I found it surprising that it is possible to rent enough hashing power for many of the smaller currencies, which makes me question the use of PoW for smaller coins.
Please note that the attack costs do not include the money you earn in the form of block rewards, so in many cases the costs will actually be substantially lower.
This is a little different from how people have been told to think about it before which is just focusing on the blockchain itself rather than the mining power behind any given variation/fork/whatever of block chain.
Ps. And that probably should be taken a step further. If you have families of coins that are all GPU mined, then you need to consider the tota GPUs mining them and the hashing power of those GPUs and the ability for them to switch functions. Now GPUs are a blip on ASICs so for the predominantly asic mined coins this doesn’t matter.
All GPU-mined coins (except the hashrate-dominant one: Ethereum) are massively vulnerable to majority attacks because of the huge pre-existing installed based of GPU miners.
As I said in https://news.ycombinator.com/item?id=17173774 the only solid defense is for each coin to implement an ASIC-friendly algorithm that is unique to this coin, so there is no risk of 51% attacks from a pre-existing installed based of miners.
* genuine decentralization
* reliably generates a concensus with global supermajority, little or no forking (objective chain selection)
* fault tolerant network, minimal fragility / auto recovering, can't be permanently crashed / hijacked
* requires no human intervention
Everything I've seen so far in terms of PoS violates at least one of the above.
Hashgraph doesn't deal with concensus (it offload that to other layers), Ripple doesn't really deal with decentralization, Algorand is fragile, most PoS require human intervention besides often having several other faults.
Also there's probably more criteria like these that matter.
"Genuine decentralization" / and "consensus" are not necessary to make a useful currency.
There's also massive cost and risk with the currencies that do implement those criteria.
We should all be open to different alternatives that WORK, and not reject them out of hand just because they're not implemented in such a way that they have attributes we LIKE.
This is a really good point, and part of what I am hoping people come to understand from this website. Ignoring the risk of renting power from NiceHash to launch an attack, large existing miners could easily switch to a smaller coin for a few hours to attack it, and typically it would be very profitable.
that was literally stated
Paraphrased: there's no risk, except that you lose all of your money (because your coins are now worthless).
One of the questions I've been chewing on is whether the supply of *coins is effectively infinite. (If it is, that means substantial downward pressure on prices, as available speculative capital gets smeared out over the various options.) This seems like a pretty clear limitation: if a bad actor can crush a small currency, then we should see a lot fewer small currencies.
Do you (or others) have a sense of where the equilibrium might be? Clearly if an attack can be mounted for a few hundred bucks, jerks will do it just for the lulz, which suggests that there won't be a long tail of cryptocurrencies. But is it also plausible that a major Bitcoin player might try to smash something like Bitcoin Cash just to drive activity back to a more major currency, thereby benefiting their holdings?
The availability of gold in the galaxy Andromeda doesn't affect gold prices on earth. Not equivalent analogy, but related - your market will only be hurt if there's economically accessible supply of equivalent or competing assets that fulfills the same need.
Valueless tokens don't fulfill the same need.
This suggests there's no obvious limitation on the creation of economically unproductive speculative instruments. Even though they all start at $0, any new token has an unknown upside, as the price can only go up. For some that's apparently a compelling bet.
Will this process only stop when people stop looking for the next Bitcoin? Because for them, a valueless token definitely fills a "get in on the ground floor" need. And there are a lot of people doing that right now: https://www.google.com/search?q="the+next+bitcoin"
And of course the new coin needs to maintain its share of that hashpower indefinitely to survive.
This seems like a bad thing, since it weakens the implicit threat of hard forking that keeps BDFLs in (non crypto) open source projects from acting too strongly against community consensus.
If mining is supposed to be profitable, shouldn't it be profitable to control 51% of the network? Seems like economies of scale should lead to a clear industry leader. Whats stopping this from being the natural progression of bitcoin?
