Collective Insecurity
The year is 2042. The Bitcoin Standard has begun to emerge. Businesses, governments, and individuals all use Bitcoin over the Lightning Network, and all petty debates and shitcoiner diatribes are relegated to the old internet. BTC is worth $1.8 million per coin (among those who still use dollars) and laser eyes are finally going out of fashion because people are just too bored of seeing it everywhere. Everyone runs their own node, and nobody earns less than $2 a day.
Glorious!
Unfortunately, the IRS is a bit happy about going after people with large BTC balances. You, having hodled more than 0.1 BTC from the “early days” when it only cost $100k a coin, are doing alright for yourself, but in an absurd twist of fate, the IRS is now coming after you for back taxes.
You live on the newly constructed Citadel in the Atlantic ocean. Nobody can force you to accept any blocks or transactions you don’t like on your node, and you use Lightning anyways. Just what do they think they can do?
You ignore them and check the status of your node.
Out of your six channels you have open, only one is connected to Coinbase, the global leader in Lightning Network Services. This is enough to allow you to route to basically anyone, anywhere in the world for any of your payments. You thought it out a while back and put half of your liquidity into that channel, 0.05 BTC. The transaction fees sucked, but you got in, and you didn’t even need a custodial account with them.
You are your own bank, and you have the same privileges and power as Coinbase does. Not everyone can say the same! In fact, most can’t.
Your other five channels are opened to friends and family, and you know they’re not all as well off as you are, so you make sure to route transactions through your node so that they can take advantage of your connection with Coinbase.
Altogether, they were able to put together 0.05 BTC of their own liquidity with you, making your total liquidity over 0.15 BTC! More than enough for a down payment on a house, if you wanted to buy a second one.
Life is good, really.
Recently there has even been an uptick in usage of your node as a payment pathway. Perhaps one of your friends was buying something nice for himself, or your node was just in the right place at the right time. Either way, you get some added fees for your services. Win, win.
But you will need to rebalance your channels, as all of your liquidity has gone to Coinbase’s side of the channel. Annoying, but not the end of the world.
In fact, you might as well just rebalance everything onto your side of that channel, since it looks like there’s a bit of demand to use your node for routing. The best way to earn more fees is to have more liquidity where the demand is.
So you send yourself a transaction, transferring liquidity from your other channels into your end of the channel with Coinbase. With your channels rebalanced how you want them, you get up from the desk, ready to spend some time with your kids.
But something stops you. A notification. Your node detected a channel closing transaction. Coinbase just closed their channel with you, and — no way! They used the previous channel state!
Laughter explodes past your lips. If only they’d tried that two minutes ago, you’d have been able to take all the funds in that channel, AND you’d have your funds that you’d just rebalanced through your other channels.
You authorize your node to send the penalty transaction, and, thoroughly amused, you leave to play with your kids.
Life really is good.
But when you return that evening, your penalty transaction hasn’t gone through.
You check your node’s settings and the transaction that you broadcast to the network, and it certainly seems like the fee was high enough… No matter, though. You’ve been through this rodeo before. You increase the fee and resend it. It’ll be confirmed by the morning.
Once in bed, you make love with your wife, then fall asleep contented.
Really, life is good.
The alarm sounds. You get up, brush your teeth, and check the morning news. It looks like you weren’t the only one to get a channel closure from Coinbase. Before you can read the article, your daughter spills her cereal and you have to change your clothes before heading into work.
If only you’d been just a year earlier to get into Bitcoin, and you wouldn’t have to work at all.
Quickly before you head out the door, you check your node. Still, your penalty transaction hasn’t been confirmed.
But that’s not right. You checked the going fee rates, and you definitely paid enough. How much time until the contract closes and Coinbase can spend the coins? How long until they can spend *your* coins?
You increase the fee again and resend it, but now you’re getting concerned. On the way to work, you think through all the ways you could make sure your transaction gets through, and all the ways it would ruin you if it didn’t succeed.
How much money did you have in your other channels? You just rebalanced everything into the Coinbase channel, so your other channels have lost liquidity on your end…
Dread fills your heart. If Coinbase takes all of your coins in their channel, then not only did you lose your 0.05 BTC with them, but all the liquidity you rebalanced into the other channels.
