Security of Cardano
The security of public networks is not governed by a centralized authority. It is something that evolves organically with the growth of projects. Let's have a look at how secure Cardano is.
Security of public networks
Security of public networks depends on a group of people that are willing to spend their time and money in order to maintain blockchain networks. Nobody hires these people and gives them permission. People can freely decide to do so and they can also leave whenever they want. The motivation to maintain a public network is purely economical. Every public blockchain network needs an economical model that ensures that people are well-paid for their effort.
There is always some expensive resource that is used for the distribution of power. People need to own the resource in order to be able to join the group that maintains a network. They basically need to buy a part of decision power in the network consensus. The expensive resource can be electricity in the case of Proof-of-Work networks like Bitcoin or it can be the native coins of the network. For example ADA coins in the case of Cardano. Only if you have the resource at your disposal then you can participate in maintaining a network and at the same time, you are eligible to be rewarded by the network.
A blockchain network lives in the digital world so it can reward people only by the native digital coins. People would not want these coins if they did not have any value. People must be able to sell these coins for fiat currencies on the open market. It means that other people, who do not participate in the maintenance of the network, also want to own these digital coins and are willing to pay for them.
People have their own skin in the game by buying the expensive resource. In the case of PoW, the resource is consumed. People need the reward in order to cover the expenses and the business was profitable. Participation in PoS networks requires ownership of native coins that are not consumed. The security of a public network depends on the price of the expensive source that is used in the network consensus. The price is important since it determines the cost of an attack on the network’s consensus level.
Everybody who is willing to buy the expensive resource can join a public network and participate in the network consensus. Both honest and dishonest participants can freely do so. The network is secure under the condition that the needed majority of participants are honest. Dishonest participants need to buy the expensive resource as well so they also have their own skin in the game. Hence, good participants compete with bad participants on the level of price of the expensive resource. A blockchain protocol must ensure that the attack is expensive and dishonest participants will not want to commit one. Attackers must be financially penalized for dishonest acting.
In PoW networks like Bitcoin, dishonest participants need to have a higher hash-rate than honest participants to be able to succeed in the attack. They basically need to pay for the electricity that will be used for the attack. Hence the attackers strive to get block rewards in order to be able to pay for the consumed electricity. The attack must be relatively long in order to add a lot of blocks and discourage honest participants from mining. When block reward will go to the hands of attackers then honest participants might not have enough money for paying for the consumed energy. At least, they can be scared and stop mining. It would make the attack cheaper after some time.
It is very similar in the case of Cardano. Dishonest participants would also need to buy more than half of ADA coins that are at the moment staked. A certain number of coins are in circulation. From that amount, a part is staked and the rest is used somewhere else and can be potentially bought on the market. If 70% of ADA coins that are in circulation were staked then only 30% of coins would be available for buying. That would not be sufficient for the 51% attack. Moreover, buying a big amount of ADA coins would push the price up. Buying half of the coins in circulation seems like a big challenge. In the end, dishonest participants would lose money since they would hold the majority of coins and they would not be probably able to sell them.
It can be expected that exchanges would stop trading with coins of a network that would be under attack. Thus, attackers would hold coins but the price of these coins would go gradually down. It appears that the attack makes sense only if dishonest participants want to hurt the network and are willing to lose money. In the case of PoW, they need to consume electricity and even if they would get coins the price of coins would not cover the cost of the attack. In the case of Cardano, the attackers will lose money as well.
Notice that dishonest participants are not able to steal your money. Holders of private keys are the only persons that can spend coins. It is possible to make a double-spend attack, though. It is a question of whether the double-spend attack would succeed in the case of the 51% attack. Overall, an attack on a big network seems to be hypothetical and does not bring the attacker any benefits.
Why security is important
Cardano, but generally every public blockchain network, holds precious assets. It can be only native coins like BTC in the case of Bitcoin. It can also be native ADA coins and many other assets in the case of Cardano. The network must be secure to ensure that assets will hold value and nobody will be able to do something shady with the assets. For example, that nobody will be able to commit the double-spend attack, change the history of blockchain or prevent sending of assets.
