Attacking a network with GPU mining.
It is no secret that cryptocurrency markets today are really volatile. Often, this volatility has nothing to do with a specific coin or actions of its developers. For example, in the past, when a country with a significant number of cryptocurrency traders, such as South Korea, would announce new regulations and possible bans in the field of cryptocurrencies, the cryptocurrency markets would typically go down and there’s nothing developers can do about that.
Even in situations when a major exchange is performing upgrades, the prices may go down significantly. This is what started to happen when Binance was performing an upgrade in the beginning of 2018. During the upgrade, many people started spreading rumors that the exchange has been hacked, which is why the chief operating officer of Binance Zhao Changpeng chose to move 30,000 bitcoins between exchange wallets and provided the details of the transaction on his Twitter as proof that the exchange has not been hacked.
It is needless to say that when an actual hack happens, prices drop drastically. For example, the price of Ether during the hack of “The DAO” went down from over $20 per coin to around $13 per coin.
For a network like Sia, this is a very significant threat. If miners were to start selling their equipment or switching to a different network, the hash rate required to overtake the network would drop down significantly and there would be even more pools and entities that could overtake the network.
Attacking a network with GPU mining
As explained earlier, the price of network-specific hardware is linked to the price of the coin on that network. One of the consequences of this is that it is not economically sound to use the hardware that can mine coins on a blockchain network to attack the network. When someone is using hardware to mine coins, they are making money. If they stop using the hardware to mine coins, they will stop making money. So an attacker now has a choice: to be making money in a guaranteed way by using the hardware to mine coins in a legitimate way or to stop making money by mining and try to overtake the network. At the same time, if the attack is not successful, then not only will the attacker lose money by not mining coins and using the hardware to attack the network, but the price of the coin is likely to go down, and so the value of the network-specific hardware will also go down. This is a lot of risk for an attacker, especially in light of the fact that the attacker can be using the hardware to keep mining the coins and be making money legitimately.
However, these risks are very different when it comes to graphic processing units and not ASIC cards. If an attack on a network where miners use graphic processing units is not successful and the price of the coin goes down, the risks for attackers are less because they can simply switch to mining on a different network or can try and attack a different network.
Practically speaking, this means that the dropping coin price does not have an impact on the value of the hardware and, therefore, there are no risks associated with an attack and the costs become equal to the costs of electricity plus the money lost from not mining the coins during the attack.
In turn, this means that for hackers to become interested in performing an attack on a network like Sia, the payoff that the hackers will get need exceed the price of electricity plus the price of some other coin. The sum of these prices is much smaller compared to the sum that includes the price of equipment (as of the writing of this article, BitCoin AntMiner S9 cost close to USD$8,000).
The costs of electricity to mine a block of the Sia blockchain in the summer of 2017 varied between $500 and $2,000. If an Ethereum miner was to try and attack the network, he or she would also lose around $5,000 per block from stopping mining Ethers. With the minimum of six confirmations, the costs therefore would equal to about $31,000.
If an attacker were to include a number of fraudulent transactions into a block of Sia blockchain and then trade the funds from these transactions on a number of exchanges (which would essentially mean performing a multi-spending attack), the attacker could potentially make much more money than $30,000, then convert the profits quickly into various other cryptocurrencies, including anonymous coins such as Monero, and pocket a nice profit. Because the profit would be in a different cryptocurrency, users of Sia would have no way of getting their money back.
Unfortunately for Sia, this scenario is not theoretical. This is something that a somewhat large group of Ethereum miners could easily accomplish. This is a pure math comparison of hash rates and profits and at a certain point some miners would become interested in hacking a small network.
This scenario does not apply just to Sia. Many other small networks where miners can use graphic processing units are vulnerable in the same way and introduction of network-specific ASIC cards is a solution to this issue.