The Ultimate Deep Dive Into Bitcoin’s Security Model

The ultimate deep dive into Bitcoin
security model Is Bitcoin's
current security model flawed? What could be done to the Bitcoin network
to ensure that it is sustainable? Today we're going to be talking about
a just that on this CoinMarketCap episode. So let's dive right in. The Bitcoin security model
is the ultimate final boss for Bitcoiners Dream to once
and for all bury the fiat system. But is the Bitcoin security model
up to the task? Some high profile investors
think that it's not. But ask a bitcoin supporter and they will
probably tell you the exact opposite. So which one is it? Well, the Bitcoin security model
is a combination of factors That keep the Bitcoin network
functional and decentralized. It combines the power of proof of work,
which is expensive with protocol Incentives so that it is difficult
to achieve a monopoly control of Bitcoin. So why Bitcoin's security
model may be broken and why that matters? Bitcoin's security is derived
from the cost of attacking the network. The higher the cost,
the more secure the network. We can calculate the cost
of attacking the network By looking at the revenue that miners
receive from validating new blocks. This miner revenue is commonly used as
a proxy for the Bitcoin security budget. So where's the problem? Well, currently
99% of miner revenue comes from the block Reward, also known as block subsidies,
only a 1%. It comes from transaction fees. This is a problem because the block reward
is halved every four years. This has Bitcoin's famous having,
and the reason Why is inflation tends to zero
until all the coins have been mined. But this also means That the security budget will soon
have to come from transaction fees alone, Although that is estimated to be sometime
in 2140. So shout out to all the people
watching this because I'm not alive. Remember Miner revenue is a proxy
for the security budget. If miners do not receive revenue

From the block reward,
it must come from transaction fees. So what if the security budget
does not increase? The short answer is that Bitcoin
may become a victim of the Turkey fallacy With a security budget that is too low. The incentives for an attack increase. The network works flawlessly
until it doesn't. Time for a quick refresher on how we know
that transactions are secure. How Bitcoin security works? When you send a transaction
over the Bitcoin network, that transaction Is included in a block. Each block
can include several transactions Up until a certain
limit called the block size. Some chains have bigger block sizes like
Bitcoin cash, and some have smaller ones. Like Bitcoin, blockchain transactions
are immutable, and in the bitcoin network Miners validate transactions. They do so by producing blocks. A block is valid
when the miner has performed The famous proof of work
mechanism in plain English. Miners perform A bunch of complex computations
that require a lot of computing power. These computations are performed
with the specific hardware called ASICs. The more computing power A miner has, the more likely
they are to win the block reward. So in other words,
it pays to spend more on ASICs That improves a miner's chances
of making money when it comes to money. So the conclusion is miner income,
it comes from the block reward And the transaction fees. Miner expenditure is electricity costs
and the cost of hardware. So using one of the most popular bitcoin
mining devices, the Bitmain Antminer S19 Pro as an example,
which produces 110 TH/S a second And a power consumption of 3250 watts
and the average U.S. Electricity costs of $0.16. Clearly shows that mining is not
a profitable endeavor for individuals. So let's see how that affects a miner's
incentives.

Bitcoin security problems. Is cheating possible? The key incentive structure
to know about miner behavior is miners Have the incentive to stay honest
as long as their income exceeds Their expenditure. In other words, yes, cheating is possible,
but the network is set up in such a way That no rational actor
would want to cheat. But what if, for example,
what if expenditures exceed income? This is known as miner capitulation. There is a high upfront cost to mining. If miners create new bitcoins at a loss,
they start selling their bitcoin inventory To cover costs. Some may capitulate and close their farms
by selling their hardware To other mining farms
with lower variable costs. Pursue estimates that miners Have to put up one entire year of block
rewards to mine Bitcoin for two years. So in other words, if you decide
to get into the mining business tomorrow, You will mine for one entire year
to cover the cost of your hardware first. Therefore, miners
have the incentive to mine honestly. They do not want to kill their cash
account. Okay. But if someone wanted to cheat,
could they do it? Yes. And that is called a 51% attack. If you control a majority of the computing
power used to validate new blocks, So the hash rate, you can refuse to add
new blocks from other miners. You can also engage in a double spend
attack. The Nakamoto consensus postulates
that the longest chain is the true chain. Therefore, a miner
with the majority of the hash rate Is in control of the network. Of course, an attack would destroy The chain's value proposition
and the price of Bitcoin would crash. In the case of a double speed attack. The attacker would have to gain
in monetary or other value for an attack To be worthwhile.

