Satoshi’s Heel: Is Mining Infrastructure A Vulnerability That Could Take Down Bitcoin?
In Greek mythology, Thetis dipped her infant son Achilles into the River Styx to give him the power of invulnerability. Achilles grew to become a seemingly-invincible warrior, but he was felled when a poison arrow struck him in the heel, the very spot where Thetis had held him when she dipped him in the river. She’d missed just one tiny spot, but that was the downfall of Achilles.
In modern times, the term “Achilles’ heel” has become synonymous with any powerful force that is taken down by an unforeseen or small weakness, and history is littered with mighty people and organizations that have fallen in just this way.
For the past 13 years, Bitcoin has been a very powerful force that has fended off all attackers. This has given many of Bitcoin’s advocates an air of confidence, but this might be ill-placed or even dangerous. The genius behind Bitcoin is clear, but this doesn’t make it perfect or invulnerable. In the years, decades and centuries ahead, unimaginable variables will emerge, and maybe one of Bitcoin’s greatest strengths will be manipulated and exposed as a weakness to become Satoshi’s heel.
The Bitcoin Architecture
Before diving deeply into this, reviewing certain aspects of Bitcoin’s architecture might be helpful.
Satoshi designed Bitcoin with the intention that every 10 minutes, blocks (containing transactions) would be processed. Once a block is processed, or mined, it is presented to the nodes for validation and the transactions are posted to the ledger. For their services, miners receive compensation in the form of a block reward, which is the sum of a block subsidy and transaction fees.
The block subsidy, currently 6.25 BTC, is the mechanism by which new Bitcoin enters circulation. A difficulty epoch is a segment of 2,016 blocks and, upon completion of each difficulty epoch, an analysis of the time required to process those blocks is performed. Since Satoshi’s goal was for the system to average 10 minutes to process each block, if the previous difficulty epoch was shorter than 10 minutes, block processing is made harder for the upcoming epoch, and vice versa if the previous difficulty epoch was longer than 10 minutes.
An Emerging Vulnerability
With some of the basics of mining in mind, there is an emerging vulnerability in the Bitcoin ecosystem to consider. Many people directly correlate an increase in global hash rate, or a good distribution of hash rate across the mining pools, with increased security in the network. There is some truth to these conclusions as, by both measures, the network appears quite strong and secure today; however, another layer deeper, there is a vector of vulnerability.
This layer is the growth and dominance of “captive elephant” (see chart below) mining sites. A captive mining site is one in which the power source is controlled by a third party and this generally means it is grid based. A wild mining site is one where power is generated and controlled by the miner and is, therefore, off-grid.
To explore the vulnerability, consider a scenario called “Night Terror.” While it is extreme, and quite unlikely, it demonstrates the threat.
Imagine a time in the future when captive elephant sites dominate the mining network. This domination is so complete that 99% of the Bitcoin mining network’s hash power is consolidated in several dozen captive elephant sites. In parallel, political and financial establishment forces across the globe have seen Bitcoin seriously erode their ability to implement their agendas. Knowing that the best way to attack Bitcoin is to shake the public’s confidence in its stability and reliability, Bitcoin’s detractors set a course of action to cripple the Bitcoin mining network. So, just before the completion of a difficulty epoch, a consortium of nation states coordinates a hostile shutdown of all captive elephant sites. They do this by forcing utility providers to instantly cut power to all sites, and they deploy troops to prevent the removal of any equipment from the sites.
The Bitcoin mining network would be reeling from this blow because it instantly will be 99 times more difficult to process blocks. Instead of taking ten minutes to process the next block, the expected completion time would be 990 minutes, or 16.5 hours. This would drive the daily transaction capacity of the Bitcoin ecosystem from about 300,000 to just a few thousand. Worse yet, 2,016 blocks must be processed before the next difficulty adjustment, and with the vastly reduced hash capability of the network, this would not occur for another 1,386 days or 3.8 years (assuming no new hash power is added.) Additionally, new bitcoin would be entering circulation at a snail’s pace because money supply increases are completely dependent on the mining of blocks.
Obviously, panic would ensue, as many bitcoin holders seeking to sell or get their bitcoin into cold storage would be locked out. Off-chain movements on exchanges and transactions on Layer 2 protocols (like the Lightning Network) would be possible for a while, but they would soon become constrained because base layer (on-chain) settlement would become virtually impossible. After a few days in the Night Terror scenario, the Bitcoin ecosystem would be so dramatically impaired that the world’s confidence in it would be shaken to the core and irreparably damaged.
The Nightmare Scenario
Certainly, the Night Terror scenario is improbable, but a more likely one, called the “Nightmare Scenario” also presents a very scary outcome.
This scenario assumes the same initial conditions of captive elephants possessing 99% of the global hashing power, and a shutdown and seizure of the sites. In this case, though, the Bitcoin community responds aggressively to try to save the ecosystem. The first move is from rabbits and horses, redeploying mining equipment that had previously been put out of service, and this instantly bumps up the remaining global hash power by about 25%.
Mining equipment in the distribution channels would be quickly gobbled up and deployed and, in about five days, the network would likely progress to processing two blocks per day instead of one. After about three weeks, the network’s power would grow to average three blocks per day. Ultimately, after about nine months, the rabbits and horses could scale their hash rate by a little over seven times and improve the network capacity to about 10 blocks per day.
The result would be that the difficulty epoch which had been expected to take two weeks would stretch out to an unbearable 281 days. Also noteworthy is that instead of the expected 127,000 bitcoin entering circulation during the entire nine-month period, only 6,300 would make it.
