You can’t fix 51% attacks on Bitcoin without adding centralization, argues core developer
The ability to 51% attack Bitcoin indicates that it’s decentralized.
The ability to 51% attack Bitcoin indicates that it’s decentralized. It’s impossible to fix this vulnerability without adding centralization, argued Litecoin founder Charlie Lee and Bitcoin Core developer Gregory Maxwell.
Characteristic of decentralization
Decentralization is one of the most important attributes of blockchain technology according to some of the most prolific figures in the industry. Yet, critics have scrutinized Bitcoin and other proof-of-work projects for their susceptibility to 51% attacks. However, the opportunity for 51% attacks could be a fundamental characteristic of a decentralized public blockchain.
“One cannot fix the 51% attack flaw of a decentralized system without adding centralization,” tweeted Litecoin creator Charlie Lee. “This is one of the keys to understanding Bitcoin, proof of work, and decentralization. Most people fail to grasp this.”
Solving the double-spend problem
Fundamentally, Bitcoin solves the double-spend problem—the issues around guaranteeing that digital money isn’t spent twice. With tangible cash this problem is trivial. A paper bill can’t be in two places at once. But, when money is represented digitally, what prevents people from ‘counterfeiting’ bills? Duplicating electronic data is trivial and difficult to police, as demonstrated by the proliferation of online piracy.
Historically, electronic cash was overseen by trusted third-parties. Money held in a PayPal account is an example of digital cash managed by a corporation while the electronic balance held by a bank is a government example.
“Centralized systems like Ripple, EOS, IOTA, Blockstream Liquid, etc. just have a single party use its idea of whatever came first and everyone else just has to accept its decision,” asserted Maxwell.
But, in a decentralized system, who is the arbiter?
First come first serve
Bitcoin solves the double-spend problem by saying the first transaction to spend a coin is the valid transaction. Any subsequent attempts to spend that same coin are considered invalid. This might seem obvious but it’s a much trickier problem than it seems.
Gregory Maxwell, the former CTO of Blockstream and a longstanding Bitcoin Core developer, explains why.
“In a truly decentralized system ‘first’ is actually logically meaningless! As an inescapable result of relativity the order which different parties will perceive events depends on their relative positions, no matter how good or fast your communication system is.”
In other words, which transaction is considered ‘first’ depends on who is asked. If two transactions to spend the same Bitcoin happened at the same time, how would the network decide which is first and which is second?
Mining as a public election
Bitcoin solved this problem through voting. But, there’s a catch. Most permissionless systems have it so their users can remain anonymous. Thus, it’s impossible to just ask ‘people’ to vote—that would require a centralized party to verify the identities of those people and determine who’s eligible to vote.
Instead, Bitcoin tallies votes through computing power, which doesn’t require the help of a centralized party. Similarly, it’s possible to use another resource like coins (proof-of-stake) to count votes.
Continuing with Gregory Maxwell’s election analogy, when people refer to a 51% attack they mean the potential to ‘rig’ elections to change Bitcoin’s transaction history. Even though it’s possible to make 51% attacks costlier or more inconvenient, it’s impossible to eliminate that possibility without introducing centralization, argues Maxwell.
“People have cooked up 1001 complicated schemes that claim to do it without introducing centralization, but careful analysis finds again and again that these fixes centralize the system but just hide the centralization,” says Maxwell about cryptocurrencies that claim to solve the 51% attack issue.
Delegating responsibility to masternodes, block producers, or superdelegates merely moves the potential for 51% attack to a smaller group of decision makers. Moving to proof-of-stake simply changes the underlying votes from computing power to coins.
That isn’t to say these other projects are slower or less reliable than Bitcoin, they’re merely more centralized based on Maxwell’s theory.
Maxwell makes an interesting final point. Critics seem to obsess over the risk of a 51% attack. But, the easy solution to that risk is to increase the number of block confirmations before considering a transaction final. A transaction on the Bitcoin blockchain gets exponentially more difficult to compromise the more blocks are mined on top of it. Thus, it’s still possible to transact even if a 51% attack is occurring by increasing the number of confirmations.
“A far bigger risk to Bitcoin is that the public using it won’t understand, won’t care, and won’t protect the decentralization properties that make it valuable over centralized alternatives in the first place; a risk we can see playing out constantly in the billion dollar market caps of totally centralized systems,” concluded Maxwell.