Since its creation more than 12 years ago, Bitcoin is undefeated. Its price has leaped from $5 to $50 to $500 to $5,000 to now past $50,000. The number of global users has eclipsed 100 million. The system’s network security, number of developers, and new applications are at all-time highs. Dozens of companies including Tesla and Square have started to add Bitcoin to their corporate treasuries.
This worldwide success doesn’t mean that people haven’t tried to stop Bitcoin. The digital money project has in fact survived a variety of attacks which in some cases threatened its existence. There are two main vectors: network attacks on the software and hardware infrastructure, and legal attacks on Bitcoin users. Before we explore them and consider why they failed, let’s start at the beginning.
In January 2009, a mysterious coder going by the name of Satoshi Nakamoto launched Bitcoin, an open-source financial network with big ambitions: to replace central banking with a decentralized, peer-to-peer system with no rulers. It would use a programmable, highly-fungible token that could be spent like electronic cash or saved like digital gold. It would be distributed around the world through a set-in-stone money printing schedule to a subset of users who would compete to secure the network with energy and in return, get freshly minted Bitcoin.
Initially, most were understandably skeptical, and very few paid attention. There had been attempts at creating “ecash” before, and all had failed. No one had been able to figure out how to create a decentralized, incorruptible mint, or how to grow a system that couldn’t be stopped by governments.
But a small community grew around Bitcoin, which promised just that. Led by Satoshi and Hal Finney, this group of iconoclasts discussed, tinkered with, and improved the software in its first year, using their computers to mine1 50 worthless Bitcoin every 10 minutes. Eventually, someone decided these virtual tokens were worth enough to accept in return for a real-world good. On May 22nd, 2010, a developer named Laszlo Hanyecz paid 10,000 Bitcoin for two Papa John’s pizzas, at an exchange rate of .1 cents per Bitcoin. No one could have predicted that Laszlo’s pizza order would one day be so costly: today, this order is worth more than $500 million.
Since the early days of PC mining and the Silk Road, Bitcoin has become a global phenomenon. No one knows who Satoshi is, but if their creation was a company, it would be one of the world’s top 10 most valuable. Its fan base has grown from a few pseudonyms on Cypherpunk messageboards to including the likes of Twitter CEO Jack Dorsey, Tesla CEO Elon Musk, Harvard professor Niall Ferguson, Fidelity CEO Abby Johnson, actress Lindsay Lohan, singer Soulja Boy, skateboarder Tony Hawk, and investor Paul Tudor Jones. It has its own unicode character, the ₿. An industry conference held this month focusing on how to add Bitcoin to corporate treasuries drew more than 6,000 companies. MIT boasts a research center contributing to long-term Bitcoin security.
Bitcoin markets have popped up in virtually every country and major urban area on Earth, with local traders eager to buy Bitcoin in exchange for local currency everywhere from Caracas to Manila to Moscow. Millions of people in Nigeria, Argentina, Iran, Cuba, and beyond are now using Bitcoin to escape their local currency system, and opt into something with a better track record as a store of value than the naira, bolivar, rial, or peso. They can control their Bitcoin with a private key (think: password) that they can store on a phone, USB stick, on paper, or even with memorized wordlists, and send the currency to family or friends anywhere on Earth in minutes, with no permission from any authority required.
The mainstream media typically portrays Bitcoin as a penny stock gone wild, or a new kind of digital tulip mania. But the reality is Bitcoin is a political project that threatens to fundamentally disrupt the Davos-led economic system, with everyone from Janet Yellen to Christine Lagarde expressing fear about its rise and demanding it be regulated.
Governments retain their power in part by issuing and controlling money. Bitcoin is a new model that mints and secures money without governments. So the big question is: Why haven’t governments or megacorps stopped it? And if they try to attack Bitcoin in the near future, what would that look like?
There is an enormous amount of speculation on the Internet about how Bitcoin might be attacked, but few stop to think about why it hasn’t already been destroyed. The answer is that there are political and economic incentives for more and more people to push the system forward and strengthen its security, and strong political, economic, and technical disincentives that discourage attacks.
Certainly, Bitcoin isn’t too small to draw the attention of governments. Previous attempts at parallel online digital currencies, like e-Gold and Liberty Reserve, were shut down by the US government before even making it to $10 billion in market capitalization. Bitcoin now has a market cap north of $1 trillion. Every day Bitcoin survives, it becomes stronger, and for many attack vectors, the windows are rapidly closing.
One reason that Bitcoin is so tenacious is that it is a globally-distributed phenomenon. The vast majority of mining takes place outside of the US in China and central Asia. But the vast majority of Bitcoin holders and buyers appear to be US and EU entities, and the software’s core developers and node-runners (who host Bitcoin’s servers) are scattered throughout the world. The most important person in Bitcoin—its inventor—is no longer relevant, and could even be dead.