What are the downsides? Is this illegal?
The downsides? You need capital to spend and double-spending is fraud.
It would be a kind of an alternative benefit comparison.
I think the major caveat here is that it only takes ~35% hashing power to pull off a 51% attack, assuming you leveraging block withholding and other strategies.
At ~50% hash power and with a victim who waits <10 confirmations you still only have a ~1/2+o(1) probability of mining a longer private chain. The point is if you can maintain the 50% long enough, you can expect to eventually have the longer chain.
You can also have <50% hash power and double spend, it is just progressively less likely to succeed. The calculations in the Bitcoin whitepaper (p.7) for choosing a transaction confirmations threshold assume the attacker can maintain their attack indefinitely .
To clarify, the whole point of selfish/stubborn mining is to increase your mining profit by wasting the honest miners' time when you withhold new blocks (so they unknowingly mine on a shorter chain) and then trying to propagate your withheld block faster when you see an honest miner release a new block. Therefore you get a greater effective proportion of the network's hash power. Of course if you're more than one block ahead of the honest chain, you can just propagate the next block in your withheld chain. But, when you're attempting a double spend, your withheld chain has to remain private the entire time otherwise the victim would see the honest transaction invalidated and cancel the e.g. exchange withdrawal.
There's a cool paper on some extended selfish mining strategies combining eclipse attacks .
Also interesting to note is that selfish mining is only profitable if only a few miners are using it, like a kind of prisoner's dilemma .
Interesting. I'm curious to hear more about how this strategy works.
This site is good work.
Of course, you could also just nuke the entire network by not confirming any transactions. But you can't steal from people directly.
This clearly inflation and possibly fraud (depending on what claims were made when you bought the crypto coin), but I don't think you can call it theft (unless you think all inflation is theft).
Nope, definitely not stealing without question. It's economic policy which is a lot more nuanced. Not saying it's never stealing, but issuing more currency has been happening for decades and it's no surprise to anyone.
Your example and double spending are definitely not the same: with double spending you are basically giving coins to an exchange, which you later "steal" back via forking the chain. This is against everyone's expectations AND against the ToS of all exchanges (which you break if you double spend deposited coins).
Issuing more FIAT currency is very similar to mining (pumping more money into the economy) which I don't think anyone considers stealing. Double spending however..
> In some cases this can be quite significant, and reduce the attack cost by up to 80%.
I get how block rewards bring the net cost down, but where does the 80% number come from?
It's a rough number - In the case of Bitcoin, the miner receives 12.5 BTC (+ transaction fees that I will ignore for now) per block, with a block time of 10 minutes, so they will receive 75BTC per hour, or $544,275. In this case it wouldn't be possible to actually rent anywhere near this much hash power at this price, but for smaller coins it would be possible to do so.
There are ~10 million GPUs mining cryptocurrencies in the world today. Because the majority of them mine Ethereum (5-10 million are needed to generate 250 TH/s), it means the other coins can easily be overpowered and attacked if a small fraction of GPU miners decided to do so. For example look at Monero: 400 MH/s of CryptoNightV7 hashrate means there are 400k-800k GPUs behind it, therefore only 4-8% of the pre-existing worldwide GPU mining capacity is needed to attack it.
In a way we could say Monero is vulnerable to a "4-8% attack!"
The best way to defend a coin from this scenario is for it to implement a unique PoW algorithm that is very ASIC-friendly so that GPU miners couldn't overpower it. Of course the same attack scenario would exist if there is a large pre-existing installed based of this ASIC, so the PoW algorithm must be unique. For example Bitcoin Cash could currently be attacked by 10% of Bitcoin miners as they are both mined by the same SHA-256 ASICs.
The irony is that the misguided trend to try to be "ASIC-resistant" is actually worsening the value proposition of all these GPU-mined coins as it makes them more vulnerable to the very real possibility of 51% attacks...
