Upon further discussion with Decred project organizer Jake Yocom-Piatt, the claims made in the Proof of Activity paper did not accurately apply to Decred’s unique hybrid protocol. Please refer to my updated article with explicit calculation at https://medium.com/decred/decreds-hybrid-protocol-a-superior-deterrent-to-majority-attacks-9421bf486292

It’s no surprise that the success of cryptocurrencies is broadly viewed by their market cap relative to USD, rather than the more pertinent issue of the cost of an attack by malicious entities on the blockchain. This measure of success based on market cap may appear suitable until the worst befalls us and we are left helpless -like gamblers who’ve lost it all in a crypto casino. A fitting comparison- as I am still amazed by the high market cap of projects with no apparent product and/or wishful ASIC resistance initiatives.

As Market caps rise to dizzying heights, the incentive to attack for nefarious actors become more lucrative, especially when we take-short selling into account. It is then only rational to keep a close eye on the work being done to secure the network. We have a measure for this, and if you don’t already know it its called “hashrate” for Proof of Work (PoW) coins. A healthy market cap and transactional volume should be IMO associated with a healthy hashrate; the ratio, however, will not be the focus of this article.

I would like to show, in simple and approximate numbers, what it would cost to do a majority attack on Bitcoin vs Decred- a relatively small and underappreciated PoW/PoS hybrid protocol implementation. The difference is pretty drastic, as will be shown further along in this article. Keep in mind that all prices and Hashrates are as of 2018–06–02.

The Scary 51% Attack

In a pure ‘proof-of-work’ (PoW) model like bitcoin and by extension, all PoW forks- the network security is dependent on the assumption that >50% of the mining power is honest. If it is dishonest, then the actor(s) controlling it can perform nefarious acts such as double spend their tokens, censor addresses and strip miners of their block reward. Theoretically, a >50% attack could cascade into >80% attack, as honest minors would cease mining if they aren’t able to pay their bills.

If we do some simple napkin math, we could calculate the cost to attack the Bitcoin and Decred networks based on hardware that is available today. For this example, I will be using BITMAIN’s Antminer s9i’s, which hashes at around 14 TH/s and costs around 837$. For comparative purposes lets assume Bitcoin uses Decred Hybrid Protocol. Lets discount the fact that one could get their own mining equipment (ASICs) fabricated for much cheaper (also disregard electricity, upkeep and hosting costs of the equipment). Here are the numbers:

*Cost to Attack Decred with Bitcoins Hash-power and token price

Considering the market cap of Bitcoin is ~$130 billion at the time of this writing, it is roughly ~130 times cheaper to attack the network. If Bitcoin had the same hybrid model of Decred, it would be ~20 times costlier to do a 51% attack as it holds today.

let’s do another quick comparison, but this time we will use Decred’s current total hashrate and market cap. Let us pick Bitcoin cash for our comparison, which is valued around 24X more than Decred in USD.

*The above is calculated based on Decreds current hashpower and token price

Even with decred’s relatively low market cap and hashrate, it is still more costly to attack than Bitcoin Cash.

A closer look at hybrid PoW/PoS protocol attack requirements

In a PoS protocol, the network derives its soundness from the assumption that the majority of the participating stake is honest. So to calculate the cost of a majority attack, we need to first understand the basic requirements for it. In Decred, the stakers vote on the validity of each block that is mined, so each block randomly picks 5 votes from a pool of ~ 40,960 tickets (1 ticket = 1 vote). If our protocol is a PoW/PoS hybrid then we need a combination of both hashpower and a percentage of the total active stake.

The Graph depicts the percentage of hash power and stake required to do a majority attack, based on the current 47% stakeholder participation (showing hashpower requirements if attacker has between 30 or 60 % of tickets staked)

The above graph depicts the requirements for an attack on Decred,which is more or less on a sliding scale. To be more descriptive of the function above, If p fraction of the honest stake is online, an attacker with y fraction of the total stake needs more than ((1/ y − 1) · p) ^ N times the hash power of the honest miners in order to gain advantage over the network.

If you analyse the graph, it is evident that honest stakeholders that participate in the protocol get amplified powers (if N=3 stakeholders per block), this, in turn, diminishes the effectiveness of a pure PoW dominated attack. It should be noted that with the current stake participation rate of 47%, having less than ~31.97% of the staked tickets means you would also need more than 100% of the hash power. In reality, accumulation of any substantial amount to reduce the hash power requirements would drastically increase the demand, skyrocketing both the token price and the internal ticket prices, making a real attack significantly more expensive.

Conclusion

In general, PoW based protocols give decision-making power to miners who perform energy intense computational tasks, while PoS protocols give power to entities who hold stake in the system. In my opinion, Decred’s novel hybrid protocol hits the sweet spot.

The purpose of this article was to demonstrate how much costlier it is to attack a PoW/PoS hybrid protocol vs a pure PoW protocol.

For a much more in-depth understanding of Hybrid protocols, please read the “Proof of Activity: Extending Bitcoin’s Proof of Work via Proof of Stake” and “ MEMCOIN2: A HYBRID PROOF-OF-WORK, PROOF-OF-STAKE CRYPTO-CURRENCY” whitepapers.

For more information about Decred, head to https://decred.org/.