The protocol must be resilient to short-term attacks and the ledger must stay immutable in the long term. Every network consensus is designed in a way that tolerates a certain number of dishonest participants even if they have a relatively large power. If something bad happens the protocol must recover from the attack. The best measure against the attack is prevention. Hence, it is important to make all possible attacks very expensive. In the ideal case, the high price of the attack should discourage all attempts or even make it impossible.
Public blockchain networks are inherently vulnerable to this kind of attack where a part of dishonest participants can have a needed amount of expensive resources. It is called a 51% attack. Nobody can prevent people from buying expensive resources and collecting the power that is needed for the attack to the network consensus. The principle of openness of the public networks and security go against each other. Decentralization makes public networks secure but nobody controls who are people who participate in maintaining the network consensus and what their intentions are.
Public networks must be 100% reliable since people have to learn how to trust them and it takes time. As we said, basically only a high level of decentralization and the high price of expensive resources make these networks secure. People will probably care about these properties when they will be more educated about blockchain networks. Businessmen will choose networks that are provably secure and provide services and features that they need. Thus, they will try to calculate how expensive it would be to attack a network consensus.
Security must rise with the social importance
The level of security must rise together with the number of users and social importance. The more value a blockchain network protects the higher security it should have. Every team of the blockchain project must design the network consensus with the economical model in mind. Blockchain networks should exist for tens of years if not longer. The security must be ensured for the whole lifetime. The monetary policy of blockchain projects can play a critical role. The network needs to have a sufficient number of coins that will be used as the reward for people that participate in the network consensus. The tricky part is to deal with the volatility of digital assets. It can be easily determined how many coins should a given protocol release every year. The question is how much it will be in the fiat currency and whether it will be sufficient from the point of view of the security. At this point, we can just make a rough estimate.
The network must be useful and must be adopted by people, companies, banks, and states. The more useful a network will be the higher will be the financial and social impact. It can be expected that there will be a demand for native coins of such networks. It is exactly what a blockchain protocol needs. The high price of native coins makes networks more secure. Security goes hand in hand with adoption. Adoption goes hand in hand with usefulness. Usefulness is about the possibilities of using a network but also about the price of transactions and the time needed for settlement. It is basically only about the quality of technology. We can assume that people will use networks that are the most user friendly and Cardano can definitely compete with other projects.
Designers of the protocols can estimate the future market capitalization of blockchain projects and set monetary policies. The release of new coins should cover the cost of security. Hence, some projects decided to have never-ending low inflation of coins. The inflation should ensure that the protocol will always have coins for rewarding. Cardano and Bitcoin bet on a fixed number of coins that will be released. There will be only 45,000,000,000 ADA coins and 21,000,000 BTC coins. The number of released coins will gradually decrease over time and networks will have to rely on the collection of fees. It is expected the number of processed transactions will grow with the adoption. Cardano has the advantage that it is a smart contract platform so many tokens can be issued on it. So the network can rely not only on transactions with ADA coins but also on transaction fees collected due to transferring tokens. Smart contracts also add functionalities that will increase the usefulness and the number of collected fees. Cardano can have an advantage over Bitcoin since it is able to transfer only BTC coins.
At the moment, Bitcoin has the greatest network effect. We believe that Cardano can overcome Bitcoin’s network effect in a few years. The decentralized networks that will be used for transferring and handling with values will be the most valuable regarding market capitalization.
PoS has a big advantage over PoW since it is significantly cheaper to maintain the network. In a few decades, it will be much easier for Cardano to reward participants of the network consensus since fees can cover it. Fees are distributed to all holders of ADA coins. So everybody in the world who would like to participate in the success of Cardano can just buy coins and be regularly rewarded. There is a strong economic incentive to hold ADA coins.
While Bitcoin can bet on the narrative about digital gold, Cardano can rely on technology. These characteristics cannot be mutually excluded. Bitcoin is also the technology and ADA coins can become a store of value. In our view, it is actually easier to become the store of value than to win on the level of technology. At the moment we do not know anything. People will decide.
