Rethinking Bitcoin’s Security Budget

Pierre Rochard, the Vice President of Research at Riot Platforms and CEO of The Bitcoin Bond Company, offers a fresh perspective on Bitcoin’s long-term security concerns, particularly the narrative of a supposed “budget shortfall” due to declining block subsidies. According to Rochard, this viewpoint arises from a misunderstanding of Bitcoin’s rules and the economics of settlement finality. He suggests that the interaction of the fee market, user controls, miner competition, and difficulty adjustments collectively increase the cost of potential attacks precisely when needed.

Bitcoin’s Resilience Against Security Budget Concerns

Bitcoin’s security budget is frequently portrayed as a future issue by critics, especially from alternative cryptocurrency communities. Rochard clarifies that this narrative confuses Bitcoin’s protocol rules with the economics of mining. The Bitcoin protocol, with its 21 million cap and transaction validity, remains secure through full nodes and private keys, while miners simply propose blocks that fit within these rules. The key question is whether the network can make reorgs and censorship economically non-viable as the subsidy reduces.

The Dynamic Nature of Bitcoin’s Fee Market

Contrary to the static budget perspective, Rochard emphasizes that Bitcoin’s budget for settlement finality is a dynamic market price, rising when needed. He cites instances from 2017, 2021, and May 2023, where transaction fees exceeded the block subsidy, showcasing how the fee market adapts to ensure security. Miners prioritize blocks with higher fees, optimizing for maximum profit rather than leaving unexploited opportunities.

User Empowerment and Game Theory in Bitcoin

Rochard highlights the critical role of users in the Bitcoin ecosystem. Through tools like Replace-By-Fee (RBF) and Child-Pays-For-Parent (CPFP), users can adjust transaction fees, prioritizing their inclusion in blocks. This user empowerment creates a competitive environment where mining pools have incentives to maximize fee inclusions, thereby destabilizing any attempts at censorship or transaction sequencing.

Addressing the Myth of Bribe Oracles

Rochard addresses the notion that Bitcoin requires a “bribe oracle” to match an attacker’s payoff, arguing this is a misconception. Instead, the network establishes a visible reward for honest behavior, incentivizing miners to prioritize immediate, certain payouts over uncertain, private bribes. The public fee market naturally adjusts without needing an oracle, as users rebid and miners pursue the highest available rewards.

Challenges and Real-World Dynamics

In discussions about potential threats such as reorgs and double-spends, Rochard distinguishes between temporary chaos and sustained attacks. He explains that during high-risk periods, exchanges and receivers increase confirmation requirements, forcing attackers into prolonged, costly endeavors. Colluding mining pools face internal competition, as omitting high-fee transactions results in loss of hash power and increased defection risks.

Hardware Compromise and Network Resilience

Rochard views hardware compromise scenarios as temporary throughput disruptions rather than protocol failures. Bitcoin’s network adjusts with difficulty recalibrations, and unaffected miners benefit from increased rewards. Moreover, Bitcoin’s SHA-256 algorithm’s reliance on dedicated ASICs makes it more resilient to “vampire” attacks compared to smaller, CPU or GPU-mined cryptocurrencies.

Conclusion: Bitcoin’s Security as a Market Process

Rochard concludes that Bitcoin’s security budget is not a static problem but a responsive market mechanism. As miners are incentivized to act against attacks, the network’s collective dynamics ensure resilience. The interplay of user actions, mining incentives, and protocol adjustments maintains Bitcoin’s security, adapting to threats when necessary.