I hope Circle wins out in the end. Tether is super sketch. The fact that they they’ve only done attestations but haven’t done a full audit says everything.
I hope they both die slow painful death. As they are looking now for the last fool who will pay for everything. Musk is not doubt involved. Hope Trump is smarter than that and will not funnel taxpayers money (my money!!) into crooks pockets.
both stablecoins (and many others) are implemented as tokens on other chains, mainly Ethereum but also TRON, BNB and others. So you would need to 51% attack these chains to attack assets on these chains. Leaving aside, 51% attacks will not work for Proof of Stake based chains like Ethereum, it is more like 66% if not more.
A more feasible 'attack' would probably be to just make the private companies black list addresses like they did last week with the bybit hack.
51% is also not very viable for proof of work either.
What 51% gets you is that 51% of the time, you get to choose which transactions go into the blockchain. This is mostly only useful if you want to prevent someone else's transactions from getting in, or for complicated scams where you want one person's transactions to get in before another person's. 49% of the time, those transactions will still get in, so 51% actually doesn't buy you a lot. At best you cause a short term chain split and people will wait longer before the chain stabilizes.
You are misunderstanding the attack. At 50+% of the hashing power, you are guaranteed to win a race against the honest block producers. The attack is a double spend: you spend a coin C to pay ADDR_A while mining a private chain that spends the coin C to pay ADDR_B (you can, of course, be ADDR_B).
One ADDR_A accepts your payment, you post your private chain publicly.
You coin C cannot be spent to ADDR_A and ADDR_B, so the chain must choose which one is it. Because you have 50%+ of the hashing power, your private chain necessarily has more work (generally simplified to "is longer") than the public chain.
You've now successfully double spent.
In fact: you don't even need 50+% to attempt the attack. I did some math recently I believe something like 40% gets you 75% chance of successfully executing the attack over a 10-block-period. The Bitcoin paper has the exact algorithm to calculate this, it is a random walk.
You are never _guaranteed_ to win a race against honest block producers for any finite time horizon, even if you owned 99% of all hashing power.
A double spend via 51% isn't really feasible anyway. A double spend attack, in the simplest case, is to:
1. Pay for good or services
2. Receive delivery of the goods or services
3. Invalidate the original payment once the goods or services are no longer revokable.
For a double spend to be worthwhile the value of the scam must exceed the cost of the scam. Maintaining >50% hashing power is extremely expensive and is more and more expensive the longer you maintain it. Therefore the value of the scam must also be extremely large. For crypto transactions it's common sense to wait for more and more confirmations (additional blocks mined after the block containing the transaction) before delivering the goods or services as the size of the transaction grows. Since it's trivial to wait for N+1 confirmations as the seller of goods or services it's trivial to defend against double spends for any meaningful amount of money.
It is detectable once it happened. If you run your own node, you can tell when it is "reorganizing", i.e.: discarding one branch for another. One block reorgs, or two block reorgs are somewhat common (citation needed, I don't have the numbers at hand). That's why you see most merchants considering your Bitcoin "paid" only after six confirmations. They are protecting themselves against a Bitcoin reorganization of more than six blocks. The more money you accept, the longer your confirmation period needs to be. Some protocols require 100 confirmations.
What happens to Bitcoin when this happens: to "Bitcoin" the software, nothing. Everything just keeps going. To "Bitcoin" as a currency, your guess is as good as mine. It depends on what the "social layer" (the community - devs/users/stakeholders) decide is the best course of action. This would be considered an emergency event.
EDIT: You might be wondering why it is not detectable before it happens. It isn't detectable before because the attack would be privately mining their fork. That is: they would not broadcast the evil blocks.
> In Devasini’s eyes, tether was meant to subvert traditional finance. His wife, an artist, exhibited paintings of dollar bills with the image of George Washington screaming because, she said, they had “no more value.”
I couldn't care less about Bitcoin's use of SHA-256, but based on experience:
First of all, it's quite unlikely that this is going to happen at all. There are no signs of significant weaknesses in SHA-256.
But if it's going to happen, in all likelyhood, you'll get preliminary results long before any actual breakage. (For both MD5 and SHA1, you had around a decade of warnings between "this looks insecure / broken in theory" and "we now have an actual collission".) Anyone paying attention and moving away from algorithms already known to be broken was unaffected by the MD5/SHA1 weaknesses.
Of course, there will be those who will wait until an actual breakage, and a few years more, before they act. (As we've seen particularly with MD5.)
With the current compute density of Bitcoin (which now runs mostly on purpose-built hardware) it'd still take longer than the universe has existed to find even one collision and the actual process of computing SHA256 is simple enough that we're not likely to find a shortcut.
