51% Attacks Become Easier as Miners Consolidate Originally published in XTRABYTES Today As mining profits dip, mining companies find it advantageous to consolidate. Unfortunately, this centralizing effect increases the likelihood among smaller coins that they will suffer a 51% attack. In a highly competitive market, companies sometimes consolidate in an attempt to achieve economies of scale. The phrase refers to a company’s capacity to increase output so as to decrease cost per unit of output. Industry consolidation frequently occurs to achieve economies of scale. It’s especially common when companies suddenly find themselves unprofitable and unable to lower overall costs. This is the environment that cryptocurrency miners have currently exist in. Major mining operations have banded together in an effort to lower their electricity costs (by making larger purchasing commitments). They’ve also begun to make their own hardware, thereby gaining a competitive advantage over individual miners. After all, many miners are still reliant on external manufacturers for chips and machines. Aside from regaining profitability, miner consolidation may also be locking out potential industry entrants. As Michael Porter states in Competitive Strategy: Creating and Sustaining Superior Performance, “Economies of scale deter entry by forcing the entrant to come in at large scale and risk a strong reaction from existing firms or come in at a small scale and accept a cost disadvantage.” Whereas unknown miners once constituted 40% of bitcoin’s hashrate, today they only constitute 4% (at most). Individual bitcoin mining became unprofitable after bitcoin’s price dipped below $4500 (last seen in mid-November). Further mining consolidation will increase the security threats that proof-of-work cryptocurrencies currently face. While detrimental in their own right, these security threats also risk derailing investor confidence in digital currencies as a whole. Hitting Crypto Where It Hurts As mining companies consolidate, their capacity to achieve majority control over a cryptocurrency network becomes easier. Today, many large mining firms need only collaborate with one or two similar firms to achieve this outcome. Once majority control is achieved, these mining firms can quietly manipulate transactions to facilitate double-spending (spend cryptocurrency twice). These security intrusions are formally known as 51 percent attacks. They enable a dominant miner to create a new transaction history on the network (much like a hard fork). All that is required is “pick[ing] an arbitrary previous block from which to extend an alternative block history” (medium.com). All that is required is “pick[ing] an arbitrary previous block from which to extend an alternative block history” (medium.com). Of course, once found out, they’re typically pushed out by other miners and exchanges. By then, significant financial losses may have already occurred. Mining firms intent on becoming bad actors are finding it relatively easy to do so. Hashing power is now cheap and easily available for rent. In addition, smaller proof-of-work coins are now cheap and vulnerable to control. Finally, they’re increasingly confident that any such attack will not lead to a significant price drop (what was once a long-time disincentive). There also exists little incentive for coins to publicize these attacks. The only saving grace here is that attacking many of the most vulnerable coins offers little in the way of monetary reward. They may, however, serve as a sort of training ground for attacking larger, more expensive coins. 51 Percent Attacks Are Not A Necessary Evil Litecoin creator Charlie Lee once stated that vulnerability to a 51 percent attack is the price for a decentralized cryptocurrency. As he stated on Twitter, “By definition, a decentralized cryptocurrency must be susceptible to 51% attacks whether by hash rate, stake, and/or other permissionlessly- acquirable resources. If a crypto can’t be 51% attacked, it is permissioned and centralized. The reason why a decentralised system needs to be susceptible to a 51% attack is because Proof-of-Work (PoW) consensus algorithms have the inherent flaw for a 51% attack to occur. If they were completely protected against such an attack, they would be controlled and centralised.” Another Option XTRABYTES intends to be both fully-decentralized and immune to 51% attacks. Their unique Proof-of-Signature (PoSign) consensus algorithm makes it impossible for anyone to take over the network. And unlike Proof-of-Work coins, XTRABYTES PoSign does not require outside miners to verify transactions.