The cost of attacking Bitcoin makes it the most secure chain, not decentralization
I've been reading a lot of articles, comments and documentations lately on the decentralization of blockchain networks and one thing stood out and that was a random comment on reddit talking about how security differs from decentralization.
At some point in your individual research, you may have come across something called the “Nakamoto Coefficient” when the concept of blockchains being decentralized is being discussed.
The Nakamoto Coefficient is a measure of the decentralization of a blockchain or distributed system. It represents the minimum number of independent entities (such as miners, validators, or stake pools) that would need to collaborate to control more than 50% of the system’s resources, effectively compromising its security and decision-making.
ChatGPT references the commonly discussed percentage influence, which is the 51% attack but multiple sources talking about the Nakamoto Coefficient places the threshold at 33.33%.
I believe that it varies across different blockchains. 33.33% could mean a lot for several proof of stake blockchains but not mean much for networks like Bitcoin, hence the often talked of 51% attack.
That said, if you look at the ecosystem today, most blockchains are vulnerable to a collective attack by the measure of Nakamoto Coefficient. Ethereum for instance is openly reported to only require two stake pools to compromise the network.
On many occasions, you'd find people talk about these entities like Lido as being a collective that isn't technically centralized but the blockchain doesn't care about off-chain technicality. I have covered the centralization of Ethereum a couple of times in the past and the most recent coverage highlights concerns about influences trickling through investments firms backing Ethereum and its extended ecosystem projects.
On the chain level, it is either a blockchain is decentralized by having a vastly distributed network of stakeholders or miners for proof of work chains or it is essentially centralized by having a reality of a concentrated stake or mining pool.
This is actually where things get interesting. In as much as having a vastly distributed network of stakeholders or miners is good, the enemy of the chain is not the reverse in itself, it is what cost is associated with any attempt to exploit the network.
Essentially, this means that decentralization does not necessarily = security and centralization does not necessarily = lack of security. True security, at least monetarily, is achieved when the cost outweighs the rewards of an attack.
In the past, I've always talked about risk and rewards and how they are the ultimate deciding factor in what direction a network flows — governance-wise. If people are well incentivized, they will play nice and benefit the chain. If the risks are low and the rewards to exploit are high, an attempt will be made to do just that.
A chain will be most secured when the risks(cost) associated with an exploit attempt is extremely high — essentially exceeding the potential profits.
Bitcoin is secure because it's costly to attack it
Not because it is decentralized.
Bitcoin maxis try to sell the idea that Bitcoin is decentralized even when data does not support this. This makes it clear that B-maxis are not very smart people or they simply think everyone reading their shit is dumb.
You can easily look at mining pools tracking sources like this and see how centralized it actually is.
At the time of writing, Foundry USA controls approximately 34.59% of the network's hashrate and the top 3 miners control more than 51% of the network's mining power.
Theoretically, this means that the top three could easily attack the network if they wanted to. So what is stopping them?
When you look through the risk and rewards of attacking the Bitcoin network, you'll find that being a good miner is a much better option.
Already, for any new miner to surpass the top Bitcoin miner, it would cost over $6 billion upfront because of the prices of miners and infrastructure cost. There's also the running cost including stuff like electricity and that would cost an estimate over $1.8 billion annually.
These numbers are not made up by the way. Simply look up the prices of Asic miners, evaluate how much of it is needed to achieve top spot in mining power or control more than 50% of it, then look at the average electricity prices and run the numbers on what that much miners would consume for just a few hours of operation.
So if you had such a heavy on cost business, would you risk it to attack Bitcoin?
The profitability of an attack is not just limited by infrastructure costs, it's also limited by the blockchain’s design. An attacker cannot efficiently rewrite past blocks as that would significantly cost more to execute, so he's essentially limited to exploiting new transactions post-attack.
What's the value of the transactions that flow through the network within the period and how much of it can the attacker double spend? Due to Bitcoin's block limit, I'd say not a lot. And within a few hours, probably less, any attack on Bitcoin would have been spotted and measures would be taken to tackle it.
The miners would have spent a lot of money for nothing worthwhile. When you look at the numbers, it's ridiculous. But let's assume that an attacker doesn't try to exploit Bitcoin the conventional way, which is to double spend, but instead, shorts Bitcoin before the attack, would the profit be worth it?
It's understandable that an attack on Bitcoin would crash the market value and there's at least $50 billion in longs as I write this, could an attacker potentially exploit this?
I think not because first off, this value is mostly on centralized exchanges, if an attack was spotted, not only would transactions be paused, the markets would equally be paused. Additionally, there'd be a call to analyze the order books and it would certainly be easy to spot an order that was placed to maximize on the event and a lot of funds would be frozen.
Not only would a miner or group of miners risk rendering $6 billion plus and millions of energy investments useless, they would also risk additional billions or millions placed on short contracts.
At the time, the only threat the concentration of Bitcoin's hash power has on the network is censorship, beyond that, it's not a risk factor to the chain because an exploit attempt would be foolish and too expensive.
Bitcoin is the most secure blockchain because it's currently the most expensive to attack. Decentralization has nothing to do with it because it isn't quite distributed in mining power to even consider it truly decentralized, by definition.