Cointime

Cointime

Download App
iOS & Android

Breaking Byzantine Fault Tolerance

From coinmetrics By: Matías Andrade

Introduction 

The paper Breaking BFT: Quantifying the Cost to Attack Bitcoin and Ethereum authored by Lucas Nuzzi, Kyle Waters, and Matías Andrade presents a novel model aimed at assessing the costs associated with breaching Byzantine fault tolerance (BFT) thresholds within the Bitcoin and Ethereum networks. Published earlier this month, the study introduces the Total Cost to Attack (TCA) metric, which serves as a pivotal tool in understanding the economic incentives that safeguard these blockchain networks against potential threats.

The paper delves into the motivations of potential attackers, distinguishing between profit-driven and ideologically-motivated adversaries. It emphasizes the improbability of attacks being profitable given the substantial costs involved, thus underscoring the importance of analyzing the economic feasibility of such endeavors. In this week’s State of the Network, we dive into the method and findings of this paper and review the importance of network security and resistance to attack.

Total Cost to Attack

At the heart of the paper lies the concept of Total Cost to Attack (TCA), which serves as a metric for quantifying the cost associated with breaching BFT in both Bitcoin and Ethereum by a theoretical attacker. TCA is defined as the summation of Capital Expenditures (CapEx) and Operational Expenditures (OpEx) incurred over time by an attacker attempting to breach the BFT threshold of 50% in Bitcoin and 33% in Ethereum in order to perform an attack.

TCA serves as a measure of blockchain network security by enabling quantitative reasoning and comparative analysis of security. The paper emphasizes the importance of dissecting a network's security model in calculating TCA, which enhances understanding of specific cost drivers and contributes to better appreciation of security mechanisms like Ethereum's churn limit

This paper also serves to highlight the differences between economic and non-economic or ideological attacks, the first type defined as those attackers that seek to profit and the second as those attackers that seek to destroy the network at a cost without seeking retribution or compensation. Although both types of attackers are subject to similar costs, the payoffs are fundamentally different and thus their motivations must be regarded separately.

TCA: Bitcoin

In applying the Total Cost to Attack (TCA) model to Bitcoin, the paper focuses on two main components: OpEx (Operational Expenditures) and CapEx (Capital Expenditures).

OpEx

As mentioned earlier, OpEx aims to capture the operational costs borne by the attacker throughout the duration of the attack. In the realm of Bitcoin mining, the primary component of these costs is typically the electricity required to power the ASICs over time. While there are additional operational expenses associated with mining, such as cooling, facility rentals, maintenance, and personnel, this paper focuses primarily on electricity consumption in this analysis due to limited publicly available data on other operational costs. For brevity, we only consider one scenario expounded by the paper, in this case assuming access to a distribution of ASICs that is similar to the market, calculated using the MINE-MATCH algorithm.

With the total electricity consumption per hour of the attack determined, the next step is to estimate the corresponding cost of that electricity. Given the considerable disparity in electricity prices globally, this paper calculates an average global rate for pricing purposes. Data on electricity costs across 147 countries allows us to calculate a global average of USD 0.15 per kilowatt-hour as of March 2023. This average cost is then applied to the total electricity consumed per hour of the attack to derive the OpEx, which is illustrated in the table below.

Source: Breaking BFT (2024) 

CapEx

Having addressed OpEx, let's now delve into the Capital Expenditures (CapEx) side of the model. CapEx in Bitcoin represents the cost of acquiring Bitcoin ASICs, specialized machines designed to compute the SHA256 hash function. The paper utilizes the MINE-MATCH algorithm as an accurate proxy for the distribution of the Bitcoin ASIC network, which enables the estimation of the dominance of specific ASIC models and thus the competitive efficiency margin of the Bitcoin network over time. 

Source: Coin Metrics’ MINE-MATCH

By tracking ASIC distribution, the model simulates how many machines an attacker would need to purchase to surpass the 51% threshold required to attack the Bitcoin network for one hour, allowing attackers to double-spend. The paper utilizes market prices of ASICs to estimate CapEx, considering factors such as machine efficiency and elasticity of ASIC supply, as well as the theoretical cost to manufacture S9s. The cost estimates corresponding to historical network hashrate values are illustrated in the chart below.

Source: Breaking BFT (2024) 

As we can see, at the current network hashrate and ASIC market, the cost to attack Bitcoin ranges from $5B to $20B, varying in proportion to the elasticity of supply when acquiring ASICs by the attacker or, as an extreme scenario, manufacturing these themselves. However, the potential cost could escalate further depending on unprecedented market activity and supply chain constraints, illustrating the complexity and dynamic nature of estimating the financial investment required for such an attack.