Connecting success with rewards
If you think more about these principles then you realize that staking is a big incentive for holding ADA coins. It connects the success of the network with rewards that are distributed to holders of coins. Both newly released ADA coins and collected fees are used as rewards for pool operators and also for all ADA holders. In the next 10 or 20 years, millions of transactions can be processed every day and it can actually be a lot of money. It is difficult to predict the future. Anyway, let’s try it.
It is a realistic estimate that 2 billion users will use smartphones for payment in 5–10 years. It is a question of how many people will use the Cardano network for payment and other services. Even if it would be only 1% of all users then it would be 66,000,000 users. Do not forget that the teams behind Cardano are very active in developing countries and strive to deliver services to many countries. Thus, millions of users can be onboarded relatively quickly. If a transaction cost was only $0,01 and every user makes one transaction a day then the network would collect $660,000 a day in fees. One epoch lasts 5 days so the Cardano protocol could collect $3,300,000 per epoch. If we neglect the project treasury and the monetary expansion then we can say that if you own 0,1% of ADA coins you could get a reward of $3,300 every 5 days. Only on fees.
Security budget of the Cardano project
PoW and PoS have different characteristics regarding the security budget. A PoW network must provide sufficient rewards in every block and it can be a problem in the long term perspective due to the halving. Cardano PoS uses staked coins as protection to the 51% attack and as you will see, it can be very expensive to commit one. Read more
We took into account only 1% since there will be strong competitors on the market. Anyway, imagine that Cardano has 10% of the market share. Even if it would be only 0,1% then it would be a nice passive income. What is more important, though, it would be a sufficient amount to reward pool operators and keep the network alive. There would be enough money in the project treasury so developers could work on the protocol and continue with improvements. Thus, there will always be a chance that the market share will rise.
Staking will be profitable and attractive only if the Cardano protocol is really used by people. As we said, it is about the utility of the protocol and adoption. It is fair that the profit of the network is shared with all stakeholders. People will want to own ADA coins so the demand will continuously push the price up. Thus, the market capitalization of the Cardano project will rise which will make it more secure. It can be said that the security rises with the success of the network. It is exactly what is needed. Both Cardano and Bitcoin will have to rely only on transaction fees in the long term. The number of new coins that protocols have for rewarding will decrease over time and transaction fees will play a major role. Another advantage of Cardano is the fact that it can process more transactions on-chain so fees can be kept low. It will have a positive impact on the user experience. It is still a question of whether Bitcoin will be able to process more transactions on-chain. Second-layer solutions will probably process more transactions than the first layers and as a side effect, transaction fees will be collected within these networks. The more transactions and possibly other services can be handled by the first-layers the better from the perspective of the collection of fees.
How secure is Cardano?
How much would it cost to make the 51% on Cardano? The math is relatively simple. The attacker would need more than half of the coins that are used for staking. At the moment of writing, for staking are used 70% of coins that are in circulation. It means that only 30% of coins can be bought on the open market. That attacker would have to buy all coins that are not staked and still, he or she would need to persuade 20% of stakeholders to stop staking and rather sell their coins. The demand of the attacker would definitely make a press to the price of ADA coins. It can be assumed that the average buying price of coins would be higher than the current price.
At the moment, there are 150,000 people that have staked their coins. It is a relatively high number of independent people that wait for the higher price of coins. So, they do not probably want to sell coins right now. Moreover, the number of stakeholders rises every day.
At the time of writing, the price of the ADA coin is $0,35. Over 22,100,000,000 ADA coins are staked. The total value of all staked coins is approximately $7,700,000,0000. The attacker would need to possess coins that would have a value higher than $3,850,000,000. Imagine that the attacker would be willing to buy and lose such a big wealth just to hurt roughly 200,000 people. The probability is very low.
What the market capitalization of Cardano could be when there are 10,000,000 stakeholders? If it was 10x more than the price of ADA coin would be approximately $3,5. It could be a quite realistic price and the market capitalization would still be lower than the current price of the Ethereum. Ethereum’s market capitalization currently is $160,000,000,000. The 51% attack would also be 10x more expensive. It would be $38,500,000,000. Would you want to lose such a big wealth? Do not forget that also the attacker could consider staking. The passive income that could be generated from having half of the staked coins would not be negligible.