So let's see how that could happen. Motives for attacking the Bitcoin network. For the sake of this example,
we assume that an attacker would engage In the most devastating form of an attack
double spending coins. There are two possible motivations
for attacking the network. Both attackers Would have to take into account These same variables to calculate
the expected value of an attack. A probabilistic estimation of the price
after the attack to sell the double Spent coins. The amount of coins gained in the attack,
the cost of acquiring the necessary Hardware and operating costs
for electricity, the probability Of other network participants defending
against the attack through various ways, Like switching to different
hashing algorithms Or suspending the consensus mechanism. So keep in mind that a sabotage attack
is less concerned with the post attack Price or possible defense mechanism
for such an attacker. A price crash is a feature, not a bug. They're not looking to attack
in order to double spend the coins, But to disrupt and destroy the network's
credibility and functionality. Possible defense mechanism. Even if they're successful, could
they undermine the network's legitimacy? For example, switching
to a social consensus to save Bitcoin Would reveal that proof of work
wasn't the actual security backstop. In that case,
it would have to be a social consensus Like the OGs agreeing on the true chain
that secured Bitcoin. All along, however, there is currently
no incentive for an economic attack. The primary defense against this form Is the spread between the expected
value of honest mining and attack mining. If miners expect the long Term value of honest mining to be bigger
than that of attack of mining, The network works As designed over with miner rewards
getting halved every four years. Transaction fees have to make up
the difference and this is the crux.

Thus, if this trend continues,
the spread between the eve of honest Mining and attack mining shrinks. Still, how could an attack on Bitcoin
be pulled off? How to theoretically attack
the Bitcoin network? Joe Kelly laid out the blueprint
for attacking Bitcoin in his excellent Three part series called
How to Kill Bitcoin. In essence, only state actors Have the means and motivations
to attack the network. A state's cost benefit analysis is driven
by more than just economic gain. Kelly argues That if a state wants to attack Bitcoin,
there's little defense forum for one. A state would first block entry points
to the network by banning exchanges, Effectively canceling that Bitcoin
and shunning interaction with them. The next step could be to seize
mining equipment and announced that The state will do whatever it takes
to acquire a hash rate majority. The state sponsored flood
would probably cause a price crash And to lower the cost of an attack
since the state is not concerned With the economic profit, Even increasing its hash rate at a small
loss is a viable strategy. Once a hash majority is acquired,
the stake in overtly or covertly starts Entering transactions or outright sabotage
the network with double spend attacks. This process would be neither quick
nor cheap over. Kelly argues that this is not the point. If the perceived political gain Of banning Bitcoin for whatever
reason is deemed to worth the cost. A state can essentially field unlimited
resources to engage in such an attack. Still, the costs of such an attack
would be prohibitive for all But a handful of state actors. So let's talk about the risk factors
for the Bitcoin network. While that's a bummer, seems like
if they wanted to kill Bitcoin they could. But what factors increase
the risk of an attack? Well,
Kelly has some answers to this as well. For now, the attack surface is low. The Bitcoin based economy is tiny compared
to other financial markets,