TCA: Ethereum

In applying the Total Cost to Attack (TCA) model to Ethereum, the paper considers both CapEx and OpEx in a similar way, extending the analysis to Ethereum’s Proof-of-Stake consensus design. In the interest of brevity, we omit the analysis performed in the paper and focus on the resulting TCA, highlighting some of the assumptions given by the paper.

Given that the attackers would need ETH to perform the attack itself, the paper first estimates available liquidity in the most important exchanges, evaluating the feasibility of acquiring enough ETH to perform this attack. In order to estimate this value, the Coin Metrics measure of Ethereum held by account wallets tagged as exchanges is used, which is inclusive of the most important centralized exchanges. 

Source: Breaking BFT (2024) 

To successfully breach the BFT threshold the attacker would need to acquire ~15 million ETH. This figure surpasses the total ETH held by Bitfinex, Bitstamp, BitMEX, Binance, Bittrex, Gemini, Huobi, and Kraken combined. While other major markets like Coinbase, Uniswap, and decentralized lending platforms could potentially provide additional ETH for the attacker, the likelihood of a liquidity shock emerging before such a far-fetched scenario materializes is significant.

Source: Breaking BFT (2024) 

The figure above highlights the relationship between Ethereum's price, the number of validators, and the estimated total cost to execute a potential attack on the network, the TCA. It seeks to map out a three-dimensional space where these variables interact, suggesting that as the Ethereum price increases, or as the number of validators grows, the cost of an attack also rises. The network status as of Dec. 31st, 2023 suggests that the TCA could be estimated around $34 billion. This steep cost serves as a testament to the security and resilience that the Ethereum network's proof-of-stake consensus mechanism aims to ensure, effectively deterring all but the most resourceful adversaries.

Conclusion

In conclusion, the research conducted by Coin Metrics and detailed in "Breaking BFT" provides an in-depth analysis of the robustness of Bitcoin and Ethereum against potential attacks. The Total Cost to Attack (TCA) metric introduced is a valuable tool for assessing the economic viability of such threats. The study's findings suggest that the security of these blockchain networks is underpinned by significant economic disincentives for potential attackers. With the TCA for Bitcoin ranging from $5B to $20B and Ethereum's TCA around $34 billion, it becomes evident that the costs to compromise these systems are prohibitively high.The milestone of Bitcoin's market capitalization surpassing $1 trillion once again, coupled with the excitement surrounding the newly-minted spot ETFs and the approaching Bitcoin halving event signals a dynamic and potentially transformative phase for digital assets.The security mechanisms of major blockchain networks appear to be well-equipped to foster increasing trust and growth in these networks, which, alongside favorable market indicators, paint a promising picture for the future of the cryptocurrency industry.

Comments

All Comments

Recommended for you

  • Ceasefire Announced, Israeli Drones Continue Airstrikes in Southern Lebanon

    On June 19, according to reports from Lebanon, Israeli drones continued to carry out airstrikes in southern Lebanon, targeting towns and mountainous areas in Nabatiyeh and Jezzine. Ibrahim Mousawi, a member of the Lebanese Parliament from Hezbollah, stated in an interview that after both sides agreed to a ceasefire, Hezbollah immediately began to comply with the agreement while reserving the right to respond if Israel violated the ceasefire. He said, 'If Israel respects the ceasefire, we will also respect the ceasefire.' Earlier, on June 19, the Israel Defense Forces reported that air raid sirens were activated in the northern Israeli region of Zarit due to suspected drone incursions. (CCTV)

  • ETH Surpasses $1700

    Market data shows that ETH has surpassed $1700, currently priced at $1700.16, with a 24-hour decline of 2.09%. The market is experiencing significant volatility, so please ensure proper risk management.

  • BTC Surpasses $63,000

    Market data shows that BTC has surpassed $63,000, currently priced at $63,002.87, with a 24-hour decline of 1.52%. The market is experiencing significant volatility, so please ensure proper risk management.

  • Upbit to Launch RE KRW, BTC, and USDT Trading Pairs

    On June 19, according to an official announcement, Upbit will launch RE trading pairs with KRW, BTC, and USDT.