How secure is Bitcoin
Let’s shortly have a look at Bitcoin. We do not go deep into details.
The security of Cardano is tightly connected to the market capitalization and the motivation of people to stake ADA coins. In PoW networks like Bitcoin, there is a security budget that consists of new coins released as a block reward and fees that have been collected from transactions that are present in the block. It is currently 6,25 BTC coins and fees that make approximately 0,5 BTC. The price of BTC is $32,000 at the time of writing. It can be said that every 10 minutes the Bitcoin protocol releases a reward of approximately $224,000. The block time of Bitcoin is on average 10 minutes so it makes 144 block rewards a day. The total reward for honest participants per day is $32,256,000. Do not forget that a significant part of the reward is used by miners for paying for the consumed electricity. So the net profit of miners is actually significantly lower. On the other hand, the attack could be very expensive and the attacker could lose a lot of money since the electricity must be paid for.
It is hard to predict the future. The security budget of Bitcoin depends on the current price of coins and the number of coins that are released by the protocol. The number of coins released by the protocol decreases by half every 4 years by the mechanism that is called halving. It means that in 2024, the block reward will be only 3,125 BTC coins. In 2028, it will be even less, only 1,56 BTC coins. Thus, the security will depend mainly on the price of the BTC coins and the price should rise to keep the same level of security. That the number of coins decreases through time is not smart if you expect that security should rise with the adoption and financial importance. It cannot be said that the security will decrease due to the halving. It will be influenced by the number of collected fees and the price of BTC coins so the security can actually constantly rise.
In 2032, the block reward will be only 0,78 BTC per block. What can be the price of BTC in 10 years or so? If it was $1,000,000 then the daily budget, neglecting transaction fees, would be $112,320,000. So, it would be approximately 3,5x more than now. However, if the price of 1 BTC was $100,000, then the daily budget would be 11,232,000. So, approximately 3x lower than the current security budget. It should be said that the market capitalization of gold is roughly $10,600,000,000,000 so if 1 BTC coin was for $1,000,000 then Bitcoin would have 2x higher capitalization than gold. The question is whether that is realistic.
Cardano might not have trouble with security in the long term under the condition that it will be adopted and used on a daily basis. It will probably happen if transaction fees will be low and people will want to send native coins and tokens over the network. The cost of maintaining the PoS network is lower than in PoW networks. The cost of electricity can be perceived as an advantage at the moment but it is a question of whether it will not be a nightmare in the future. Nobody knows but it will have to be resolved relatively soon. 10 years is not so distant.
Security is also about decentralization
We have talked about security from the point of view of the 51% attack. Security is also about decentralization. Security is not only about the cost of the attack but also about the number of people that hold the expensive resource. In both PoS and PoW cases, the cost of the 51% attack can be relatively high despite the fact that only a few entities own the majority of the expensive resource. The distribution of consensus power is critical so a question is how it can be easily achieved.
Cardano’s decentralization will grow together with the number of stakeholders that use their coins for staking. In other words, decentralization will grow with the distribution of coins. Staking and regular rewards can help a lot here again since it can be expected that people will be interested in holding ADA coins. There can be more individual owners of coins and they will make their own decisions about selling them. Decision power is shared between all holders of coins and there can be millions of such people.
In PoW networks, coin holders have no decision power. Miners delegate the consensus power to pool operators and the number of these entities will probably be always lower than holders of coins. It is easier to become a PoS coin owner than a PoW miner so it can be concluded that PoS networks can be more decentralized than PoW networks in the long term. Decentralization is a dynamic process and it will change over time. The level of decentralization can look quite different in 10 years and it will be influenced by the level of adoption. Actually, both security and decentralization should grow with the adoption.
We were talking about the future but it is unpredictable. Our calculations are just rough estimates. We are in the beginning and the best days are still ahead of us. Technological innovations can change everything relatively quickly. Cardano will be an innovation leader so we are not afraid of it. The future is bright.