Whichever fab produced it would have a huge hardware advantage in mining. They would mine themselves and just use 51% of their physical units (versus renting on a time-slot market) to do the attack.
The price-tank disincentive is multiplied by the block reward size -- the lower the reward, the the less the miner would care. The price-tank disincentive also is attenuated by future equilibrium mining. If you make the first ASIC and don't attack, future manufacturers will pop up as mining becomes more profitable. If you tank the price, mining profits may become low, but you thwart competition.
Attack gains are not connected strongly to the above disincentives. Attack gains are higher the more often you can cycle the coin -- you can actually steal way more than the market cap of the coin theoretically by cycling exchanges / other mechanisms of payment. Then you start running your 51% attack and reverse hours, days, weeks of transactions.
I see your point that there is some disincentive for a 51% attack, but I'm not sure that's enough.
This is exactly what they are doing.
Lots of people are buying GPUs, but any SINGLE gpu coin has a very small percentage of total GPU hashpower.
For the extreme case, image that I have GPU coin, but I am only supporting it with MY GPU.
That means that any other person in the world, can now attack my coin, if they have more GPUs than me (1).
The fact that lots of people own GPUs doesn't protect me, because those GPUs aren't contributing to the network!
In reality, as you continued buying up hashing power, the price of the remaining hashing power would go up precipitously. This is basic supply and demand.
It's like how companies' market caps are determined by the the last few trades, even though the last few trades probably represent .01% (or less) of the shares in the company.
Probably best to read the numbers a bit qualitatively. A coin that is 2% nicehashable would require substantial efforts (probably negotiating with a few private pools) to mount an attack; perhaps impossible for a not-connected miner. Wheres coins approaching the double digit percents probably is quite possible if you have even lukewarm connections. And those near 100% or above are likely super vulnerable.
Can't imagine how difficult it would be to hoard a ton of hardware.
It's definitely a lot less do-able for the larger currencies - I still think PoW is a good option for them honestly. This was more to show that 51% attack risk is problematic for smaller coins, and I'd love to hear a discussion on the best way to fix this.
Proof of stake (still problematic for very small cap) or proof of ID (my favorite) using something like the e-estonia crypto ID system. You can prove every miner is a unique person, award them coins on a deterministic pseudo-random order.
I like crypto, but the greatest danger of it seems to be the potential for economic enslavement(we don't like you, therefore you can't buy bread anymore) through censorship and oppression.
If you are worried about targeted censorship, I seem to recall from the first days of BTC that there are ways to "shuffle" IDs: participate in a pool P, get a new ID that is untraceable to the original one but that is traceable to pool P and offers the guarantee that there are no duplicates.
But note that no cryptocurrency is "censorship-resistant" (I am of the opinion that financial transactions are not free speech, so calling it censorship is not the appropriate word and confuses issues). BTC can be (and has, in China) be forbidden. Forbid mining, jail people who do it. Easy in a country that bans also VPNs and Tor.
BTC is only as strong as Tor is and Tor is dependent on the governmental goodwill to let people use strong crypto. Keep in mind that until 2000 US companies were banned from exporting crypto tools that the NSA could not break  and even to this date, restrictions exist for some material and countries. USA is just one executive order away from making Tor, VPNs, and thus, anonymous BTC mining, illegal.
And I think that many countries will ban BTC. China is more energy-constrained than most of us, but the energy needs of the BTC netword is gargantuan. I think they have a year to solve that issue (I think they will use proof-of-stake) before states starts pulling the plug.
And always remember that as cool as crypto is as a tech, it does not exist in the vacuum. While it allows to navigate against an incompetent but permissive state, it does not fare well against a competent hostile one.
A part of the problem of maintaining cryptocurrencies (or anonymous networks) is political, not just technical. I too, as a geek, love the prospect of being able to solve political problems with technical solutions, but it only works up to a certain point.