  • IRGC: Ready to Inflict a Crushing Defeat on Enemies

    On June 19, the Islamic Revolutionary Guard Corps (IRGC) issued a statement today, asserting that the remarks made by Iran's Supreme Leader Mujtaba regarding the Iran-U.S. memorandum of understanding "further solidified the united front of the Iranian people, enabling them and the armed forces to more resolutely safeguard the achievements of victory, and providing invaluable resources for Iranian politicians in their pursuit of national rights." The statement indicated that the aggressors have faced defeat on the battlefield — they once threatened to "wipe Iran off the map" and "send Iran back to the Stone Age," but now they are "desperately retreating to the point of begging for understanding and negotiation," bowing their heads before the Iranian people. The statement warned that if the enemies attempt to make unreasonable demands again, infringing upon the rights of the Iranian nation as they have in the past, the IRGC will be fully prepared to respond with even greater strength across land, sea, air, and all hybrid warfare domains — ready to deliver a more devastating historical defeat to the enemies as soon as the Supreme Leader gives the order. (CCTV International News)

  • CFTC and SEC Seek Public Input to Clarify 'Swaps' Regulatory Definition

    On June 19, in the context of related litigation at the Chicago Mercantile Exchange (CME), the U.S. Commodity Futures Trading Commission (CFTC) and the U.S. Securities and Exchange Commission (SEC) jointly issued a public request for comments, planning to update and clarify the definitions and regulatory interpretations of certain derivative products. This inquiry covers a wide range of topics, including the definition of 'swaps', the definition of 'security-based swaps', and the delineation of the exemptions applicable to these definitions. The two agencies are also seeking public input on the regulatory treatment of new or emerging financial products, which may include event contracts on prediction market platforms and perpetual futures/perpetual contracts. CFTC Chairman Michael S. Selig stated in a press release: 'Today's joint public request for comments provides an opportunity to address the long-standing regulatory ambiguities in Title VII of the Dodd-Frank Act. These ambiguities have been hindering fair competition and responsible innovation.' According to Title VII of the Dodd-Frank Act, the CFTC has regulatory authority over swap products, except for security-based swaps. SEC Chairman Paul Atkins also noted in a statement that clarifying certain definitions has become urgent, particularly regarding the regulatory classification of event-driven products.

  • Morgan Stanley Submits Revised ETF Applications for Ethereum and SOL, Disclosing Lowest Market Fees

    On June 19, Morgan Stanley submitted revised filings for spot Ethereum and Solana ETFs, marking new progress in the review process following the approval of Bitcoin ETFs. The Wall Street investment bank filed updated S-1 registration statements for the two ETFs with the U.S. SEC on Thursday. This is the second update to the applications for the Ethereum and Solana ETFs originally submitted in January. The latest S-1 documents reveal that both ETFs will have an issuance fee rate set at 0.14%, making them the lowest fee products in the U.S. market for Ethereum and Solana ETFs. According to SoSoValue data, the current fee rate for Grayscale's mini Ethereum trust is 0.15%, the lowest in the Ethereum sector, while Franklin Templeton's Solana ETF SOEZ has a fee rate of 0.19%, the lowest in the Solana segment. The revised filings also disclose that Figment, Galaxy blockchain infrastructure company, and Canada’s Coinbase will serve as the staking service providers for the products. Morgan Stanley's upcoming ETH and SOL ETFs plan to stake a portion of their holdings to earn additional staking rewards. The documents specify that 5% of the staking earnings will be allocated as service fees for the staking service providers and custodians.

  • Fidelity Launches Money Market Fund for Stablecoin Issuers Aligned with the GENIUS Act

    On June 19, Fidelity Investments launched a new government money market fund designed as a reserve storage tool for stablecoin issuing institutions. The fund, named Fidelity Digital Reserve Fund (Ticker: FYMXX), aims to achieve current income while ensuring principal safety and maintaining high liquidity, as stated in its prospectus. The fund shares are exclusively available to institutional investors, including various stablecoin issuers, and the product was officially established on June 15. The prospectus specifies: 'The fund shares are expected to be primarily held by one or more stablecoin issuers as part or all of their reserve assets for issuing stablecoins to users.' This new fund will only invest in compliant reserve assets permitted for stablecoin issuers under the GENIUS Act, including U.S. Treasury bills, medium-term notes, long-term government bonds, cash, overnight repurchase agreements, and other government money market funds that meet stablecoin regulatory requirements. The minimum initial subscription amount for the fund is set at $1 million, although the fund company can independently decide to waive or reduce this threshold. The product aims to maintain a stable net asset value of $1 per share, with an annual management fee rate of 0.25%.

  • BTC Falls Below $63,000

    Market data shows that BTC has fallen below $63,000, currently priced at $62,967.9, with a 24-hour decline of 3.7%. The market is experiencing significant volatility, so please ensure proper risk management.

  • ETH Falls Below $1700

    Market data shows that ETH has fallen below $1700, currently priced at $1699.82, with a 24-hour decline of 3.79%. The market is experiencing significant volatility, so please ensure proper risk management.

Daily Must-Read

Popular Activities

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

April 30 - April 30
Dubai

Popular Tags

Cointime
News
Contents
RSS
Company