The average block time at the end of the epoch is 138 minutes and many might expect that after this painful epoch, the next difficulty adjustment would facilitate a return to the 10-minute block processing time. However, the network is far from being out of the woods.
Bitcoin’s protocol has a maximum difficulty adjustment of four times in any one epoch and this means that the adjusted block processing time at the start of the next epoch adjusts to 34.6 minutes instead of 10. This sets up Bitcoin’s detractors for their next devious move — as the transition to the new difficult epoch occurs, the previously impaired captive elephant sites are turned back on.
In the blink of an eye, block processing times swing from slow to an exceptionally-fast two minutes and 20 seconds and a complete difficulty adjustment epoch would fly by in just over three days. 6,300 more bitcoin would enter circulation and would be largely controlled by detractors, and they would have the option of flooding the market with these bitcoin or further starving the market.
The next difficulty adjustment would start with a block processing in close to 10 minutes but, again, the controllers of the captive elephant sites could disable their sites and the mining network would again grind to a crawl. Block processing times would immediately exceed two hours and completing the difficulty epoch would take 142 days.
This pattern of captive elephants turning on and off could continue for a long time, but it wouldn’t really be necessary as the damage to Bitcoin would have already been inflicted. Without any consistency in the ability to process transactions, nor any faith in the rate of inflation, confidence in Bitcoin would be ruined, and while it might survive with some limited value or purpose, it would never fulfill its vision and fade to irrelevance.
Satoshi’s Heel: Keeping Up With Industrial Miners
When the China ban of 2021 occurred, Bitcoin lost approximately 50% of its hashing power and the ecosystem overcame it like a small speed bump. As is shown in the Nightmare scenario, the loss of 99% of the hashing power would be catastrophic, so somewhere between these two points is the danger zone.
The above chart estimates the impact of the losses of various levels of the network’s hash rate. With a 70% drop in the hash rate, the network feels some strain, but block processing times aren’t horrible, and the difficult adjustment returns the network to somewhat normal performance in about six weeks. However, dips below this level start to move the network performance into the danger zone.
If the network were attacked in a manner that caused global hash rate to fall by 85% or more, the shock on the network’s effectiveness becomes catastrophic and the resiliency of the ecosystem is grossly hampered. This may well be Satoshi’s heel. If so, it is a possibility only because the Bitcoin mining community created the vulnerability itself. And that vulnerability could come from the largest mining companies focusing on their own best short-term interests, and not the best long-term interests of Bitcoin.
In general, the largest mining companies believe that they can achieve the best efficiency, cost effectiveness and reliability by consolidating their operations into large sites and working with utility energy providers in mutually-beneficial power arrangements. However, as the saying goes, “there can be too much of a good thing.”
As illustrated above, too much hash power density in a small number of sites is a massive exposure. The safe level of hashing power in these sites maxes at about 70% and anything over 85% puts the ecosystem in grave danger.
Currently, measuring the global hash rate against these metrics is not possible, although it is likely in the safe zone now. However, it is critical that rabbits and horses keep pace whenever elephants expand, and this will likely prove quite difficult.
As an example, Atlas Power has announced a new $1.9 billion investment in North Dakota that will bring 750 megawatts (MW) of mining capacity online before the end of 2023. This means that, to keep pace, horses and rabbits must add at least 322 MW of mining capacity just to keep up with this one site.
However, when facilities like this one from Atlas Power come online, they typically come online with state-of-the-art mining machines. This means attached to this power will be 150 tera hash per second (TH/s) mining equipment (or better.) Rabbits and horses historically have issues getting access to and/or affording this type of equipment, so they typically lag one generation behind. In this case, it means they would typically use 100 TH/second technology. Therefore, keeping pace would then require 50% more machines and 50% more power. Given this, it means rabbit and horse sites must add 161,000 new machines, consuming 483 MW in less than two years, just to keep pace with the exposure from a single site. And, assuming that the Atlas Power site is utilizing grid-based power, then it also means wild energy sources equaling 483 MW must also come online. Any shortfall by the horses and rabbits pushes the vulnerability of the ecosystem closer to the danger zone.
Decentralization is a fundamental tenet of Bitcoin, and rightly so. For Bitcoin to remain decentralized, the community must constantly look at all aspects of the ecosystem to flush out any possibility of centralization occurring. The mining industry is no exception.
Mining has many variables that could, in theory, become centralized, including geography, jurisdiction, energy sources, site sizes, mining pools, chip sources and system sources. It is crucial that a safe level of diversity always be in place across all variables. If the vector of any variable starts trending toward centralization, it must be stopped well beforehand.
This is true regardless of how safe centralization might appear in any given variable. For instance, there is a tremendous amount of site development in Texas right now and understandably so, given energy availability, energy costs and the welcoming attitude of communities and politicians. However, political winds can change quickly and there are scenarios where Bitcoin mining could go from a friend of Texas to an arch enemy in a very short window. And, issues with the power grid, directed terrorist attacks and natural disasters in Texas could also put the mining network into a perilous state.
For now, the real threats to Bitcoin are trends toward elephant sites and toward captive power. In the matter of just another year or two, these variables could enter the danger zone and because of the scale involved, they could be very difficult to reverse. It is imperative that the industry beef up machine deployment to rabbits and horses, and work to develop wild energy sources to prevent this exposure. Bitcoin’s detractors are feeling the heat and they will be looking hard for weaknesses in the ecosystem, so let’s not give them a shot at Satoshi’s heel.
Back to the list