If the attacker is waiting for a lucky event to occur (finding more blocks than others while having less than 51% of the mining power) it means that they are constantly wasting mining time. That in itself is a huge cost (operational cost and block rewards thrown away), but it also means that they can't predict when it will happen. A double spend attack must be planned in advance because the first transaction must occur at the beginning of the attack. I'm not sure how they could constantly try double spends without risking losing the money each time the attack doesn't happen.

I don't see how it could be profitable. If it can't be profitable, then the risk of someone doing it is pretty low. If they already have the necessary hardware, they'd be much better off mining.

"Bitcoin's security inevitably weakens over the coming years due to diminishing miner rewards (denominated in BTC)"

That's incorrect. Security scales with USD-denominated rewards, not BTC-denominated. And there are 16 years of real-world data showing they have been generally increasing, so a healthy sign that the Bitcoin experiment is working:

https://newhedge.io/bitcoin/block-reward-per-block

And not only that, but rewards are still expected to stabilize even when measured in BTC (thereby not relying on an increase of BTC's price) as they are progressively composed more and more of tx fees instead of newly mined BTC.

It's puzzling to me why some still don't understand the systemic incentives that make all this work as it has for 16 years and counting...

> If a pool can set up a situation where they mine a block and wait X seconds to reveal it, they can force other miners to waste X seconds of has power and gain an advantage.

How is it wasted if they work on the current chain? If they find a block during those X seconds, they'll propagate it before the waiting pool does. The waiting pool will then just lose the revenue from the block they put on hold. They're the ones wasting mining time when that happens, while the others never do.

Isn't this the same thing as saying "if everyone just agrees that a dollar bill is actually just a piece of paper, USD becomes worthless"? Albeit at a smaller scale

Why would you expect the scale of the derivatives to be related to the scale of the spot market, especially if the derivatives are cash-settled futures? One is basically gambling on the price of BTC going up or down, and the other is trading the actual BTC, right?

In the near future every nation state will be vying for the largest stake of the BTC mining pie and the BTC race will be bigger than the Space Race and the Nuclear Arms Race combined and adjusted for inflation.

Well what's arguably even more horrifying is according to "Estimated average energy efficiency of bitcoin mining hardware" no significant changed happened since 2014. I imagine we went from CPU to GPU to ASIC in couple of years and now for more than a decade, no change, just more.

Since when is incentivizing low cost renewable energy horrifying?

Meanwhile, Hedera remains carbon negative and 7 orders of magnitude more efficient than Bitcoin.

"Today, Hedera is performing the equivalent of over 10,000,000 transactions and 788,000 transactions for the same amount of energy it takes Bitcoin and Ethereum to process 1, respectively."

[0]: https://hedera.com/blog/going-carbon-negative-at-hedera-hash... [1]: https://discovery.ucl.ac.uk/id/eprint/10160701/

What this site does not show is how much of the power used to maintain the network is waste power such as gas that's normally burned off at the well site or hydro electric that goes to waste.

Unlike AI, there's a strong incentive to find the cheapest electricity possible. Because that's what everyone else is doing. With Bitcoin, you now exactly what your costs are and what your yields are. There's a clear threshold, when power in an area becomes too expensive there's no reason left to mine.

AI, on the other hand, is a bet on the future - infinite gains. No matter how much power costs, it's worth it to keep using as much as possible. We can't know how much power AI uses. Unlike Bitcoin, there aren't any metrics from which to extrapolate. But we do know that AI uses more power than Bitcoin already. We just have no idea how much more.

Bitcoin has a block/confirmation approximately every 10 minutes, and Monero every 2 minutes.

So 240 minutes for Bitcoin, and 98 minutes for Monero.

So even though Monero is more strict, it is still "faster".

TFA observes that it would be disruptive and socially difficult to move systems to expect requiring 24 confirmations, and expresses relief that other responses are possible.

Perhaps this is more suitable as a response over months or years to a long-term shift in the composition of Bitcoin miners than as a short-term measure when it appears that someone has suddenly acquired 30% of mining capacity today.

Too many people have a vested interest in keeping Bitcoin going for as long as possible, sadly. It's going to take a massive black swan of some kind to shake their faith.

Heck, they can embed CSAM into the Bitcoin blockchain and that won't stop anyone from using it, because above all else, line must go up.

Like it or not in the end it will just be BTC. China will stop exporting Bitcoin mining tech. Nation States will dump money into proprietary BTC mining tech and keep it to themselves just like military tech. The US needs to see this reality and focus on domestic BTC mining tech like the future depends on it.

If crypto needs legal protection from attacks, I think that would invalidate most of its value proposition.

You will probably end up in court. But you might not get convicted.

Shakeeb Ahmed was convicted of wire fraud for exploiting a smart contract bug.

Avi Eisenberg was also convicted for exploiting a smart contract bug, but he had his conviction overturned on appeal.

The Peraire-Bueno brothers were in court for exploiting a bug in the MEV mechanism but it ended in a mis-trial so we're going to have to wait to find out.

Not legal advice ;-)

Depending on the currency, it's celebrated. (Code is law, etc.)

The attack described in this article might violate CFTC market manipulation regulations.

IANAL, but from my understanding, the primary law used to prosecute hacking is the CFAA's broad "without authorization" and "exceeding authorized access" clauses.

That said, authorization implies an entity with ownership rights granting some kind of limited license to others to interact with the owner's property.

For a permissionless decentralized network with no owner, where the attack is against the consensus of which chain is valid, I'd have a hard time arguing that "authorization" as a concept is even applicable or relevant.

As wmf suggested, market manipulation laws may still apply, but I'm not sure traditional CFAA "without authorization" / "exceeding authorized access" hacking charges could apply, though I'd be willing to bet a prosecutor could make a case for wire fraud - a scheme to defraud using interstate communications.

You forgot to do your own research and read the article.

I believe the article reached the same conclusion you did