Estonian citizenship is not required. May crypto-geeks have an estonian ID certificate. If I were still into crypto I would have made one for myself I think.
Once registered, you don't need to trust the Estonian government at all: you get an IC card and a reader (all open source IIRC) and you can autonomously authenticate. If memory serves, you can even authenticate pseudonymously.
Note that you don't have to trust everyone, you have to trust the e-ID registration system as a whole. That is, a single flawed individual won't be enough to corrupt the whole thing.
Which is fine, but than don't talk about cryptocurrencies. These are supposed to be trustless, not trustless-except-we-all-have-to-trust-the-government. Just talk about some new state system that uses some cryptography somewhere.
> Exchanges respond to these `weak` coins by increasing their confirmation requirements. Some of the really small coins would probably need huge numbers of confirmations.
> Lots of confirmations, which would likely damage the value of the coin.
> Lower price would reduce the miner hashrate
> Lower hashrate would further lower cost of 51% attack.
> Exchanges increase confirmations further
It would've made more sense to me to show the required capacity / available NiceHash capacity.
That's not the only way it's misleading. Peercoin is listed as 8,559% available on nicehash, but peercoin is a proof of stake coin. It doesn't use hashpower to secure it's transactions, so it's not vulnerable to a 51% hash power attack (although it is vulnerable to other kinds of 51% attack).
As per wiki, it uses hybrid of PoW and PoS:
edit: I've removed Peercoin since it is a PoW + PoS coin as the GP points out, so these numbers are inaccurate.
1. NiceHash doesn't have anything like the hashpower you need to attack a major coin such as BTC or ETH. The chart admits that NiceHash has only 2% of the capacity you need to accomplish this on Bitcoin. You'll need to start buying ASIC hardware or graphics cards to cover the other 98%. Both of those are hard to obtain in very large quantities quickly.
2. Since you have to buy the hardware, you can expect to pay much more than the NiceHash prices imply. Bitmain is one of the major suppliers of such hardware, so let's use their prices as an example. One of their top Bitcoin ASICs is a 14 TH/s unit that costs about $1,000 . So you need about 2.5 million of these units at a cost of 2.5 billion dollars. Not that Bitmain has the capacity to fill such an order.
3. The cost of those ASICs is just the beginning. Have you seen photos of those Chinese data centers that have racks of mining ASICs on shelves? Each of those data centers has maybe a few percent of Bitcoin's hash rate, so you'll need to build something at least 30x larger. Your electric bill alone will exceed the GDP of some small countries. Since you've already spent billions of dollars on ASICs, hopefully you have some money left to pay it and hire a data center ops team.
4. How fast can you build all this out? Bitcoin's hash rate has grown 30% over the last month. You might sink billions of dollars into this project only to discover that you've come up short.
5. Congratulations, you can now make a few million dollars by 51% attacking the blockchain. You would, for example, deposit some bitcoins with a bunch of exchanges, sell them, withdraw dollars, and then use your hashpower to unwind those deposits and put the bitcoins back into your own wallet. It'll take a few hours (or less) for every exchange to notice what you're doing and freeze withdrawals. The bitcoin price will free-fall as everyone wonders about how to prevent this next time. You may or may not be arrested and charged with wire fraud. You're done!
It's heartening to see things like Ethereum moving in a proof-of-stake direction , and there's a lot of hope for a lot of the new cryptocurrencies out there. But Bitcoin itself is far more centralized and government-controlled than a lot of people think.
 It's a hot topic: https://www.google.com/search?q=china+capital+controls
 E.g.: http://time.com/4298731/this-is-how-much-money-you-can-take-...
China's [...] willingness to execute people for corruption
If an autocracy needs to buy the loyalty of the army/police/government officials, instead of paying them cash the autocracy can simply turn a blind eye to corruption. That means you don't need to spend your own money to bribe them - and if any of them display disloyalty, you can simply have them executed... for corruption!