And many addresses
can be traced back to KYC to account For the more capital markets
do not have a lot of liquidity. To short a possible attack and hedge
a price drop. However, Kelly argues
that the attack surface will increase If Bitcoin continues to develop
as envisioned. More privacy features, deeper derivatives
markets and a bigger Bitcoin Based economy. A consistently increasing hash
rate has no effect on Bitcoin security. Newer hardware can compute more hashes,
but an attacker would only be concerned With the potential costs. New mining hardware produces
more hashes per dollar spent. For now, Bitcoin's
biggest asset is its irrelevance. It is simply not big or dangerous enough
to merit an attack. At the same time,
the cost is too high for rational actors. But if a country was significantly exposed
to the network, either Because Bitcoin mining has become
a relevant factor of its energy policy Or because it has, for the same reason,
acquired a significant chunk of coins. The incentives for other states
to disrupt the network increase. Is there any way to defend the network? How to Defend Bitcoin's Security. Bitcoin suffers
from its own security trilemma. There can only be two out of the following
three. Bitcoin
can introduce a perpetual inflation rate That would continue the block reward. Alternatively, the network could force
users to spend old coins or devalue them Through something called demurrage,
but that would make it less scarce. Or the network can become less liquid
if the demand for transactions Does not pick up and higher
transaction fees does not materialize. There will be less incentives to pay fees. A tragedy of the commons
would be the result where users wouldn't Have to wait longer for confirmations
and or send smaller Transactions not to increase the incentive
to reverse them. Alternatively, and most probably Bitcoin
will have to become less decentralized. This will lead to minor cartels developing
and de facto already a thing

And more custodial trading and off chain
settlements to avoid transaction fees. However, some changes to the Bitcoin
protocol are not socially acceptable, As has to research. Decentralized systems
do not have an identity And thus rely on a subjective consensus
around core values. For Bitcoin that is resistance to change. In his surveys, intermediation
and deliberate inflation Were rated highly unacceptable
by Bitcoiners. But how can we defend the Bitcoin network
in that case? In the case of attacks,
several solutions have been proposed. One would be changing the hashing
algorithm Over honest
miners would be the collateral damage. For this to make sense. Hashing with ASICs
would have to become a thing of the past. Even then, it would not prevent
an attacker from trying again. A better solution Would be a social consensus
as to which chain is the true chain over. Kelly points out that This political solution would render
the entire existence of proof of work moot If the true defense of the network is
not proof of work but a social consensus. Why do we have proof of work
to begin with? Although it does serve As a deterrence, it's questionable
whether the cost would justify the ends. Finally, a hypothetical hash war Between states would de
facto back the network by state power. This could happen directly or indirectly
with, say, states Using bitcoin mining to monetize non
rivalrous energy sources. Still, as we pointed out earlier, This could also increase the incentive
for an attack by hostile states. Say the U.S. Used bitcoin on a large scale
to mine with flare gas. China and Russia may become a lot
more interested in attacking the network. Thus,
a one sided dependency on the network Could also be a strategic weakness.

So what's the best case scenario? Well, massive bottom up
adoption of the network with Bitcoin Becoming so entrenched
that the costs of attacking the network Would incur such a massive economic
collateral damage to make it undesirable. At the same time,
the state would be incentivized To help defend the network
from potential outside attackers. There's only one way this can happen. More transactions
need to be settled on Bitcoin. Let's see if that's happening. The Bitcoin transaction fee market. Unfortunately, data
always paints a fairly bleak picture Of the state of bitcoin transaction fees. Market for one price capitulation
lead to miner capitulation. Miners remaining in the game are those
with extremely cheap energy contracts, New and more efficient mining Machines, good access to capital markets
or good treasury management. Grid Balancing Applications. Retail miners are only profitable
in highly specialized cases. That confirms what we already suspected. Mining tends by design
to become more centralized. That is because only The most recent generation of ASICs
have significant profit margins. Remember, this data is from June of 2022. Things are likely bleaker
now as the bear market drags on. Centralized mining also makes regulation
of the business easier, But you have probably already heard enough
bad news. The biggest problem with transaction fees
is that they are pro-cyclical. This rose during the 2021 bull
market would have been mostly flat sense. Even more worryingly, the revenue
share of fees is back to 2018 levels. The latest data shows that demand
for Bitcoin block space peaked Only during liquidation events,
but saw no clear trend in 2022. So that means that in four years There has been virtually no growth
in demand for Bitcoin transactions. That is not what the models promised us.

