Introduction
On Bitcoin's Security #
Bitcoin's breakthrough was solving the double-spending problem using a Proof-of-Work (PoW) mechanism (see whitepaper). Bitcoin remains secure as long as honest miners control the majority of the network's computing power.
-
The reverse situation is known as a 51% attack, which can manifest in different ways:
[1] Double-spending by rewriting recent history.
A double-spending attack in Bitcoin happens when someone tries to spend the same coins twice. If they control more than half the network’s mining power, they can create a secret version of the blockchain that removes a payment they already made. When they reveal this version, it replaces the original, canceling the first transaction and letting them keep the coins.
-
[2] Censoring transactions, e.g., blacklisting addresses.
With majority control, an attacker can choose to ignore or exclude certain transactions from blocks. This means they can selectively prevent transactions from or to specific addresses or entities from being confirmed, effectively censoring them from the network.
-
[3] Halting the network by producing empty blocks only.
The attacker can choose to create blocks without any transactions — just the coinbase reward — thus preventing regular transactions from being processed. This can stall the entire Bitcoin network, degrade usability, and cause widespread disruption.
Honest miners not participating in such an attack have their blocks orphaned, meaning the network does not recognize them as part of the valid chain. Their work becomes useless and they won't get any rewards.
Security in Bitcoin isn't free
The term "security budget" in Bitcoin refers to the total amount of money paid to miners to secure the network.
-
Approximately every 10 minutes, miners are paid to keep the network safe — this is the security budget. It consists of:
-
[1] Block subsidy (newly minted BTC)
-
[2] Transaction fees
Miners earn rewards through block subsidies and transaction fees, but their actual profit is what remains after covering the costs of hardware and electricity. Since mining is highly competitive and demands specialized equipment and significant energy consumption, these expenses can add up a lot.
-
-
For an attacker to compromise Bitcoin, they must outpower all honest miners.
To successfully carry out a 51% attack, an attacker needs to control more computing power than the rest of the honest network combined. That means they must invest more in mining hardware and energy than all honest miners together — an incredibly expensive undertaking.
Alternatively a third party (e.g., a big government) can try to bribe or force miners to conduct an attack.
Security budget =
Block subsidy +
Transaction fees
So, the larger the budget, the harder it is to attack.
Miners are profit-driven — they won’t spend more on equipment and electricity than they expect to earn. So, the total miner revenue sets an upper limit on how much honest miners are willing to spend and an upper bound on how expensive it would be to attack the network. The higher the security budget, the more costly it is to perform a 51% attack — and the more secure Bitcoin is.
Makes sense, right? Here’s the catch.
Key Problems
Why Is the Security Budget Shrinking? #
Because the Bitcoin block subsidy is cut in half every four years.
In April 2024, the block subsidy dropped to 3.125 BTC per block due to the scheduled halving. By 2140, it will be essentially zero.
So what's expected to make up the difference? #
Transaction fees.
But they haven’t filled the gap. In March 2025, fees accounted for just 1.25% of the block reward — the lowest in three years.
Those who opposed increasing the block size in 2017 assumed a robust fee market would emerge, but in practice, it has not materialized. #
The median fee rate remains at 1 satoshi per byte.
Many users choose to migrate to other blockchains rather than pay high fees on Bitcoin. Their reasoning is simple: “Why pay $100 for a transaction when I can use a cheaper alternative?”
Here's the long-term risk: #
If block subsidies decline faster than BTC's price rises or transaction fees grow, miner revenue may fall.
If block rewards decline and neither BTC's price nor on-chain fees increase sufficiently to offset the drop, miners' income may shrink. This could reduce total hashpower, potentially lowering the cost of attacking the network and increasing the risk of chain reorganizations. While Bitcoin’s difficulty adjustment helps stabilize the system, the long-term reliance on transaction fees remains an open challenge.
Experts on Subsidy Decrease
Experts are sounding the alarm: #
James O'Beirne (@jamesob) — Bitcoin Core developer said on @BTCTN: "We might have only two halvings left before this becomes a serious issue."