Broken in this context means being able to determine the input nonce that generates a hash with enough leading zeros to mine a bitcoin block with much less energy and time than brute forcing random nonces does now. Then you could mine bitcoin blocks with no power expense and always be first. You would have to be careful about how many blocks you mine to not make people suspicious.
I think you missed the “broken” part. A lot of simple cryptographic hash functions have been broken. There is a community of people with some semblance of credibility that believe it is just a matter of time for SHA-256. The creation of SHA-3 wasn’t entirely for no reason.
I’m not saying it will happen but it is plausible. The question is what is the effect of that happening to bitcoin.
The article is about stablecoins, which mainly live on smart-contract-enabled blockchains (ie, not Bitcoin). I don't think there are many (if any) major smart contract chains out there still using PoW, which I assume your concern is about. Solana's PoH also uses hashes, but I'm not sure what kind of threat that would be (would probably depend on the exact nature of the 'breaking'). Most other major chains such as Ethereum use PoS. The bigger concern would be breaking the asymmetric cryptography those chains use. That would absolutely kill the protocols in their current form (but could probably be fixed by switching to a different crypto standard).
We may never find out. The financial incentive to keep it secret is too great.
If someone broke SHA-256, they could generate blocks directing all coins to their own address and thus destroy the entire system. However, in that scenario it is likely that everybody else would roll the chain back to before the break and restart it with a different algorithm (likely SHA-3).
In summary, an obvious compromise would get caught and neutralized.
So a wily possessor of an SHA-256 break would use it subtly. Most likely they would target “lost” coins that haven’t moved in decades that nobody will notice are missing. Not Satoshi’s though. Too much heat.
If someone broke SHA-256 the best way to use it would be to mine blocks vastly cheaper than anyone else can, and you can choose how many blocks you "win" to control suspicion.
If the person who breaks it keeps it secret they become very rich or if the method becomes public then bitcoin quickly crashes to be worth $0 per bitcoin. I don't know if bitcoin could migrate to a different hash if the flaw as disclosed to them first.
Fundamentally, just one update to the protocol (becuase code kind of is actually law, insofar that code is overseen by a group of humans capable of collective action and coordination around documentation and if-then statements) will circumvent any concerns about that particular bugaboo.
If someone broke SHA-256, a lot of modern crypto is broken. I would worry about all of your sensitive accounts like your bank, government before worrying about cryptocurrency.
From a "neutral" perspective it gives them legitimacy
From a "maximalist" perspective it gives you access to government
From a "scammer" perspective it gets you tax dollars and average Joes
Venture capitalists favor crypto projects because they enable significantly faster risk offloading compared to traditional investments, where 7-10 year holding periods are standard.
With crypto, the VCs can sell the majority of their tokens after brief lockup period, capitalizing on purely narrative-driven speculative valuations that almost always disconnect from the actual reality, let alone fundamentals.
Crypto VC perfectly embodies the Greater Fool Theory. The VCs profit by selling to later buyers motivated more by speculative momentum than intrinsic value. The joke being that VC involvement in a project is often the only thing even driving that momentum.
This combination of compressed liquidity timelines, minimal regulatory oversight, and a glut of retail investors who have FOMO from seeing their friends 100x or even 1000x, creates an ideal environment for VCs to systematically transfer risk to less sophisticated market participants at often insane valuations.
There are many VCs in the crypto space, and there are many kinds of liquidity arrangements in the crypto space, a subset of them are coin related and snapshots are the preferred way, now. ICO-type ones are pretty rare but the VCs one debut at extremely high valuations for the crypto space
A VC saying “dont do a coin” which is probably what you meant, is also probably not funding a crypto venture. yeah, that makes sense to say you arent investing in a meme coin, since seemingly everyone with a platform sullies their brand this way
> How many of the top crypto projects are now VC backed?
Deflationary, unregulated currency embraced by plutocrats and finance at the expense of the 99%; news at 11.
Idk if there is a social term for the conservation of rug-pulling across a society across time. But it’s almost like we need to get screwed over every generation or so to remember how power and economies work.
So can I finally use crypto to buy things I would want? Or is it still just an elaborate mechanism for separating idiots from their money? I ask myself these questions every 5 years or so.
Are you familiar with the ecosystem? The idea is they're supposed to issue 1 billion coins if they get 1 billion dollars, and conversely give 1 billion dollars to whoever destroys 1 billion coins.
Of all the coins why choose the one that is not regulated in anyway. At least the others like BTC, ETH, SOL are regulated by the unaffiliated miners and stakeholders.