Coding, mining, infrastructure, and markets are all independent, happening in competing jurisdictions and geopolitical rivals, often done by anonymous or pseudonymous actors, all with different philosophies and goals, but with one uniting motivation: to keep Bitcoin going.
Unlike every other cryptocurrency, there is no central point of failure. Bitcoin has no Vitalik Buterin, no Ethereum Foundation, no Deltec bank like Tether, no fancy offices in San Francisco, no team of lawyers, no governance token, no VC-backing, no pre-mine, no small council, and no whales able to manipulate the system. This decentralized architecture has already insulated Bitcoin from attacks at the highest levels. No matter how much Bitcoin you own, you can’t change the rules, print more, censor, steal or prevent others from using the network.
Arguably the most powerful financial force in the world—the US government led by then-Treasury secretary Steve Mnuchin—just launched an attack on Bitcoin in December 2020. It was not a particularly strong one, but still, an attack nonetheless, which would have forced US exchanges to gather more information about individuals withdrawing their Bitcoin to wallets they control than even mainstream banks collect, handing the surveillance state much more intricate knowledge of Bitcoin’s flow of funds. But the crackdown failed, stymied by a broad coalition of opposition, and Mnuchin is now gone.
The new US regulatory regime might be less aggressive. In fact, incoming SEC chairman Gary Gensler once taught a class about Bitcoin. Cynthia Lummis, a freshly elected Senator from Wyoming and passionate Bitcoin supporter, has been named to the Senate Banking Committee. That means one of the most powerful bodies in the US financial system now sports a member who recently tweeted about Bitcoin: “I came for the store of value. I stayed for the censorship-resistance.” Lummis joins Warren Davidson and others in Congress who have vowed to defend Bitcoin.
The biggest attack in Bitcoin’s history came in 2017 at the software level. That spring a handful of the most important industry actors gathered and signed what is called the New York Agreement. The authors boasted more than 83% of the global mining hashpower1, more than 50 total companies, more than 20 million wallets, and a huge share of the payment infrastructure. It was an alliance between Chinese miners, Silicon Valley, and Wall Street, and their goal was to change Bitcoin to allow it to process more transactions per second, at the cost of sacrificing decentralization and the ability of users to audit the monetary supply from home.
Despite the odds, a handful of grassroots activists ended up building a movement that stunningly defeated this New York alliance. By November 2017, the corporate “SegWit2X” plan was dead, and Bitcoin remained decentralized. The lesson from these “scaling wars” is that neither miners nor corporations control Bitcoin. Yes, miners process transactions, and developers propose upgrades to the software, but tens of thousands of users running nodes actually decide what transactions are valid and what software version is adopted.
Even if a government took control of a majority of the Bitcoin hashrate, this doesn’t enable them to change the Bitcoin consensus rules or print more Bitcoin or steal anyone’s holdings. The worst they could do is use their power to mine new versions of Bitcoin (which, in the case of BCH or BSV, has failed spectacularly), or burn billions of dollars to temporarily damage the network in what’s called a “51% attack.” In such an attack, a majority of miners could team up and use their superior hashrate to momentarily overwhelm the network. The price of the hardware required would exceed $5 billion.
Even if a government did want to risk that much on such an exotic assault, it is unlikely that they would divert the precious fabrication capacity of the world’s few semiconductor manufacturers to this very speculative purpose. For China or the US, disrupting existing semiconductor orders during a global shortage could put national security at stake. An alternative would be to seize a majority of the world’s mining equipment in a military operation. But the logistics of trying to locate and violently capture hundreds of thousands of 5-pound machines owned by often pseudonymous actors across dozens of jurisdictions would be hugely prohibitive.
Speculation about other technical attacks on Bitcoin abounds: mining pools censoring transactions (miners make more money from not censoring, can quickly switch to non-censoring pools, and may adopt software that makes censorship impossible), a global internet shutdown (could be disruptive, but not fatal), mining hardware backdoors (this actually happened, but was not exploited, and the threat is now fading), quantum computers breaking Bitcoin’s cryptography (not to be taken seriously according to experts), and even bad actors making harmful updates to the codebase (this wouldn’t stand a chance against hundreds of watchful developers).
The fact is, despite constant fear-mongering about how Bitcoin could fail, all users have always been able to transact. There have been no significant acts of censorship. Attempts to disrupt the protocol or the network infrastructure would be incredibly difficult and costly to attempt, and have no guarantee of success. As we saw in 2017, even if powers are able to amass a super-majority of the hashrate, they could be defeated by the network’s decentralized architecture. Far easier and far more likely are attacks on users themselves.
