[Cryptography] One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week

Peter Todd pete at petertodd.org
Wed Nov 8 05:54:51 EST 2017

On Tue, Nov 07, 2017 at 08:56:29PM -0500, Benjamin Kreuter wrote:
> On Wed, 2017-11-08 at 00:25 +0000, Karl wrote:
> > 
> > I’m sorry, but this report of energy use is not the metric you are
> > referring to.  Mining energy is used to secure the entire bitcoin
> > network. It would be exactly the same if there were no transactions
> > at all as if there were a quintillion transactions per second.
> That is also wasteful.  Compare that to the energy needed to secure a
> bank.  If the volume of transactions being processed grows, the energy
> that is needed to secure the transactions will also grow; if the volume
> shrinks, the energy needs shrink.

You are incorrect in thinking that the energy needed to secure Bitcoin
transactions is linear to the number of Bitcoin transactions.

First of all, the energy used to secure Bitcoin is roughly speaking a fixed %
of the total market cap of Bitcoin, with some growth due to transaction fees
(mitigated by the fact that transaction growth is mainly off-chain). This
market cap has little to do with transaction volume, as it primarily comes from
the need to store value, rather than transact (Bitcoin is an awful way to pay
someone in most cases).

Secondly, the amount of energy Bitcoin *needs* to be secure is simply more than
any attacker possesses. The maximum size of a potential attacker does *not*
scale with the number of transactions for a variety of reasons, including the
fact that as attack sizes grow out-of-band protections such as the legal system
become more relevant, the fact that it becomes increasingly difficult to profit
from an attack as the size of it grows, and the fact that a wider variety of
diverse systems - including beyond payments - get to reuse the same security
while attacks that cross multiple systems are difficult to profit from.

In practice Bitcoin probably significantly overpays, in that it uses
significantly more energy than the bare minimum. But safety margins are
important, and it's extremely difficult to predict in advance how big an attack
will be.

In any case, those who need the Bitcoin security model - a model that simply
can't be replaced by more energy efficient alternatives - aren't going to care
about this line of criticism, making these criticisms irrelevant academic noise.

As for those who don't need Bitcoin's security model, and can rely on
centralized trust, in almost all cases they can *improve* their security by
*also* making use of the security guarantees provided by Bitcoin in the form of
hybrid systems. For example, my own OpenTimestamps project is in use the
Argentinian government to timestamp official bullitins(1), adding additional
security via PoW at zero marginal cost to an inherently centralized trust-based

1) https://otslist.boletinoficial.gob.ar/ots/

https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171108/56259b86/attachment.sig>

More information about the cryptography mailing list