@OhGodAGirl - Kristy-Leigh Minehan Kristy-Leigh Minehan at @OhGodAGirl
37 Tweets 6 minutes, 35 seconds read

Thread: Let’s talk about 51% attacks and hashrate rentals.

1. A lot of great minds have weighed in on the 51% attacks that hit @eth_classic during the last few months. The common opinions seem to be a) @NiceHashMining needs to have accountability for their actions, and b) sharing a hash algorithm is the reason this is happening.

2. Let’s start with argument B first. I’ve thought a lot about this argument, across a host of different fronts. In the past, I have also believed this to be true. But I now think this is incorrect.

3. In PoW algorithms, there is a limited resource we are all competing for: people. There are only so many potential miners in the world. Coins needs to compete to attract this limited resource to support their chain.

4. Coins can do this by building applications that encourage fees (ETH), which provides steady revenue generation to the miner...

5. ...or coins can do this by social events and creating a sense of community. $VEIL is the first coin that comes to mind that does this, though I am well aware there are hundreds of others.

6. One miner (person) can mine many different coins. Whether your hash algorithm targets an ASIC, GPU, FPGA or CPU is irrelevant - the algorithm is a utility designed to attract customers to invest and grow your chain.

7. Thus, what coins are competing for is “hardware” groups that are tied to miners - and not “being the dominant algorithm”.

8. Does this mean it’s only possible to have one CPU coin, and one GPU coin? Well, no. We don’t all just have one video game we all play. We don’t only have one word processor. Competition is natural in the application space, and there is nothing in game theory that says...

9. That by building a GPU-coin or CPU-coin, you will attract all that hardware.

10. “But Kristy! Surely this means that ASICs are more secure!” Well, hang on, I never said that. The algorithm and hardware is irrelevant - your chain still has to convince a miner - a human being - to -invest- in your network.

11. This is ultimately why I don’t think a switch to SHA-3 will help @eth_classic - once you switch, you need to convince miners outside of your core bubble that they need to invest money into your chain and that they will be rewarded for doing so.

12. Ethereum has invested in many different areas - miners continue to deploy capital into the chain because the promise of there always being value is there. In the same way I choose to invest in a business, because I believe their business model will give me returns.

13. In Ethereum’s case, even if a switch to PoS happens and the PoW chain ceases to exist, miners will find their way to these Layer2 and off-chain solutions. Selling compute to SNARKs and STARKs processing will be (in my opinion) a big business 2 years down the line.

14. ETC Classic doesn’t have that same value prop. Yes, it has businesses behind it and advertised PoC’s, but no applications that actively contribute more TX’s, increase fees, and show a thriving and continued business model for investment.

15. Then, if you sit from an ASIC manufacturers’ point of view (go away, Henry 😅), why would they justify investment and buildout on an ASIC when they are not fully convinced enough individual miners will purchase it?

16. I do think the correct approach (and @nic__carter has touched on this before with his fair launch idea) is. @eth_classic actively funding the development of ASICs, producing them, and then letting @DCGco or @FoundryServices deploy them. While other miners can participate...

17. At least a bulk is in the hands of a party that is actively incentivised to back the chain. In ETC’s case, Foundry is one of the few “miners” interested in the coin. But others in the world look at the products they could be a part of...and most will pick SpaceMesh, FileCoin,

18. or ETH. In summary: I think a lot of very smart people like to state that if we are all on independent algorithms, chains will be secure. But at the end of the day there is a limited group of people who mine, and we’re all competing for that same resource.

19. The algorithm and hardware is irrelevant. The product is everything. I don’t think it is feasible that there will be thousands of PoW chains each secure and safe- I think miners will remain a minority group and coins will need to be the best product to win their services.

20. Now, let’s talk about NiceHash and rental attacks.

21. There’s a lot of claims that coins can “prevent Nicehash” or “prevent rental attacks”. I’m asked my opinion on this a lot, and so here it is: ya’ll are fucking full of shit.

22. You cannot prevent personA from renting personB’s ASIC in a private transaction. Ever.

23. You may be able to put some checks in place that discard blocks that have NiceHash’s particular nonce signature - great. They will just modify it. And if NiceHash disappears...

24. ...then a similar service will appear in its place. The reality is anyone in the world can “rent” hardware. VC’s already do this - in spades. Prominent mining developers rent hardware to privately mine coins. ASIC manufacturers build it and then rent to investors.

25. Cloud companies have their stuff rented for all sorts of shady things - and they deal with it not through KYC, but by shutting down the offending account. But nothing stops Kyle from paying for his buddies’ PC to launch an attack. You can’t actively censor real world stuff.

26. I hope the logic is clear there: NiceHash is just one outlet for renting hashrate. There’s many others.

27. Now let’s talk about if ETC moved to SHA-3 - what happens? The common argument I see is that they would be “immune” to NiceHash. Hang on - if a bunch of other coins use SHA3 (they do), then why wouldn’t people rent out their FPGAs and ASICs to a higher bidder?

28. The reality is that the attacker could have rented GPUs privately, too. He chose NiceHash because it was easy. We’ve seen other attacks happen on coins with private hardware. If you were on SHA3, he could have just rented a few FPGAs...

29. Because the total miner population on ETC remains small. Not enough of that limited resource on your chain. The total hash is irrelevant.

30. Then, what if the chain was all ASICs? Well, what stops the attacker from just renting the ASICs that were made for the chain? Nothing. He can easily pay miners pseudonymously for their hash and time.

31. The ultimate point is: you can have barriers to an attack, but you cannot prevent an attack.

32. I think the work that goes into solutions like PIRLGuard and Verthash is important. These solutions don’t prevent rentals - they devalue the weight of the largest hash provider, or devalue the weight of hash itself.

33. So what do -I- think ETC should do? I think they need to actively invest in winning over more miners to their chain. Compete on that application layer. If you want to target institutions and one or two large miners, go for ASICs; if you want to have a low barrier to entry...

34. Go for CPUs or GPUs. If you want to have your hash also usable for L2 solutions, target the FPGA community. But I would like to see people think logically through this whole “51% attack” situation, and rethink a lot of the arguments - because right now it’s high noise2signal.

35. Thanks for bearing with my rant. I’d love to know your thoughts, opinions, or just how stupid you think I am below here.👇🏻 Change my mind!

author avatar
Followers 7k Following 1.2k
Twitter : @OhGodAGirl
Top