You park halfway onto the curb and run into your office. You’ve never remoted into your node so fast before. First you check your channel liquidity. It’s just as you feared. You have no liquidity left but in the Coinbase channel, and your penalty transaction still hasn’t been confirmed. Until that clears, you have no money, period.
Panic begins to set in and you remember the article you saw that morning. You do a quick internet search and find what you’re looking for and read on.
Coinbase, in cooperation with the United States Government, is issuing channel closure transactions to all outstanding tax evaders with the intention of confiscating coins. The two largest miners in the world, accounting for over 60% of global hash power, are also cooperating and will refuse to accept any related penalty transactions or blocks that include them into the chain.
“Any perpetrator who attempts to fight against these channel closures will be guilty of attempted obstruction of justice, and any penalty transactions they create will be held as evidence of their crimes. Finally, these criminals will face justice,” said US President, Ariana Greenblatt in a press conference Thursday afternoon.
The Chinese government has issued similar decrees over their own citizens and both miners and Lightning Services Providers are expected to cooperate.
You stop reading.
This is impossible.
Why isn’t your node rejecting the latest blocks? Why is everyone still following these miners? They’re stealing your coins!
Have you just incriminated yourself by publishing not one, not two, but three attempted penalty transactions?
Your phone rings. It’s your wife. Your streaming payments have failed, and the utilities have shut off.
You look out the window as the tow truck pulls into the parking lot.
Life, it turns out, might not be so good after all.
Setting the Stage
The above story, while obviously fictional, describes a scenario that is both realistic and unpreventable using the technology of the BTC/LN stack.
In fact, the most unrealistic thing about the story was when it occurred. It won’t take 20 years for this sort of confiscation of funds to be possible. With sufficient international cooperation, governments could make this happen today, and your zero hash power consumer node can’t do a thing to prevent it.
Let’s explore the scenario in a more straightforward manner.
The character in this story, “you”, had 6 Lightning channels open, one of which was with a large financial operator who provided realistic LN payments routing.
At scale, routing across LN will require large, central entities such as this, just like the Internet does. However, unlike the internet, there are greater pressures to centralize the routing infrastructure, as routing is a very difficult problem on its own, which Lightning compounds with channel saturation, fees, and the need for payments to be atomic (thus locking funds in a route until payment is complete). Further, every time a transaction is made on the network, the state of the network changes, meaning transactions over a certain size will have different channels available to route through.
These large institutional players in the Lightning Network will be used by governments to enforce all sorts of regulations, and because the system is global, the reach of their arm will become far longer than it is even today.
This should be obvious, given recent methods governments have employed both in regulatory practice and attempts to manipulate its citizenry. From vaccine mandate enforcement across the globe to the confiscation of donations to protesting truckers in Canada, governments have used businesses to enforce their manipulations of the people.
Operation on the base layer, BTC, will be the only means of avoiding much of these activities. And yet, that is no solution either.
Thanks to the dramatic restriction of block size in BTC, miners have only one means by which they can compete over revenue, whether that revenue comes from the block subsidy or transaction fees.
To gain revenue, miners must find blocks, and there is only one input to their operations that affects how quickly they find blocks: hash rate.
As a result, all mining in a small block ecosystem will turn into a hash-only competition.
The alternative in a large block ecosystem would be miners competing over the size of blocks, which transactions they include in their blocks, the complexity and size of transactions, fees they’re willing to accept for transactions, and any number of ancillary services they’re willing to offer, all in addition to the rate of finding blocks.
When competition is limited to a single niche in a market, that market consolidates. Extra firms, even individuals attempting to contribute, carry too much dead weight. The smaller, less efficient firms are priced out of the market.
As can be seen in all other markets, firms that are large enough to invest in capital specialization leads to greater efficiencies. Scale itself enables efficiencies of its own, offsetting fixed costs, and providing new opportunities with which to economize on that scale. With enough size, it even becomes worthwhile for a firm to vertically integrate its production structure, streamlining its operations and removing middle men from the picture.
