Circling back a bit, because I just noticed I never got around answering:
Either way, as interesting as I find this whole discussion to be, there are probably cheaper and more effective ways to sway the market in one way or another.
Imagine what you could do with even the low end of $6 billion. That's 17 times the budget of Avengers: Endgame, except it's a whole cinematic universe about crypto (tacky, I know, please don't do this). 8 stadiums like the crypto.com arena, except the crypto-community builds and owns it, instead of merely sponsoring it. Provide UBI for a small town of 1,500 people (named after the cryptocurrency of your choice), each receiving a yearly income of 50k over a lifespan of 80 years.
Or, you know, just buy a handful of politicians.
I believe either of these would probably more effective than attempting a 51% attack on Bitcoin.
I'm sure that you are right to some extent, but then again, by that logic, the Ethereum investors, as well as Bitcoin investors, should then all pursue these ventures and make their fortunes double in no time.
1) Who says they aren't? (buying politicians, I mean)
2) Bitcoin and Ethereum investors haven't used their money to attack each other's network either. That is to say, I said these examples would be probably cheaper and more effective than the attack scenario you describe. They're still bad ideas, just slightly less bad.
I wouldn't pretend to know what the ultra-rich do to grow their fortunes. But keep in mind, if for instance Ethereum grows by 200%, then all the investors will see that growth including the small ones. Those could easily make up more than 5%, couldn't they? So even if we somehow assume that the very rich will just shrug at an opportunity to grow a part of their fortune by up to 200%, there could still be plenty of Ethereum investors who are willing to participate.
Hm, maybe you are right..! It actually does sound quite simple when you put it like that.
It sort of brings into question why we bother so much with consensus mechanisms at all, then, but still...
Because in the end you still need consensus on where the coins of a transaction should end up.
... Yeah, so maybe a mitigation strategy could simply be to add to the protocol: 'If a chain is the result of a reorg that has allowed double spending, then it should be regarded as invalid.' Could that work?
No. Double spends are not detectable on a protocol level. They also don't need to be. But they are pretty obvious to outside observers, e.g. non-adversarial miners that could then direct their hashrate accordingly or exchanges that would ignore the double spends until matters are settled.
Yes, there of course still needs to be an everyday consensus mechanism, you're right. It seems that we are both thinking more about what potential fail safe mechanism Bitcoin could have (if any) in order to mitigate the effects of an attack after it has happened, and somehow getting a consensus to ignore the "attack chain."
PoW
is the voting power.
But any merchant, exchange, counterparty that an adversary would transfer coins to can just ignore whatever looks like a double spend. In the end the coins will end up either here or there. If an adversary gains nothing in return (e.g. by exchanging coins for another currency or goods and services), all they do is send their own coins in circles.
Put differently, the moment you start a 51% attack, your adversarial transactions will likely get detected and ignored (again, outside the protocol. on the protocol level the coins will end up either here or there, but that doesn't gain you anything if your counterparty doesn't honor your transaction).
The moment you're not running a 51% attack... you're simply a miner that
could spell trouble. But you're not actively hurting the network itself.
In the end it would be just like that Bank Heist sketch by Key & Peele:
https://www.youtube.com/watch?v=jgYYOUC10aMEdit:
How about this: The vote in such a case is not distributed to the miners, but rather to the investors, who pay the miners (and other bitcoin owners) for their coin. Could this principle be enough to prevent a hard fork?
There's already a mechanism for that, though maybe not as you imagine: A hard fork resulting in two separate coins, with the market deciding which coin is the more valuable one.
Yes, that was also what I was getting at: Could Bitcoin survive unscathed by an attack without implementing any fail safe mechanism other than the fact that 'new investors wouldn't want to buy into a blockchain that is the result of a malicious reorg?'
I've come to think that there is a problem with this strategy, however. I fear that there could easily be times where double spends are not easy to detect. Not for long-range attacks, of course, but if the attackers deliberately targets the very edge of the current confirmation period, and thus try to hit exactly the threshold for when a reorg is considered normal activity and when it is considered malicious, then this could cause disagreement about whether a chain is invalid or not. And without some predetermined voting system, this could result in a hard fork. What's more, the attackers (backed by Ethereum investors) could also try to drum up hubbub by pretending to be disgruntled traders on both sides of the argument, who each claim to be the victim of a double spend (or nullified spend) if the other chain is declared as the valid one.
As a new investor, it might become hard to determine which chain is the "non-malicious" one. And as a result, we might get a hard fork of Bitcoin in the end after all.
As far as I can see, a much easier solution would be to just implement a fail safe PoS system to determine which is the valid chain in such a case. It wouldn't require that much effort to implement, compared to how much money is on the line. And it would also only be a soft fork to the Bitcoin protocol, presumably, since if one of the chains is
unambiguously declared the invalid one, then the miners will stop working on it at
some point, even the Ethereum-backed ones.
One last thing, maybe it's been brought up before, but it seems rather relevant:
At the heart of the attack scenario you describe is the assumption that Bitcoin and Ethereum investors are mutually exclusive groups with purely adversarial incentives.
I don't think that's the case.
While most investors will be more exposed to one coin than the other, I'm pretty certain that almost everyone in crypto has a stake in both coins, especially whales. Accordingly I don't think any one side would have much of an incentive to strike the other, even assuming that an attack in either direction were feasible.
No, this point has actually not been brought up so far. It's a good point. However, if the Goldfinger attack truly only requires a fraction of the investors in order for it to be profitable, then it might still be a possibility. Especially since there is also the risk that investors who wants to participate in the whole "venture" can then simply start moving their assets from Bitcoin to Ethereum in the lead-up to the attack. This movement might then also cause the value of Ethereum to grow relative to Bitcoin already, but this would only aid the would-be attackers.