There are several nightmare scenarios that Bitcoiners fear that don’t involve science fiction around governments teaming up in a Mission Impossible-style mission to seize billions of dollars of energy and mining equipment. One such fear is four numbers: 6102.
In 1933, the FDR administration passed Executive Order 6102, which banned citizens from holding gold and forced them to turn in any gold to the authorities. The US government, or any other government, could try doing the same, giving citizens a window to declare and sell their Bitcoin to the government, or else face jail time.
The Bitcoin community is already preparing for such an attack. One reason 6102 was so successful is that the government could just go to banks who held gold on behalf of citizens, and seize at point of custody. So every January 3rd, users celebrate “proof of keys” day, where it is customary to withdraw any Bitcoin they own on exchanges or in the custody of third parties to wallets that the end users control. “Not your keys, not your coins,” first popularized by Bitcoin educator Andreas Antonopoulos, is a community mantra. With more than 10 percent of the American population using Bitcoin, if enough people self-custody, then a 6102 attack would be of limited effect. Given that the keys to your Bitcoin account are typically in the form of 24 seed words that can be written down, hidden, encoded, or memorized, a military home-by-home raid couldn’t work very well and would constitute a mass set of human rights violations.
Another regulatory threat would be a new unrealized gains tax on Bitcoin, which would be devastating to long-term savers, or new strict “know your customer” rules making it a crime to buy Bitcoin through an unauthorized issuer. But such rules have many obstacles: first and fourth amendment protections; numerous senators and congressmen pushing for a more Bitcoin-inclusive policy; and a large and growing cryptocurrency industry that would vigorously lobby against such rules.
Governments could try to marginalize Bitcoin by introducing a competitor: a Central Bank Digital Currency. Most central banks worldwide are experimenting with the idea of replacing banknotes with digital tokens that citizens could hold in mobile wallets. One argument that promoters of these systems make is that they could help check the thirst for Bitcoin. Ultimately, however, CBDCs like China’s DCEP can’t compete because their floating global price will be tied to the existing fiat currency, which will inevitably fall in relative purchasing power. Meanwhile, Bitcoin’s purchasing power continues to rise over time, and it offers a level of transactional freedom and privacy from the state that no CBDC could ever boast.
Another attack vector could be a ban on the act of Bitcoin mining itself inside democracies. Today, many mainstream media articles describe Bitcoin as an environmental disaster. In reality, it relies heavily on renewable energy (estimates range from 39 percent to 74 percent), consumes a lot of stranded or excess energy, and could very well have a mostly green future. But given the poorly-informed narratives around the subject, one could imagine a world in which the Biden Administration restricts Bitcoin mining as part of a Green New Deal.
The “two-Bitcoin” problem is perhaps the biggest existing threat to Bitcoin users today. If the top 25 global exchanges in the US, EU, and East Asia agreed to end user withdrawals, then that would effectively bifurcate the system. Bitcoin inside the bubble would be “whitelisted” and Bitcoin outside could be “blacklisted” — meaning, if a merchant accepts Bitcoin from you that is not on a certain list, they’d be running a risk. No matter how private you are with your Bitcoin, it wouldn’t matter. You’d need to find people willing to accept your Bitcoin with no trail. Such laws would force users into peer-to-peer markets, where buyers don’t care about coin history.
Even still, there are lots of barriers to this attack. Exchanges would lose millions of customers and billions of dollars of business. The “DeFi” ecosystem would potentially collapse, given it relies on users being able to purchase ETH with dollars on big exchanges and then withdraw to trading platforms like Uniswap. Companies in this space would vigorously resist any change that would prevent citizens from withdrawing Bitcoin or any cryptocurrency to self-controlled wallets.
As these examples show, there are plenty of kinds of regulatory attacks that should concern Bitcoin users, and they are much more likely than cryptographic or hashrate attacks on the network, but the reality is that many legal attacks have already happened, and they have been ineffective.
In 2017, the Chinese Communist Party restricted the ability of its citizens to exchange RMB for Bitcoin. Shortly thereafter, the Indian government did the same, followed by the Pakistani government and several others. In other words, the two largest governments in the world tried to cut off Bitcoin access to their citizenry at the most obvious point: the on and off ramps where citizens exchange local currency for Bitcoin through exchanges.
Last year, the Indian Supreme Court reversed this rule, and Bitcoin is no longer restricted. The government is again seeking to pass a bill prohibiting Bitcoin and all non-state cryptocurrencies, while also launching a digital currency to be issued by the Reserve Bank of India, but in the meantime, local usage grows. In China after the 2017 restrictions, some companies moved to other countries in east Asia, but continued to do business with Chinese customers. Two of the biggest exchanges for the Chinese market, Huobi and OKCoin, still service millions of Chinese. In Pakistan, Bitcoin is de facto banned, but adoption is exploding.
