with that. IP addresses can change in milliseconds, there are many ways to change/cloak them, and so on. No serious secure system on the public Internet uses ip addresses as a mechanism for identity.

So question is, how would one stop a 51% attack? From my understand of the network, a "51% attack" would immediately turn into a "49% attack" by the losing minority, and the "good" nodes would be treated as the "evil" ones.

This has been discussed over and over again. And I think there is consistency in the assurance that, though this is a possibility, this is far from happening. For one, an attacker needs "between $5 billion and $20 billion" to be able to attempt such attack.^[1] Second, there is not much you can gain from it.

If you wish to make money, it would be way more profitable for you to use your resources to support the network rather than to attack it. On the other hand, if you wish to just bring Bitcoin down, it wouldn't work either. With your $5 billion to $20 billion, all you can do is attack the network for a little while. Neither can you totally control the network nor sustain the attack.

[1] https://cryptopotato.com/this-is-how-much-you-would-need-to-spend-to-execute-51-attacks-on-bitcoin-and-ethereum/