What prevents the XRP team from introducing any arbitrary fork such as a dilutions that are then forced on their nodes ?
Trustlessness is a core feature of a cryptocurrency and XRP seems to require a whole lot of trust/faith. But I guess faith is what makes it perfect for its cult like following.
What prevents miners from refusing to process certain transactions they don't like? Or the developers from pushing through a softfork that considers those transactions invalid? Dilution isn't the only threat a monetary system can face.
It is, however, the one failure mode of commerce the extremely rich actually need to worry about. Bitcoin isn't any less cult-like than XRP, they both are downstream of the whole "sound money" nonsense which exists to sell the regular folk on insulating the rich against this one particular threat.
https://archive.ph/rV2tK
I hope Circle wins out in the end. Tether is super sketch. The fact that they they’ve only done attestations but haven’t done a full audit says everything.
I hope they both die slow painful death. As they are looking now for the last fool who will pay for everything. Musk is not doubt involved. Hope Trump is smarter than that and will not funnel taxpayers money (my money!!) into crooks pockets.
> Hope Trump is smarter than that and will not funnel taxpayers money (my money!!) into crooks pockets.
How many bad news are you ready to hear?
Trump isnt smarter than that. Also his goal in taking office was to smuggle taxpayer money into crooks pockets.
A fool and his money are soon parted
[dead]
At what point would it be profitable to run a 51% attack on any of the big chains?
both stablecoins (and many others) are implemented as tokens on other chains, mainly Ethereum but also TRON, BNB and others. So you would need to 51% attack these chains to attack assets on these chains. Leaving aside, 51% attacks will not work for Proof of Stake based chains like Ethereum, it is more like 66% if not more.
A more feasible 'attack' would probably be to just make the private companies black list addresses like they did last week with the bybit hack.
51% is also not very viable for proof of work either.
What 51% gets you is that 51% of the time, you get to choose which transactions go into the blockchain. This is mostly only useful if you want to prevent someone else's transactions from getting in, or for complicated scams where you want one person's transactions to get in before another person's. 49% of the time, those transactions will still get in, so 51% actually doesn't buy you a lot. At best you cause a short term chain split and people will wait longer before the chain stabilizes.
You are misunderstanding the attack. At 50+% of the hashing power, you are guaranteed to win a race against the honest block producers. The attack is a double spend: you spend a coin C to pay ADDR_A while mining a private chain that spends the coin C to pay ADDR_B (you can, of course, be ADDR_B).
One ADDR_A accepts your payment, you post your private chain publicly. You coin C cannot be spent to ADDR_A and ADDR_B, so the chain must choose which one is it. Because you have 50%+ of the hashing power, your private chain necessarily has more work (generally simplified to "is longer") than the public chain.
You've now successfully double spent.
In fact: you don't even need 50+% to attempt the attack. I did some math recently I believe something like 40% gets you 75% chance of successfully executing the attack over a 10-block-period. The Bitcoin paper has the exact algorithm to calculate this, it is a random walk.
You are never _guaranteed_ to win a race against honest block producers for any finite time horizon, even if you owned 99% of all hashing power.
A double spend via 51% isn't really feasible anyway. A double spend attack, in the simplest case, is to:
1. Pay for good or services
2. Receive delivery of the goods or services
3. Invalidate the original payment once the goods or services are no longer revokable.
For a double spend to be worthwhile the value of the scam must exceed the cost of the scam. Maintaining >50% hashing power is extremely expensive and is more and more expensive the longer you maintain it. Therefore the value of the scam must also be extremely large. For crypto transactions it's common sense to wait for more and more confirmations (additional blocks mined after the block containing the transaction) before delivering the goods or services as the size of the transaction grows. Since it's trivial to wait for N+1 confirmations as the seller of goods or services it's trivial to defend against double spends for any meaningful amount of money.
Isn’t this detectable by the market though? So keep going: what happens to the Bitcoin network once this happens?
It is detectable once it happened. If you run your own node, you can tell when it is "reorganizing", i.e.: discarding one branch for another. One block reorgs, or two block reorgs are somewhat common (citation needed, I don't have the numbers at hand). That's why you see most merchants considering your Bitcoin "paid" only after six confirmations. They are protecting themselves against a Bitcoin reorganization of more than six blocks. The more money you accept, the longer your confirmation period needs to be. Some protocols require 100 confirmations.
What happens to Bitcoin when this happens: to "Bitcoin" the software, nothing. Everything just keeps going. To "Bitcoin" as a currency, your guess is as good as mine. It depends on what the "social layer" (the community - devs/users/stakeholders) decide is the best course of action. This would be considered an emergency event.
