A recent study spearheaded by Lucas Nuzzi, Head of R&D at CoinMetrics, has brought to light detailed insights into the financial viability of launching a 51% attack on the blockchain giants, Bitcoin and Ethereum. Published under the title “Breaking BFT,” this research delves deep into the economics and logistical challenges of such attacks, offering a nuanced understanding of blockchain security.
How Much Is A 51% Attack On Bitcoin?
Nuzzi took to X (formerly Twitter) to share the study’s findings, emphasizing the prevalent concerns within the crypto community about the networks’ vulnerabilities. He remarked, “The mere possibility of these types of attacks has caused significant anxiety… These are the boogieman of blockchain security but their costs and expected utility remain a mystery.”
How much does it cost to 51% attack Bitcoin and Ethereum?
To find out, we simulated what an attack would look like.
Our paper, Breaking BFT, was published today with some interesting results ⬇️https://t.co/fpcpkPhy5B pic.twitter.com/wMbm6b2v0Z
— Lucas Nuzzi (@LucasNuzzi) February 15, 2024
The study introduces a new analytical framework, the Total Cost to Attack (TCA), which sums up the expenses an attacker would incur in orchestrating a 51% attack. For Bitcoin, this entails acquiring a majority of ASIC miners and covering the operational costs, including electricity. Utilizing data from MINE-MATCH and historical ASIC market trends, the research unveils that the cost of procuring the necessary ASICs could surge to $20 billion. Nuzzi further explained, “But these ASICs are not for sale!… In one scenario, that cost alone is close to $20 Billion.”
Moreover, the study explored the hypothetical scenario of a nation-state manufacturing ASICs for an attack. It concluded that “the only model that could be plausibly reverse-engineered is the S9, with a manufacturing cost north of $20B.” This highlights not just the financial, but also the technical hurdles in mounting such an attack.
How Much Is A 51% Attack On Ethereum?
Turning its attention to Ethereum, the study estimates an attack cost of over $34 billion. This figure accounts for the need to manage over 200 nodes and spend $1 million USD on Amazon Web Services [AWS] alone, showcasing the complex logistics involved in an Ethereum attack.
The study states, “Contrary to popular belief, an attacker could not leverage LSDs to buy access to block templates… We estimate an attack on Ethereum would take 6 months due to the churn limit preventing stake from being deployed all at once.”
Nuzzi’s research also critically assesses the potential profits from attacking Bitcoin or Ethereum, considering various strategies such as double spends and MEV exploits. It concludes that “Most importantly, we find no ways the attacker would be able to profit from attacking Bitcoin or Ethereum,” underscoring the economic disincentives for such attacks.
Perhaps the most striking finding is the empirical evidence supporting the existence of a Nash Equilibrium in the security dynamics of Bitcoin and Ethereum. Nuzzi posits, “This is the first empirical evidence of Nash Equilibrium in Bitcoin and Ethereum where adversarial actions become unattractive when compared to other strategies.”
In essence, the study not only quantifies the monumental costs associated with potential 51% attacks on Bitcoin and Ethereum but also reaffirms the strength of their security mechanisms. By providing a comprehensive economic analysis, it dispels many uncertainties surrounding blockchain security, contributing to a deeper understanding of the resilience and robustness of these networks against potential threats.
At press time, BTC traded at $52,068.