So you always have to be wary when you hear a regime is cracking down on corruption - it may be they're simply cracking down on disloyalty, while retaining their private pro-corruption stance.
Whether one likes it or not, Xi is genuinely trying to make China more like the US and letting the private market play a much bigger role while reducing government support. He's just like Reagan.
If you're interested in learning more, I'd suggest starting with Google: https://www.google.com/search?q=bitcoin+money+laundering
>People use actual cash for money laundering. Why wouldn't they use electronic cash?
I'll help you to the conclusion without googling. Actual cash is not electronic, and thus tracing efforts are much harder. Electronic cash can be traced near instantly.
I really don't see why you had to have this PA tone on your comment? Could you elaborate more on your stance?
As for Bitcoin, people can always fork it. Remember to ask the question, "What is money?" I think it's in the interest of the Chinese gov't to extract value from Bitcoin, not destroy it.
Now your mining power is: 20 MH/s * 2 billion = 40000 TH/s, or 0.1% of Bitcoin's hash power.
Hence my specification for industrial scale. More likely: a corrupt data centre system admin or government official. In any case, if you’re taking on the Bitcoin network, doing it with fairly-obtained resources would be silly.
See the paper “Hijacking Bitcoin: Routing Attacks on Cryptocurrencies”  for more details on this.
IE, you somehow compromise 51% of the EXISTING hashpower, do your attack. It doesn't matter to YOU that their mining hardware will become worthless.
I mean, I guess it's still viable. It's just street-robbery-viable.
For example, voting works well in a democracy, but if we can sell votes, democracy would likely collapse because rich organizations would buy it up and control all politics. (Some say this is already true; but you know it would be way worse if votes were openly sellable).
Satoshi foresaw people trying to mount a 51% attack by buying a ton of machines, and so he went to great lengths to ensure this was unlikely using mining. I don't think Satoshi foresaw the liquid AWS-like market for instant hashing power. The ability to mount a limited-time 51% attack makes the attack literally 1000x easier than a buy-machine 51% attack.
Your question is still valid and good, but not in the way you have phrased it. The real answer is: laziness. NiceHash is easy and steady. If you have a nice gaming rig, you can make a few extra bucks a day by selling your hashing power while it's idle. If you are a serious miner, you probably don't use NiceHash.
Many wallets, exchanges, etc require a minimum number of confirmations before allowing you to spend the coins to handle reorgs that happen naturally.
For example, in Bitcoin this is often around 6. With 1hr of hash rate you might be able to get 7 blocks but likely you’ll actually need more time to get enough blocks or successfully attack. Accounting for this would increase the cost substantially.
Either way, pretty neat site!
In all cases, you can reverse about 1 hour worth of blocks. In practice, when wallets/exchanges/etc pick a minimum number of confirmations, they are really picking a minimum time. So, if bitcoin had double the blockrate, they wouldn't say 'well, we only require 6 blocks, so you only need ~30 minutes of an attack', but rather, 'we require ~1 hour, so you need 12 blocks of confirmation'.
The main purpose of my post is that to actually pull off a successful attack you probably need more than an hour, so the numbers are making it look like it’s cheaper than it would be in practice (ignoring other factors other commenters have shared about acquiring ASICS, data centers, and such).
You can’t 51% attack Bitcoin for $611K, but your site says you can. While the site can’t be perfect, it would be helpful to make it more realistic. If a news site picks this up and doesn’t understand the nuances they’ll accidentally spread FUD and mislead a lot of people.
Difficulty adjusts every 2016 blocks.
One problem I found w/ the website: you have included Peercoin, even though Peercoin uses PoW only for initial coin distribution and not block validation. Block validation is done through PoS.
- lack of exchanges accepting it
- delays on withdraw/deposit to/from exchange
- exchanges requiring verification of user PI
(Not to steal peoples' money but rather just to prove security or lack of it!)
