Much has been written by economists on the subject of bitcoin. The latest paper by University of Chicago Professor Eric Budish, is a formal attempt to analyze bitcoin long run resistance to attack as a function of economic incentives. I am going to try ELI5 this paper and question some of its conclusions.
In plain English, if the rewards from mining, net of hardware and electricity costs do not exceed a certain fraction of the value that can be stolen in the process of a double spend attack, then the network will not be secure. So far so good.
formally, the above statement is written as p transaction > v¯transaction / α
There is an additional complication that attacker’s own funds become less valuable in the course of the attack, which can change the above calculation, which we will also deal with.
The paper claims to run a simulation for different values of alpha and arrives at the following conclusion:
“…Essentially, for the system to be usable for large transactions requires implicit tax rates that likely render it unusable for smaller transactions…”
My problems with this claim:
It Doesn’t Match Real World Data
we are 10 years into the existence of bitcoin. Transactions as large as 147 million have been sent using bitcoin and yet, pulling information from here:
Avg. Transaction Fee 1.08 USD Median Transaction Fee 0.13 USD
Median transaction fee is 13 cents, for Pete’s sake !
$300 MM was sent for virtually nothing and still, no double spend attack.
the paper quotes transaction costs as high as 18K that are required in order to prevent a double spend attack ( sabotage aside ). Those numbers do not appear to be supported by real world evidence
this data appears to invalidate model predictions
Now, it could be that the calibrated parameters don’t match real world data because of the additional complication addressed somewhat in the paper: the attacker faces a potential unknown fall in the value of her bitcoins as a result of her own attack, creating a disincentive to attack in the first place. The paper acknowledges this:
“….However, ∆attack is something of a “pick your poison” parameter. If ∆attack is small, then the system is vulnerable to the double-spending attack described in Section 2.1, and the implicit transactions tax on economic activity using the blockchain has to be high. If ∆attack is large, then a short time period of access to a large amount of computing power can sabotage the blockchain…”
Aside from the fall in the value of bitcoins due to a double spend attack, in order to double spend 100MM dollars worth of BTC, the attacker has to, in addition to hardware costs, allocate 100MM worth of capital to BTC in the first place. Most digital thefts cost orders of magnitude less in capital costs to execute for a similar size bounty, making the expected risk adjusted return on this activity look low in comparison.
Fallback on Sabotage Attack Logic is Weak
Having failed to calibrate its parameters to real world data, the paper falls back on the sabotage attack logic. The attacker could sabotage the network not because of economic incentives resulting from insufficient block or transaction rewards, but from an unknown outside reward, for example, shorting futures on CME or CBOE.
Let’s step back a little. I am not a professor, but this seems like a very silly argument. Anything can be sabotaged, of course. If a sufficiently powerful state actor decides to steal all the gold depository receipts in the world or start a nuclear war, no system is fully resistant against this.
However, if we are talking more run of the mill criminal sabotage in order, for example, to monetize short position in the futures, then bitcoin is a pretty bad product to do it in. The attacker would have to obtain large quantities of ASICs in order to take majority control and this activity would likely be traceable by law enforcement. Then the attacker would have to use a regulated broker in order to establish a position on CME or CBOE, leaving a trace there as well. Sure, the attacker could establish a very large short position on an exchange such as Bitmex, which doesn’t have a proper clearing house, but in that case there is really no reliable mechanism to force the longs to pay a massive amount of money if they don’t have the funds.
In short, the sabotage critique is not scientific and amounts to pure speculation that there could exist an irrational actor who decides to sabotage bitcoin for no apparent reason with large legal risks to herself.
The Conclusion Is Not Supported By Data
The paper concludes in its abstract that “ In particular, the model suggests that Bitcoin would be majority attacked if it became sufficiently economically important”
Yet, in practice, we see 51% double spend attacks happen relatively frequently in economically unimportant coins and no double spend attacks happening so far in economically important coins such as BTC, ETH and others.
Summary
This paper presents economic incentives of securing versus attacking bitcoin in interesting and useful ways, but fails to calibrate its results to real world data.