In Nigeria, the government is currently promising to freeze the bank accounts of any citizens who are identified as buying or selling Bitcoin. This regime has tried similar tactics before, but all have failed. What these actions actually accomplish is to drive citizens into harder to control peer-to-peer markets, and into the arms of risk-tolerant entrepreneurs committed to helping their fellow citizens access a better financial system.
In the United States, the recent last-minute attack by Secretary Mnuchin aside, American financial activity is increasingly monitored under laws like the Bank Secrecy Act. In line with this trend, cryptocurrency exchanges have introduced more stringent identification requirements for their customers, as well as increasingly small withdrawal limits. So far though, Americans are still easily able to buy Bitcoin and withdraw it to wallets they control, and this will be defended by new powerful allies.
Senator Lummis and Congressmen Davidson, McHenry, Emmer, and Soto, as well as state leaders like Miami mayor Francis Suarez, have all come out in support of Bitcoin, whether by hosting the whitepaper on their websites, promising to fend off overly-restrictive regulation, or pledging to make their jurisdictions hotspots for Bitcoin entrepreneurial activity and innovation. Mayor Suarez, for example, is pushing for employees of the city of Miami to earn a percentage of their salary in Bitcoin, for residents to be able to pay taxes in Bitcoin, and to include Bitcoin as part of the city’s investment portfolio.
Some argue that corporate America will try to attack Bitcoin. But so far, it seems that big companies are instead trying to join the party. In the past few months, Tesla, Microstrategy, Square, Grayscale, and others are buying up billions of dollars more Bitcoin than the amount being produced through mining. And, as savvy investors will realize, ultimately you can’t separate Bitcoin from its cypherpunk nature. Bitcoin is only valuable as an asset because of its decentralization, since no one can arbitrarily change its rules or decide to print more. Driven by self-interest, Wall Street may ironically end up being one of the biggest cheerleaders of this new technology that Washington can’t control.
So far, it seems that when governments try to ban or restrict Bitcoin, it ends up merely accelerating the adoption of the currency inside their countries. Governments that have failed miserably with their Wars on Drugs may find stopping people from holding something that’s invisible, borderless, and teleporting much more difficult. In democracies, governments will face major obstacles from the tech and financial industries, but also from the fact that restrictions on Bitcoin ownership can clash with free speech, privacy, and private property protections. Confiscation will require brutality, and it’s not clear that all governments have the stomach or ability.
In the end, Bitcoin’s biggest defense is human nature itself. We are greedy and self-interested, and this applies to our governments. Already, some authorities are starting to mine or are encouraging mining. This is happening everywhere from Beijing to Kentucky to Siberia to Ukraine. As the price rises, more and more are buying into Bitcoin’s value as a long-term store-of-value and inflation hedge. Just as some governments with weak currencies have been forced to dollarize, others in the future could be forced to accumulate Bitcoin. It’s a rivalrous planet.
Why would a government attack Bitcoin if it could gain more from using its energy monopoly or ability to print fiat to buy some? The rich and powerful will always design systems that benefit them before everyone else. The genius of Bitcoin is to take advantage of that very base reality and force them to get involved and help run the system, instead of attacking it.
In a world with friendly US regulators, rogue regimes mining Bitcoin to print dollars, and citizens of the world demanding an asset that can’t be inflated away, the incentive to attack Bitcoin is dwindling.
In the end, the only way to kill Bitcoin may be to make it so that people don’t need it anymore. If no one wants a devaluation-proof, censorship-resistant, permissionless, borderless, non-discriminatory, teleporting financial asset, then no one will feed it energy, and it will die. Perhaps humanity can come up with another technology that addresses these needs.
But until then, Bitcoin will thrive.
1 A miner is a user of the Bitcoin software competing to process transactions in exchange for mining rewards. Miners use specialized computing equipment called ASICs to race to find a special number. On average every 10 minutes a miner finds the special number and presents it to the network along with a block of valid transactions. In return, they are paid the mining reward, which today is 6.25 BTC plus transaction fees. The transactions are processed and cemented into the network’s memory and a new race begins. Because such a large amount of energy is required to have a chance at winning the race, today miners team up into mining pools which allocate rewards over time to participants based on percentage of hashpower contributed.
2 Hashpower refers to the processing power of the Bitcoin network. It is determined by the amount of energy miners spend in their competition to process transactions: currently, more than 140 quintillion hashes per second. A higher hashpower means a safer network.