Suppose you're Coinbase. The way you protect yourself is on large transactions, waiting for more confirmations. This increases the amount an attacker must spend to do a 51% attack. If you wait long enough, it's not worth it. But wait! The attacker can use multiple accounts and multiple exchanges, so now Coinbase has to look at the total volume of newish transactions on the blockchain in order to know when it is guaranteed to be safe.
The upshot of this is that a POW blockchain cannot securely transact more money per hour than the 51% attack number. That's also approximately the amount of money miners spend per hour.
Total world payment volumes are on the order of a quadrillion dollars per year. Unfortunately world GDP is only $80 trillion. Even if we reoriented our entire economy to do nothing but mining, we could only protect about 10% of all of the transactions.
* AGE: i mean, how recent was the deposit of any coins involved in any transaction. So if I send a large quantity of Bitcoin Gold to an exchange (they are marked as 'new'), then if I immediately exchange them to Ethereum, the Ethereum is now also considered 'new'. If I try to withdraw the Ethereum the exchange delays withdrawal.
1) If you can pull off an attack for a few hundred bucks, it's probably on a coin that will only net you a few hundred bucks. Remember, these coins are thinly-traded altcoins, many of which only do a few hundred bucks worth of volume on exchanges in the first place.
2) Once you pull off your attack and people realize what happened, the "free" coins you get back will be worth shit because nobody will want that coin.
It's not as much of a free lunch as it might seem at first blush. I most certainly possess the domain knowledge and skill to pull off a 51% attack, as I have contributed code to Bitcoin and many other cryptocurrencies, written open source mining software, etc. But I would need several million dollars in starting capital to make the kind of money that would make me even consider it. That time would be better spent hacking away on a project with the potential to make me sustainable income, or a client project where I'm paid by the hour.
On point 2 I thought the entire point was to double spend - so you have 1 einsteinium or whatever, you put it in the exchange, you use it to buy bitcoin. You re-spend it at another exchange buying bitcoin. You got twice as much bitcoin as you paid for. As long as you're out before it becomes obvious what you've done you make profit.
What is quite ironical, because if any of them just become a useful currency, that means it would get instantly attacked and worthless.
Market Cap ($M) 1h Attack Cost ($)
Bitcoin Cash $ 16,060 $62,356
Dogecoin $ 380 $66,908
Well they don't have to be on the receiving end of the attack. They can be, you know, on the other end.
However it may be the case that a third party holds "owners of the mining hardware" by the proverbial or actual balls. Then the calculus changes.
Bytecoin BCN $986,840,000.00 CryptoNight 164 MH/s $637 219%
Bitcoin Private BTCP $470,080,000.00 Equihash 12 MH/s $1,280 922%
Bitcoin Gold BTG $706,750,000.00 Equihash 29 MH/s $3,120 378%
MonaCoin MONA $204,110,000.00 Lyra2REv2 2 TH/s $3,218 436%
Vertcoin VTC $73,570,000.00 Lyra2REv2 697 GH/s $954 1471%
With so many actors it could be very steep. Like 51% capacity has 99% chance of success and 49% has 1% of success and 40% has practically zero chance (these are made up numbers).
It could also be quite shallow as in 1% capacity gives you 1% of success... that would actually be quite bad and invite malicious actors to test the system with regular attacks.
(rather, it will be POS when full decentralization and staking are implemented later this year, but it's not and never has been POW).
Agreed, it seems like a very thoughtful design and I'm excited about it.
Edit: or would the malicious code live in a mining pool that you direct the nicehash hashing power to?
Alternatively they could start not to accept the spoiled coins. If account a double spends x, they track where the coin goes, let’s say b accepts y:=x-? coin then a still has x-y spoiled coins and b now has y spoiled coins. Now you just don’t accept transactions from accounts that have spoiled coins. Would work with bitcoin.
Also the government can come up with similar regulations to crack down on bitcoin.
