Monero was successfully attacked; XMR is now insecure & centralized Qubic can rewrite XMR history, censor & double-spend! Turns out a $300M PoS chain can "take over" a $6B PoW chain! PoS is that much better The attacks will continue, foreshadowing BTC's fall; PoW is cooked: 🧵 The Full Story: It all started out in May as a way to optimize profit for the Qubit validators, as they were able to dedicate spare compute cycles to mine XMR on the side (2% of XMR hashrate) This ended up being so successful that Qubic formalized its decision by June to fully integrate XMR to help fund the Qubic ecosystem. This led to the Qubic mining pool growing rapidly (10% of XMR hashrate) It was at this point that Qubic started offering additional token incentives for its pool. Attracting more of the pre-existing XMR miners to join. As Qubic was now able to offer 3x the reward of standard XMR pools! Only after all of this did Qubic publicly announce its intention to "take over" the XMR network! By late July, the Qubic hash rate was approaching a majority share (38% XMR hashrate) according to Qubic Qubic itself was framing this as a "demonstration of power" rather than a malicious attack. Calling it a "tech demo" for decentralized AGI computing... There were DDoS attacks against Qubic starting on the 5th of August, which slowed down Qubic's hashpower accumulation. This counterattack was not enough; As on the 11th of August, the "selfish miner" attacks began, which allowed the Qubic mining pool to reach a "majority" share of hashpower by the 12th of August: To prove their control over the network, they claimed to do a 6-block re-org. While orphaning over 60 blocks in the process. Some researchers have disputed this claim. What we do know is that they gained a majority share of hashpower over a 100-block time period. This absolutely does allow Qubic to rewrite XMR's history, destroying XMR's assumed immutability, censorship resistance & trustworthiness over that time period This also allows Cubic to carry out double-spend attacks, which could potentially defraud people, protocols & institutions out of a lot of money. Which is exactly why most major exchanges have suspended withdrawals & deposits. Because they run the risk of getting ripped off by Qubic if they choose to exploit this vulnerability The fact that they merely could have carried out such an attack over that time period is bad enough As of today, the price has dropped significantly & the hashrate has also dropped over 30%... Demonstrating the viscous cycle of a failing PoW system Qubic is framing itself as an ally of XMR & claims it only wanted to make a point & does not intend to attack XMR again... That this point can even be made in the first place is exactly what is so damning: Lessons Learned: The fact that the token incentives for a $300M PoS chain are sufficient to take over a $6B PoW chain speaks louder than words, proving PoW's inherent inferiority! That is what makes this a unique sneak peek into BTC's future, too Applying the token economics of a smaller PoS chain to fund a "51% attack" on a larger PoW chain is not something I had thought of before. The incentive of free "marketing" might even be enough to pull that off at that scale. As I most likely never would have talked about Qubic otherwise, & look at all of the attention we are giving it now! All PoW-based chains are vulnerable to this type of attack, because their security budget is so abysmal compared to PoS based chains The introduction of political narrative also certainly muddies the water, where some might perceive the attacker as an ally instead. Further fracturing the defense effort... What also stands out is that XMR's security ratio (the ratio between market capitalization & security budget) is actually slightly better when compared to BTC: XMR = $55M (block reward) x 0.51 (attack threshold) = $28M (security budget) / $6B (market capitalization) = 0.5% (security ratio) (yearly) BTC: $19B x 0.51 = $9.7B / 2.2T (0.4%)! For reference & comparison, here is the security budget math for the top 3 PoS chains: ETH: 542B+0.97B+3.33B x 0.29 x 0.33 = $52.2B (10%) SOL: 101B+1.15B+5.26B x 0.68 x 0.33 = $24.1B (23%) ADA: 29B+0.01B+0.7B x 0.60 x 0.51 = 9.1B (31.3%) It is crazy how much better PoS security really is when compared to PoW. ETH, for example, has 5x the security budget of BTC at 1/4th the market capitalization, with a lower inflation rate to boot! Another interesting observation is that XMR actually does have tail inflation... Teaching us that even adding tail inflation to BTC when the crisis inevitably hits might also not be enough by itself to defend from an ongoing "51% attack"! This is all adding to the laundry list of competing interests, responses, factions & incentives at play during a "51% attack" on a PoW chain. We can at least draw the conclusion that when this all finally plays out on BTC that it will be even messier & ever more chaotic than we first thought Bad Enough: This was technically not a "51% attack" as the total stake was much lower, somewhere between 28% too 38% depending on whose numbers you believe. While also not fitting the "attack" part of "51% attack", as they did not steal from or censor anyone. This can be seen as more of a "demonstration" There is conflicting information on the claimed 6-block re-org, as some researcher are reporting that their nodes did not see it. This is also not the type of thing you can look up on a normal explorer, either, as most explorers will only display the "canonical" history. Cyber Capital research was not running a Monero node at that time, either, so I will throw my hands up on this one until more information comes out to clarify this contradiction in evidence However, Qubic was able to get to over 51% of block production over a period of 100 blocks by leveraging "selfish mining" techniques. This is even confirmed by Qubics' critics. That is, as far as I am concerned, bad enough by itself & represents another type of attack. Gaining control without acting on that newfound power does not negate the control... That is why I am mostly uninterested in attempting to minimize the gravity of this event by debating overly nuanced technical details. As that quickly becomes another way for us to stick our heads in the sand Who is Next: The Qubic community has just voted to target Dogecoin next! This same playbook can be applied to chains mined with ASIC's as the majority of the hashrate came from "bribing" pre-existing miners using Qubic token incentives So that means an attack on DOGE & maybe even LTC (merged mining) is potentially on the table for Qubic. We should not expect a public announcement of intent until they are much closer to gaining a majority share, as that is what they did with XMR Ofcourse, this playbook is not limited to Qubic, so we might end up seeing other chains follow their example by taking over other smaller PoW chains Solution: The majority of the XMR community is not going to like my solution: Proof of Stake The writing is on the wall: PoS is objectively more secure, more decentralized, more fair & more economically sound There is no good reason not to embrace this new technological reality: Evolve or die Conclusion: Out of all of the PoW chains, this could have happened too; XMR is the least deserving of being attacked XMR is a staunch community of cypherpunks & privacy advocates. Whose heart, for the most part, is definitely in the right place, as they are actively fighting for all of our freedoms, especially our right to privacy! ❤️ That is why I hope they come out of this stronger; adopting PoS will most certainly achieve that. The greatest expression of anti-fragility is to accept radical change when under extreme pressure; As that is how diamonds are formed! 💎