Nikita Zhavoronkov (@nikzh) — Founder of Blockchair:"It's now clear in practice that users won't pay large fees. Bitcoin needs to plan its security under the assumption that the fee rate will remain at 1 sat"
Justin Bons (@Justin_Bons) — Founder and CIO of Cyber Capital: "As high fees price out all use cases, rendering it useless
Low fees endanger the security budget & are only a consequence of it never being used"
The idea was that as the subsidy decreased, transaction fees would take over the security budget. But as the data shows, that’s not happening.
One major reason? #
The block size limit.
Bitcoin can only process about 5 transactions per second. To replace the current subsidy of 3.125 BTC, each transaction would need to pay around 0.00104167 BTC, or $120.77 (at July 11, 2025 rates).
Solutions
We can act. There are three main types of solutions: #
-
[1] Scale On-Chain
This could mean:
Increasing block size 
Reducing block time 
Adding optional block extensions (e.g., MimbleWimble)
All of these options would allow for more transactions to be included into the blockchain.
Since there's still demand to transact on Bitcoin - just not at high fees - scaling can enable more transactions with smaller fees, forming a sustainable security budget. No need for terabyte blocks. If Bitcoin could process 500 TPS instead of 5, the average fee needed to replace the current subsidy would drop to a feasible $1.21 per transaction (at July 11, 2025 rates). This aligns with Bitcoin's original design and doesn't affect decentralization in any bad way
-
[2] Change the Consensus Mechanism
Shifting from PoW to alternatives like:
Proof-of-Stake (PoS) 
Proof-of-Authority (PoA)
...which raises serious concerns about centralization and trust, and does not align with Bitcoin's original design principles.
-
[3] Break the Monetary Rules
Mess with the issuance model, but this also does not align with the original design principles. Variations include:
Tail emission: stop halvings and allow infinite inflation
→ Breaks the 21 million BTC cap, arguably Bitcoin's most sacrosanct feature. Supporters argue it's a trade-off for long-term security; opponents see it as betrayal of the fixed-supply promise.
Demurrage: tax on holding BTC
→ Discourages hoarding and could fund security, but it penalizes savers and undermines Bitcoin’s store-of-value use case. Very unpopular philosophically and practically.
Burning dormant coins (e.g., Satoshi’s)
→ Reduces supply and could justify continued issuance, but it's ethically controversial (violates property rights), politically divisive, and may be seen as equivalent to confiscation or theft
Common Fallacies #
Let's debunk a few:
"There’s no security issue — the is growing, that means everything is okay!"
The output of Proof-of-Work isn’t hashrate — it’s economic cost. What matters is not how many hashes are produced, but how expensive they are to produce. A growing hashrate means nothing if it's powered by cheaper hardware or cheaper electricity.
In other words, security doesn’t come from numbers on a graph — it comes from real-world costs burned to defend the network.
If the BTC-denominated rewards drop, miners may still produce high hashrate — but with fewer incentives to stay honest. That opens the door to cheap attacks, especially if the cost of hardware or electricity falls. It’s not about how much hash you see — it’s about how costly it is to fake.
"The price of Bitcoin will rise, so even a tiny subsidy — like 1 satoshi — could still be worth a lot in the future!"
This logic is flawed. The security budget must be evaluated in BTC terms, not in USD. Miners are paid in BTC, and attacks can be funded in BTC. It’s unreasonable to expect that an economy worth 2,100,000,000,000,000 satoshis can remain secure if it only spends 1 satoshi every 10 minutes on defense. If miners are underpaid, they can simply be bribed with BTC, regardless of how high the USD price is.
"But the cost of an attack is more than just the security budget — you’d need to buy ASICs, hardware, etc."
That’s true only if the attacker builds everything from scratch. In reality, existing miners can be bribed or incentivized to cooperate. If the network underpays them, they may find betrayal more profitable than honest mining — especially if there's no long-term reward to stay loyal.
The security budget is fading, and unless we realign incentives, the chain grows weaker. Many experts agree that if we don't act, Bitcoin could become vulnerable to 51% attacks in several years.
It's time to talk solutions — not slogans.
