Proof of Work: the choice between centralizing over time or insecure.
On the trade-off between specialized versus generalized mining and what this means for (long-term) security.
Every Proof of Work coin has to choose between:
- A specialized hashing algorithm, leading to economies of scale and centralization over time
OR
- A generalized hashing algorithm, meaning lots of latent hashrate and a constantly insecure chain
Both are self-defeating in different ways.
A specialized hashing algorithm leads to economies of scale and centralization over time.
Bitcoin's Proof of Work is so specialized that to mine competitively, making a profit, requires meeting multiple requirements.
Specialized hardware. Without the newest, most efficient ASICs, you don't stand a chance.
Cheap electricity. If you can't power your ASICs cheaply, you're out.
Cheap rackspace. You need to be able to run all these ASICs. The more, the better, because it means you can split other costs over a larger unit number.
Low administrative costs. Often overlooked, includes consulting fees, legal fees, insurance costs.
Efficient maintenance. To be profitable you want the ASICs to run at 100% efficiency 100% of the time. If not, get as close to it as possible.
Access to capital. You need to be able to buy the ASICs. You ideally buy them in bulk for discounts. If you have access to cheaper financing, all other costs are effectively decreased.
For more on economies of scale in ASIC mining with a practical example see for example this post analyzing the merger between Hut 8 and US Bitcoin Corp.
These economies of scale exclude most hobby miners and small miners from contention, increasingly excludes medium-sized miners, and leads to the big miners getting ever bigger.
Combine economies of scale with monetary rewards, and what we get is consensus centralizing over time.
This is bad for Bitcoin.
The more centralised consensus is, the fewer parties needed to censor or attack, the less secure the chain, the less the "store of value" mantra makes sense.
The alternative is a generalized hashing algorithm. However..
A generalized hashing algorithm means lots of latent hashrate and a constantly insecure chain.
Chains such as Monero and others pride themselves on ASIC-resistant mining. (Almost) every regular Joe with their regular CPU can mine the coin.
There are fewer or no economies of scale at all, there should therefore be less of a trend towards centralization of consensus over time.
Yet at any given time, the chain can easily be attacked.
A decent CPU/GPU offers about 25,000 hashes per second for Monero's RandomX mining. Total hashrate is ~2,000,000,000 hashes per second.
This means that ~80,000 CPUs/GPUs are securing the Monero chain, who are getting paid ~$72k total daily.
Looking at these numbers immediately illustrates the problem. The latent hashrate for Monero, the hashrate that is just lying around, is literally thousands of times bigger than total current hashrate.
There are millions, billions of CPUs and GPUs in consumer and industrial hardware around the world that are not being (fully) used. If someone decides to coordinate even just 200,000 of those, let alone 1 million of those, 5 million of those, they can attack the Monero chain by for example mining empty blocks.
In both the specialized and non-specialized PoW case, there is money to be made in an attack.
It is possible to open short positions on most chains. In a short contract, you profit from a decrease in value. For Bitcoin I have gone into the maths on this previously here on Substack.
For Monero the maths are different, but not necessarily better. It is a coin with a market cap of about $3 billion, yet we can pretty trivially attack it for millions, and millions is being generous. $72k per day spent on security in Monero means ~$3k per hour.
It only takes a few hours of empty block mining with the threat of continuing to do so to prove a chain to be insecure and to cause a drop in value.
I am a major supporter of crypto. I spend a lot of time working on it, with it, thinking and talking about it. I post this not out of malice but because if crypto is going to make it we need to improve and keep improving.
I'm not trying to pick on any specific coin here. I picked Bitcoin and Monero because they're the best-known examples of respectively specialized and non-specialized mining.
We need to point out what isn't working, and I don't see a future in which either form of Proof of Work makes sense.
It feels like we might be moving into a more hostile environment for crypto, a period in which these weaknesses will no longer be theoretical but might be "applied".
My wish is that we move to better alternatives in a controlled way, before an attack shows us the necessity of doing so and does massive damage to decentralized money in the process.
If you’re interested in more posts like this, check out my Substack or my deep dive into Bitcoin and crypto.