EDIT: You might be wondering why it is not detectable before it happens. It isn't detectable before because the attack would be privately mining their fork. That is: they would not broadcast the evil blocks.
Yeah, but what kind of transaction justifies the cost of running such an attack?
Quick summary: Tether (USDT) and Circle (USDC) are battling to win the US dollar stablecoin market.
I've put that in the title above, as it seems less baity and more neutral. Thanks!
(This is in keeping with the site guidelines - "Please use the original title, unless it is misleading or linkbait" -https://news.ycombinator.com/newsguidelines.html)
And:
> In Devasini’s eyes, tether was meant to subvert traditional finance. His wife, an artist, exhibited paintings of dollar bills with the image of George Washington screaming because, she said, they had “no more value.”
uhhhhh
An orthogonal question I’ve always had is what happens if SHA-256 is broken?
I couldn't care less about Bitcoin's use of SHA-256, but based on experience:
First of all, it's quite unlikely that this is going to happen at all. There are no signs of significant weaknesses in SHA-256.
But if it's going to happen, in all likelyhood, you'll get preliminary results long before any actual breakage. (For both MD5 and SHA1, you had around a decade of warnings between "this looks insecure / broken in theory" and "we now have an actual collission".) Anyone paying attention and moving away from algorithms already known to be broken was unaffected by the MD5/SHA1 weaknesses.
Of course, there will be those who will wait until an actual breakage, and a few years more, before they act. (As we've seen particularly with MD5.)
With the current compute density of Bitcoin (which now runs mostly on purpose-built hardware) it'd still take longer than the universe has existed to find even one collision and the actual process of computing SHA256 is simple enough that we're not likely to find a shortcut.
Broken in this context means being able to determine the input nonce that generates a hash with enough leading zeros to mine a bitcoin block with much less energy and time than brute forcing random nonces does now. Then you could mine bitcoin blocks with no power expense and always be first. You would have to be careful about how many blocks you mine to not make people suspicious.
I think you missed the “broken” part. A lot of simple cryptographic hash functions have been broken. There is a community of people with some semblance of credibility that believe it is just a matter of time for SHA-256. The creation of SHA-3 wasn’t entirely for no reason.
I’m not saying it will happen but it is plausible. The question is what is the effect of that happening to bitcoin.
Who? I don’t know any cryptographers that think this anymore.
The article is about stablecoins, which mainly live on smart-contract-enabled blockchains (ie, not Bitcoin). I don't think there are many (if any) major smart contract chains out there still using PoW, which I assume your concern is about. Solana's PoH also uses hashes, but I'm not sure what kind of threat that would be (would probably depend on the exact nature of the 'breaking'). Most other major chains such as Ethereum use PoS. The bigger concern would be breaking the asymmetric cryptography those chains use. That would absolutely kill the protocols in their current form (but could probably be fixed by switching to a different crypto standard).
We may never find out. The financial incentive to keep it secret is too great.
If someone broke SHA-256, they could generate blocks directing all coins to their own address and thus destroy the entire system. However, in that scenario it is likely that everybody else would roll the chain back to before the break and restart it with a different algorithm (likely SHA-3).
In summary, an obvious compromise would get caught and neutralized.
So a wily possessor of an SHA-256 break would use it subtly. Most likely they would target “lost” coins that haven’t moved in decades that nobody will notice are missing. Not Satoshi’s though. Too much heat.
If someone broke SHA-256 the best way to use it would be to mine blocks vastly cheaper than anyone else can, and you can choose how many blocks you "win" to control suspicion.
If the person who breaks it keeps it secret they become very rich or if the method becomes public then bitcoin quickly crashes to be worth $0 per bitcoin. I don't know if bitcoin could migrate to a different hash if the flaw as disclosed to them first.
Fundamentally, just one update to the protocol (becuase code kind of is actually law, insofar that code is overseen by a group of humans capable of collective action and coordination around documentation and if-then statements) will circumvent any concerns about that particular bugaboo.
If someone broke SHA-256, a lot of modern crypto is broken. I would worry about all of your sensitive accounts like your bank, government before worrying about cryptocurrency.
Much worse things than fraudulent cryptocurrency transactions.
[stub for offtopicness]
Is this fad/scam still going?
Crypto seems to have been taken over by the very people it sought to undermine. How many of the top crypto projects are now VC backed?
I’m sure most of the proponents of the original idea of a Bitcoin reserve (for its properties, no printing, no VCs etc) don’t love the new form.