Specialization, economies of scale, and vertical integration.
Through these means, large firms out compete small firms, and the small firms can no longer compete. As the small firms die out, their capital goods are bought up on-the-cheap by the larger interests. The market consolidates.
Said differently, small blocks lead directly to a small number of miners, while large blocks, despite a larger barrier to entry, allows for more firms to survive in their own niche in the market, keeping the market distributed among many players.
While it is convenient to point to today’s widely distributed mining market as evidence that my claim here is wrong, such an attempt is foolish.
In today’s market, miners are not under significant pressure. The increasing price of assets such as BTC have outpaced the ability for ASIC chip manufacturers to increase the difficulty of hashing block headers. Confiscation and destruction of hashing hardware in countries such as China has also greatly diminished the hash rate that is online at any one time, further contributing to the profitability of active miners.
However, great profitability attracts great investment, and the SHA256d hashing market is no exception to this inevitability.
In addition to the long standing ASIC hashing machine producers such as Bitmain, MicroBT, and Canaan, new and rather more formidable players are entering the market.
Intel, one of the largest chip manufacturers in the world, is actively developing and has announced their intention to sell ASIC mining machines. Will they also be miners themselves?
But the bigger danger to miner profitability is that there is no guarantee, regardless of past performance in the markets, that BTC’s price will rise above its all time high ever again.
And as always, the halvening looms ever closer, at which time the block subsidy halves, leaving miners ever more dependent on users of the chain paying transaction fees to fund their entire operations.
Asset prices cannot rise indefinitely. Hash power will always grow as profitability remains high. And always, the halvening looms closer.
Wishful thinking alone remains to comfort the believers in mining with perpetual 40% profit margins.
It is inevitable that mining profit margins will diminish, and it is inevitable that competition will price out inefficient competitors.
In a system that is limited to competition over hash power alone, this means it is inevitable that control will consolidate under a few extremely large players, unless the system dies before that can be achieved.
There is nothing left required to make the scenario I shared above possible. The stage is now set, and the only thing left is to more clearly define the methodology used to confiscate funds in the story. This is important, as it exposes the utter impotency of individual consumers or their nodes in controlling consensus in the network.
With centralized Lightning services and consolidated hashing, the consumer is at the mercy of the powerful.
The Oppression of Soft Forks
Now it comes to the explanation of how it is possible for the story I told above to occur.
Given just two facts, first, that an individual is connected to a susceptible counterparty, and second, that mining has consolidated sufficiently for government oversight to be effective, the “trustlessness” of Lightning channels breaks down. There is no recourse for consumers affected by this attack whether they run a node or not, and the network and all its participants are incentivized against the individuals affected.
We will define several players.
The target is the individual from whom funds will be taken.
The attacking parties consist of several colluding entities, but for most purposes can be referred to simply as the attacker. These attacking entities include the target’s channel partner, whose channel will be closed in a prior state, as well as the miners, and if they are involved, any government or related entities who are coercing the collusion among miners and the target’s channel partner.
With the players established, we can explore the scenario.
First, the attackers must have sufficient hash power to control the inclusion or exclusion of channel closing transactions. With at least 51% hash power in their control, the attackers can ensure that consumer nodes follow their chain, and they can disrupt any attempts to coordinate outside the use of nodes alone.
With hash power under their control, the attacking parties have two approaches they may take.
1) Close the channel in the most favorable state currently available to the colluding parties using an outdated commitment transaction, or
2) If the target is routing payments through their node, rebalance liquidity in the target’s channel to maximize the amount of funds to be gained from a forced channel closure.
In the first case, it is quite simple. Close the channel in the state most favorable to the attackers, and prevent the target from confirming a penalty transaction, which would move all coins to the target rather than the attacker.
In the second case, the strategy is slightly more complex. First, if there is no prior channel state where all the liquidity is on the attacker’s side of the channel, the attacker sends transactions to himself through the target’s node, moving all coins from the target’s side of the channel to their own.
In doing so, this ensures that the entire channel’s balance can be confiscated.
Next, the attacker rebalances in the other direction, sending a transaction from their channel with the target to other channels owned by themselves, moving all the coins to the target’s side of the channel.