During the last bull run, fee
revenue was predicted to equal block Reward revenue in the next 2021
bull run and subsequently exceeded. Well. See for yourself. In other words,
the ratio of transaction fees To block reward revenue hasn't
been this low in more than a decade. Where is this problem coming from? A big reason is most likely bitcoin's
value proposition. Bitcoin has over the years
firmly moved into the store of value Corner, however, being a store of value
means that coin velocity is low. You won't spend your bitcoins
if you believe they preserve your wealth. There is really no way around this fact.
Bitcoin needs To become a medium of exchange
to have a sustainable security model. If we assume that the community
does not want any significant changes To the protocol,
that is the only solution. This will inevitably lead
to a degree of centralization. Even though the Lightning Network
also allows for non-custodial transfers, Some people will prefer custodial
transfers. The Bitcoin community is well advised
to embrace this. Luckily, at least the Lightning Network
is growing, albeit a tiny base. Even though 5100 bitcoin public capacity
on lightning Is the proverbial fart in the wind
compared to wrapped coin on Ethereum. It is all utility based liquidity. Adoption of the Lightning Network
will likely be the key To a sustainable security model
for Bitcoin over the Lightning Network. Also has a major shortcomings. For example, it would take 128 years To onboard the entire planet
to non-custodial lightning wallets. That is to say that even
with the Lightning Network in full Adoption mode,
some centralization will be inevitable. Is merged mining a wildcard solution? Maybe there is another solution
that can at least support Faster bottom up adoption. Bitcoin researcher
Paul Sztorc suggests merge mining

In his own two part deep
dive into the Bitcoin security budget. Merge mining Is simply mining another cryptocurrency
with the same algorithm at the same time. In practice these would be sidechains
of bitcoin that run on the same SHA 256 algorithm and leverage
the security of the bitcoin blockchain. Mining. These sidechains would increase
miners revenues and de facto increase The block size stores
also refutes the claim that merged mining Is prone to centralization
and inherently not secure enough. He contends that mining is already
significantly centralized And that centralization through
specialization is not a security risk As long as the decentralization of nodes
is guaranteed. Merge mining would de facto
be a scaling solution that allows Paying miners fees
without diluting the bitcoin supply. However,
there would still need to be demand For the block space Any sidechain offers
to make economic sense. Therefore, merged Mining can be a complementary solution,
but does not solve the adoption problem. So let's talk about the conclusion
Bitcoin's Security depends on its security budget. Now the budget is all block revenues,
but soon it won't Have to come from transaction fees. There is currently no economic incentive
to attack the network. Only the most powerful states
would even have the means to do it. If Bitcoin becomes a more widely
adopted in the future, it also becomes More interesting to attackers. Having a sustainable
security model is key. There are several solutions to this,
but more bottom up adoption of Bitcoin As a medium of exchange is probably
the most sustainable and realistic one. Currently, there is no growth in demand
for Bitcoin transactions. A spike in demand was a temporary bull
market factor. Adoption of the Lightning Network
looks to be the key to the solution And the network is growing quickly
from a tiny base. Merged mining can supplement

Miner revenues as long as there is demand
for the blocks based on sidechains. To conclude, Bitcoin's security
model is unsustainable as it stands today. In other words, a Bitcoin
with 2022 adoption rates and a lower block Rewards will be much more vulnerable
to an attack two halvings from now. Luckily, the community is still has time
to figure things out. Given how conservative bitcoiners are, Big protocol changes
look out of the question. Increasing the medium of exchange
value proposition via lightning Does not contradict Having Bitcoin as a store of value
and should be embraced by the community. However, lightning will have to keep Growing exponentially
to make up for the currently poor numbers. Let us know what you guys have to think
in the comments down below.