A 51% attack is hard. It’s come close to happening once with a mining pool called GHash.io. The community quickly responded, and as of right now, the largest pool has about 17% of the network hashing power, and GHash.io has about 4%. The current state of network power distribution can be viewed at https://blockchain.info/pools , as well as other blockchain watching services.
According to the site you linked, the four largest pools control over 50% of hashing power. Would it be unrealistic for them to collude? How do you know that it has not already happened? Also there is 19% of hashing power which is listed as “unknown”. Presumably this should be from miners who are not part of any pool, but how can you exclude collusion?
It is in any particular miners interest to be in the largest pool possible, but counter to any miners purpose to be in any pool with the possibility of making a 51% attack, since a successful 51% attack would be the end of bitcoin’s market value, which makes their investment in mining equipment worthless. This has, so far, been successful.
That sounds like a tragedy of commons scenario, which isn’t promising.
Also, publicly distinct pools could collude in secret. I presume that whoever pulls it might make perhaps hundred million dollars by double-spending before the attack is discovered and Bitcoin value plummets to zero. And if you are a bitcoiner who is convinced that somebody is going to do that sooner or later, then you have an incentive to be the first to do it.
More generally, one of the common criticism of Bitcoin is that the infrastructure is currently supported by “stupid money”, since mining has a lower RoI than other forms of investment. In fact, there is some speculation that the RoI may be actually negative when considering hardware costs, and current miners are just trying to partially recoup the costs of the hardware they wrongly purchased when Bitcoin was at ~$ 1,000. This doesn’t bode well for the long-term sustainability of the infrastructure.
If a single entity controlled 51%, it could double-spend, though that would be obvious. There are more subtle attacks that are not so obvious and even require less than 51%. But I’m pretty sure that they haven’t happened because mining pools are not single entities.
These attacks require tight collusion. They require everyone in the pool to use the same software. The many people in the pool are many opportunities for the secret to leak. Moreover, I believe that most pools are open entry: people can join them and learn what software they are using.
According to the site you linked, the four largest pools control over 50% of hashing power. Would it be unrealistic for them to collude? How do you know that it has not already happened?
Also there is 19% of hashing power which is listed as “unknown”. Presumably this should be from miners who are not part of any pool, but how can you exclude collusion?
That sounds like a tragedy of commons scenario, which isn’t promising.
Also, publicly distinct pools could collude in secret. I presume that whoever pulls it might make perhaps hundred million dollars by double-spending before the attack is discovered and Bitcoin value plummets to zero. And if you are a bitcoiner who is convinced that somebody is going to do that sooner or later, then you have an incentive to be the first to do it.
More generally, one of the common criticism of Bitcoin is that the infrastructure is currently supported by “stupid money”, since mining has a lower RoI than other forms of investment. In fact, there is some speculation that the RoI may be actually negative when considering hardware costs, and current miners are just trying to partially recoup the costs of the hardware they wrongly purchased when Bitcoin was at ~$ 1,000.
This doesn’t bode well for the long-term sustainability of the infrastructure.
If a single entity controlled 51%, it could double-spend, though that would be obvious. There are more subtle attacks that are not so obvious and even require less than 51%. But I’m pretty sure that they haven’t happened because mining pools are not single entities.
These attacks require tight collusion. They require everyone in the pool to use the same software. The many people in the pool are many opportunities for the secret to leak. Moreover, I believe that most pools are open entry: people can join them and learn what software they are using.