That would be a perfect way to lock another user's account out of exchanges. Care to give me your address? I'd like to send you some spoiled bitcoins I have lying around... ;)
As for the government, you can be sure they are already tracking all of the transactions. Bitcoin is far from anonymous - cash is a better alternative if you need anonimity, and even that can be traced easily nowadays.
In a regalutory framework there could also be filter addresses that launder your coins for a high price (99%).
Of course, if you try to double-spend as part of the attack: it's fraud!
The court system isn't run by idiots who will just shrug their shoulders because you thought you found a loophole.
They would instead laugh at your "clever" loophole and throw you in a cell.
Your legal defense has to convince a judge and jury. You are not going to be able to do that.
You'd make way more money on some kind of double-spend attack. If you've got 51% for sure you would probably hit up multiple exchanges at the same time to magnify your reward.
If you control more than half you can dictate terms, you can fight back against the other miners, and in a protracted battle you will ultimately prevail. With 49% they can always eventually override you.
If someone else has a block in those last 6, it would mean that someone else (who I assume is an honest node) saw your block. At this point, your entire chain will be published and likely overtake the mainline (otherwise, the honest miner wouldn't have bothered with it). Now, it appears to the merchant that your transaction has not yet made it onto the chain, so you have to wait for another 6 blocks confirming the transaction.
The only way I see around this is if you can partition the network. However, not only is this difficult, if you can partition the network, then you no longer require 51% to do an attack. In fact, if you can assure that the target is on the smaller partition, you require 0 mining power to do the attack.
EDIT: Essentially, at 51% you can make a "rule" that all blocks must be yours.
For criminals who know what they're doing, this looks like a very juicy target to me.
Bitmain, alone, made 3-4 billion dollars in PROFIT last year. And they don't control even close to 51%.
Bitmain would have to make enough money off of a single attack so as to cover all it's FUTURE profits.
And then it would also have to not be noticed.... Do you really think all these exchanges would just suffer under an attack that loses them many billions of dollars, without retaliating? No, they wouldn't. And then people would end up in jail.
This is for 1h of compute in the calculation so would you not actually need to run for a very long time, and also be spending in each and every one of those blocks?
Again sorry for my ignorance - hoping for some insight.
It doesn't use standard CryptoNight anymore but rather a custom "CryptoNight-Heavy" that I don't think is even available on NiceHash.
But I am sure there will be people who will deny saying miners can refuse mined blocks and create a branch. And others who will deny this by talking up game theory mechanic of 51% attack - if someone does get 51% power then the rational thing to do is to not harm the coin. This obviously doesn't hold true for an irrational person.
And given the concerns raised for PoW for small coins, I can only say this - "Those Who Do Not Learn History Are Doomed To Repeat It." Here's one of my favorite stories from Nathaniel Popper's Digital Gold about a coin which was very small back in the day called - Bitcoin:
Laszlo’s CPU had been winning, at most, one block of 50 Bitcoins each day, of the approximately 140 blocks that were released daily. Once Laszlo got his GPU card hooked in he began winning one or two blocks an hour, and occasionally more. On May 17 he won twenty-eight blocks; these wins gave him fourteen hundred new coins that day.
Satoshi knew someone would eventually spot this opportunity as Bitcoin became more successful and was not surprised when Laszlo e-mailed him about his project. But in responding to Laszlo, Satoshi was clearly torn. If one person was taking all the coins, there would be less of an incentive for new people to join in.
“I don’t mean to sound like a socialist,” Satoshi wrote back. “I don’t care if wealth is concentrated, but for now, we get more growth by giving that money to 100% of the people than giving it to 20%.”
As a result, Satoshi asked Laszlo to go easy with the “high powered hashing,” the term coined to refer to the process of plugging an input into a hash function and seeing what it spit out.
But Satoshi also recognized that having more computing power on the network made the network stronger as long as the people with the power, like Laszlo, wanted to see Bitcoin succeed.”