This step is not as obvious. In fact, by merely moving liquidity to the attacker’s side of the channel, this makes a channel closure uncontentious. All of the user’s coins remain in their total channel balance, but the liquidity has shifted into other channels. Closing the channel now would not take coins from the target at all.
Moving the coins to the target’s side of the channel via rebalancing in other channels means that closing the channel in the prior state would take coins from the target. In fact, it would also increase the attacker’s coin balance in the channels they used for rebalancing, as they shifted liquidity from their channel with the target into other channels that they control.
When closing the channel after rebalancing liquidity into the target’s hands, the entire balance of the channel can be closed into the attacker’s control, even while the entire channel balance’s liquidity has been moved into the attacker’s other channels through rebalancing.
Said simply, the attacker can use this approach to take not just the balance of the channel they have open with their target, but up to twice the balance of that channel by manipulating the target’s liquidity out of their own hands and into the attacker’s hands.
The attacker can steal funds from the target within channels the attacker doesn’t even know about.
And there’s nothing the target can do about it.
The channel closures were conducted entirely within the consensus rules of the base layer. Nobody’s consumer node will reject blocks or transactions, nor will they even be aware of the event unless they themselves see your attempts at broadcasting a penalty transaction, and they will only know this if their node is programmed to track and report such things.
And if everyone’s nodes are programmed thusly, all it will take to defeat this node rule is to run enough nodes that refuse to propagate these penalty transactions that propagation is prevented. The only way to defeat this is to connect directly with affected nodes, forming a sub-network structure, similar to how miners connect directly to each other in order to lower their orphan rates.
However, consumer nodes are disincentivized to do this, as high connectivity is costly, and there is no financial benefit to them for doing so. What remains is a loosely connected, easily disrupted network of users who do the bare minimum to interact with each other.
The result is that even the target’s node will continue to follow the longest chain even to their own detriment, unless the target actively decides to reject it themselves.
And then what?
Will the target’s friendly channel partners take pity on him and give back the funds that were stolen through their channels? This would come at a cost to these channel partners, disincentivizing them to help the target. Further still, these few individuals are too small to coordinate a boycott against the longest, dishonest chain upon which the funds have been stolen.
What remains is the coordination of a boycott in the traditional way. The target, now the victim, must convince the consumers of the chain to act on behalf of the target, to throw away the history of the chain just to get the target’s money back.
In fact, they must do so against the pre-established consensus of consumer nodes, whose accepted rule set accepts the confiscation of the target’s coins.
The very means by which consumers were said to have power over the miners becomes the tool by which the consumers are made subservient. The notion of trustlessness is a moral hazard, a lie upon which passivity and ignorance is built and consumers taken advantage of.
This is what soft forks do. When sufficient hash power is established to force a soft fork into place, what can others do but follow along? After all, no rules were broken even as new ones were added, whether or not the rest of the network wanted them. The only way to fight back is with sufficient hash power to control the longest chain, rejecting the more limited rule set of the attackers. Without this, all who remain are coopted into supporting the soft fork, even against their own interests, because their only alternative is to reject the network entirely.
Only miners produce blocks, and consumer nodes may only choose to follow the blocks that are made available for them to follow. Do you trust miners not to soft fork their way into control over your finances and the entire monetary system you depend on?
Prevention of the oppression of soft forks can only be achieved through sufficient distribution of mining power among many players to prevent collusion, even under coercion by governments, to undermine the system.
Consumers are not powerless in this system, but passivity makes them tools for those who wish to manipulate them. The more passive consumers are, the more easily despots profit.
Competition breeds active participation. Competition between miners enforces rules that are fair to all, and when disputes arise, creates alternatives between which consumers may choose.
Pre-coordinated collective action breeds passivity, and turns men into mules for the plow of their masters.
Competition, not pre-coordinated collective action, is the means by which Bitcoin is kept free and independent from the control of any one or few interests.
Only large block systems can ensure competition between many miners, as small block systems always consolidate.
This is why I support Big Block Bitcoin.
This is why I support Bitcoin in its original design.
This is why I support BSV.