Such a surprise that David Sacks is the crypto czar and now the “reserve” has been expanded to include SOL also
https://x.com/CatfishFishy/status/1896317159728718219
The best way to follow crypto is to use it and ignore the sales pitches of ideologues
You can completely ignore the “merchant adoption” “mainstream adoption” “lets pretend the man cant figure out how to use this” pitches
There is LOTS of value to extract for yourself in a 24/7 borderless global economy with no transaction size limits and already exists
How can a crypto coin even be "VC-backed"? What is the point of crypto coins if they are controlled by nation states?
Genuine questions- I don't really understand
From a "neutral" perspective it gives them legitimacy From a "maximalist" perspective it gives you access to government From a "scammer" perspective it gets you tax dollars and average Joes
Venture capitalists favor crypto projects because they enable significantly faster risk offloading compared to traditional investments, where 7-10 year holding periods are standard.
With crypto, the VCs can sell the majority of their tokens after brief lockup period, capitalizing on purely narrative-driven speculative valuations that almost always disconnect from the actual reality, let alone fundamentals.
Crypto VC perfectly embodies the Greater Fool Theory. The VCs profit by selling to later buyers motivated more by speculative momentum than intrinsic value. The joke being that VC involvement in a project is often the only thing even driving that momentum.
This combination of compressed liquidity timelines, minimal regulatory oversight, and a glut of retail investors who have FOMO from seeing their friends 100x or even 1000x, creates an ideal environment for VCs to systematically transfer risk to less sophisticated market participants at often insane valuations.
lol these guys aren’t vcs
Term sheets from vcs increasingly include a “don’t do an ico”
A16z was leading pump and dump schemes in 2020 - 2021. Not sure if they are still doing that in 2025.
No true scotsman fallacy
There are many VCs in the crypto space, and there are many kinds of liquidity arrangements in the crypto space, a subset of them are coin related and snapshots are the preferred way, now. ICO-type ones are pretty rare but the VCs one debut at extremely high valuations for the crypto space
A VC saying “dont do a coin” which is probably what you meant, is also probably not funding a crypto venture. yeah, that makes sense to say you arent investing in a meme coin, since seemingly everyone with a platform sullies their brand this way
> How many of the top crypto projects are now VC backed?
Deflationary, unregulated currency embraced by plutocrats and finance at the expense of the 99%; news at 11.
Idk if there is a social term for the conservation of rug-pulling across a society across time. But it’s almost like we need to get screwed over every generation or so to remember how power and economies work.
So can I finally use crypto to buy things I would want? Or is it still just an elaborate mechanism for separating idiots from their money? I ask myself these questions every 5 years or so.
The later.
OT: what is the art style of those header/hero portrait?
Art deco/"airbrush style"?
https://www.itsnicethat.com/articles/richard-a-chance-illust...
It seems very much it came from an AI prompt. Funny, people will still read the article thinking that was entirely written by a person.
The artist’s name (Richard Chance) is right under it.
https://richardachance.com/
It's not. And an article doesn't have to come entirely from a person to be considered worth reading.
why everything gotta be so dramatic and kill or be killed other forms of existence are possible just saying
I agree - more at https://news.ycombinator.com/item?id=43251574
"stablecoin", sounds like an oxymoron.
Are you familiar with the ecosystem? The idea is they're supposed to issue 1 billion coins if they get 1 billion dollars, and conversely give 1 billion dollars to whoever destroys 1 billion coins.
I'm riding the XRP train until the end.
Of all the coins why choose the one that is not regulated in anyway. At least the others like BTC, ETH, SOL are regulated by the unaffiliated miners and stakeholders.
What prevents the XRP team from introducing any arbitrary fork such as a dilutions that are then forced on their nodes ?
Trustlessness is a core feature of a cryptocurrency and XRP seems to require a whole lot of trust/faith. But I guess faith is what makes it perfect for its cult like following.
Serious question, are you also deeply religious ?
What prevents miners from refusing to process certain transactions they don't like? Or the developers from pushing through a softfork that considers those transactions invalid? Dilution isn't the only threat a monetary system can face.
It is, however, the one failure mode of commerce the extremely rich actually need to worry about. Bitcoin isn't any less cult-like than XRP, they both are downstream of the whole "sound money" nonsense which exists to sell the regular folk on insulating the rich against this one particular threat.
No!! XRP is ultimately worthless and printed out of nothing. They gave it away in the early days. (Vs mined with real resources in PoW).
Convert it into hard Bitcoin and never worry about it again.
See ya in 10y!
Is this sarcasm? Lol
Long train rides are boring anyway.
This could be series or sarcasm