Are Double-Spend Attacks Less Likely in High-Hashrate Blockchains?
In a recently-published study, the Bank of Canada affirmed that high hashrates tend to make blockchains much more resilient to double-spending. But is this necessarily always true?
A recent study by the Bank of Canada analyzed proof-of-work blockchain models, finding out whether hashrate would affect the probability of a blockchain suffering a double-spend attack. The organization’s conclusion was simple: It’s unrealistic to expect such an attack to succeed in a network with a high hashrate.
Although the Bank of Canada’s conclusion comes as a result of sound mathematical proofs and a formulaic approach, there may still be some unanswered questions with regard to whether it would ever be financially feasible for a malicious actor to suddenly execute a double-spend attack on any particular network.
Looking at the study
As we read through the study’s mathematical formulas that helped it arrive at its conclusion, we can clearly see a pattern that could most easily be explained in the context of a game. Miners that want a reward have to “win” it by confirming a block.
This requires a certain amount of hashing power. One individual mining rig has such a small capacity to affect the hashrate of all but the smallest coins in existence, so a malicious miner could only hope to execute a 51% attack by controlling the hashrate through other means.
The “road to glory” in terms of hashrate involves owning a mining center, or a mining pool that groups individuals mining from several devices that collectively reap the rewards of a “solved” hash. This practice increases the chances of “winning” the game at any point.
Long story short, a malicious miner has to control enough hashing power to “win” more times than the overall mining community—i.e., by controlling 51% of the hashrate.
According to the study, an actor would be disincentivized from attempting to manipulate a blockchain simply by encountering more mining power in another party’s hands.
As a result of this, bigger blockchains like Bitcoin’s are less permeable to these kinds of attacks because the costs one has to suffer in order to control the hashrate quickly outpace the rewards one could anticipate from a double-spend attack.
“From an economic point of view, this requires that a dishonest miner has deep pockets and is risk neutral. These assumptions tend to be unrealistic and, in practice, users have little economic incentives to launch such an attack, especially when the computational investment by other miners is large,” the study said.
There’s historical precedent
The Bank of Canada study approaches many of the nuances of how blockchains work using theory-based logic, but how does this approach work in practice?
In 2016 and 2017, it was nigh impossible to find any proof of major double-spend attacks executed on any cryptocurrency. Small coins were popping up everywhere, but we didn’t see much in the way of publicized scandals.
We really have to dig deep to find examples of cryptocurrencies that have suffered provable instances of such attacks. Going as far back as July 24, 2013, we find the attack of Terracoin, discovered by a forum user in the BitcoinTalk forums.
This tiny coin was swiftly hijacked by one single actor, siphoning the hashing power of the entire network and generating new blocks pointing to one address. This particular coin suffered a massive catastrophe that left it dipping over the next 24 hours.
Fast-forwarding to 2018, we come across two major examples of double-spend attacks: Bitcoin Gold and ZenCash, both cryptocurrencies using the Equihash consensus algorithm. It bears mentioning that these coins used that algorithm because the attacks occurred shortly after the Antminer Z9 ASIC, a miner meant to run on it, was announced.
In the case of ZenCash, the malicious actor was able to reverse two transactions involving a total just shy of 20,000 coins by rearranging 38 blocks on the chain.
On the other side of the fence, we have Bitcoin, Ethereum, Ripple, Monero, Litecoin, Bitcoin Cash, and other massively popular cryptocurrencies that have never suffered such attacks, at least in recent history.
So far, the proof is in the pudding as much as it is in the math.
There’s a blind spot, though…
Mathematical proofs like the ones shown by the Bank of Canada in its thesis present an elegant way to demonstrate how difficult it would be to “mash a hash” on the networks of major cryptocurrencies. And even though we have real-world proof of the theoretical basis by which BoC managed to arrive at its conclusion, there are still some elements that are cast aside when building a litmus test based purely on theoretical math.
One easy and accessible example of this could be the influence of mining pools. Although we currently aren’t aware of any collective mining pools even capable of shifting the consensus on blockchains, it’s entirely possible that this could happen on any particular coin at a given moment.
Bitcoin is a prime example of what we’re discussing. At this very moment, no mining pool controls more than 50% of the cryptocurrency’s hashrate.
However, a recent information-gathering endeavor we conducted revealed that the four largest pools—BTC.com, Antpool, F2Pool, and BTC.TOP—not only controlled nearly 60% of the coin’s hashrate but also operated out of the same geographical location.
This scenario is highly improbable, but nonetheless within the realm of possibility. Still, public mining pools don’t have to be the culprit at all.
There are several private mining pools in the Bitcoin network that have an undisclosed amount of hashing power. These are mining facilities that sometimes have tens of thousands of ASICs at their disposal.
All it takes is for them to have a significant amount of inactive miners that they would eventually power up the moment they want to have sway over the majority of the network’s hashrate. After that, it’s only a matter of a few actors colluding to double-spend.
This particular scenario is less than improbable and likely to happen on a few coins where the financial incentive is present. In the Bitcoin network, the prospect of such a thing is somewhat unlikely but entirely possible.
Conclusion: It’s never black and white.
To date, there’s never been a double-spend attack on a coin with a multi-billion-dollar market capitalization and a mining network with hundreds of thousands of ASICs. This is in line with the Bank of Canada’s study on the matter.
However, we cannot say with confidence that it’s wise to rule out the possibility of such an event even in networks as large as Bitcoin’s. The central bank’s study admits as much:
“Rather than ruling out double spending altogether, it could be sufficient to ensure that double spending only occurs with a sufficiently small probability. Interestingly, there could then even be competition for double spending where there are multiple dishonest users. If coordination of such behavior is difficult, then double spending from the perspective of an individual transaction is small.”
Whereas one could not envision one person single-handedly taking