Cost of buying 51% of BTC (for attack if bitcoin were to go PoS)

[koelen3]

If Bitcoin were to go the Proof of Stake option (using sidechains perhaps), one of the problem people have with the idea is that it will become much less secure because it would be very cheap to perform a 51% attack.

Some PoS coins boast that you need more than 51% of the coin to control/destroy the normal functioning of the network, but we'll just focus on 51% now.

How much would it cost to buy 51% of BTC (not including lost/unused/unallocated)

Please comment below.  

The reason it is 51% of "owned" coins is that in PoS only actively owned/used coins count, so lost/unused coins don't count... at present, i think there are about 10-12million BTC that are "used"... so the question is, how much to buy about 6million btc...although this figure may change if the purchase happens slowly, over a year or two. The cost estimate still stays valid/interesting

51% attack means To own the 51% of hashing power over all not 51% of btc

51% hashing power its very large bitcoin network is very large so need so manny bitcoins

this will rise bitcoins price if you bought

You realise that will cost 1.8 trillion USD to get 51% of the coin
And yes sure! if someone buys it and keeps it just for staking , that will increase it's price so much , becausethat will mean less circulation of coins and thus a big rise in price

[1715327256]

1715327256

[1715327256]

1715327256

[1715327256]

1715327256

[1715327256]

1715327256

[1715327256]

1715327256

[koelen3]

Definitely >1trillion, probably >10 trillion. Once they bought the first 5% of coins, everyone would know somebody was trying to get a 51% stake and would either refuse to sell or hold out for much higher price. Maybe they could try to do it slowly over time to keep people from noticing. Then the question becomes not how much would it cost but how long would it take. A year? 5 years?

Not that long
If some have 2 trillion
He could do it easily within a month
Buying off exchanges and places in different wallets
Using proxies and VPN's to cover up his shit!

[jonald_fyookball]

I don't know much about POS, but my understanding was that the problem is that you don't need to own ANY of the coins that currently exist at all.  You just need to own 50% of the coins that existed at some point in time in the past.

So, I could spend some of my unspent outputs, and then I could sell (or give) those useless (worthless) now spent outputs to someone else.  If they can manage to collect up >50% of the outputs that were unspent at that point in time (even if they've all been spent since then), then they can mount an attack.

Perhaps my understanding is flawed?  This is where I thought the biggest vulnerability was.

That is generally correct to my understanding as well.

Many POS security schemes limit how many blocks deep you can do a reorg, so the "at some point in the past" is limited to a somewhat recent past, but the issue still remains.

A person can keep buying coins and selling them, and trying to attack after selling them, so there is essential no cost to the attack, and as such has been dubbed the 'nothing at stake' issue.

The higher cost of a 51% attack by PoS is an enticing goal, but I don't think anyone has been able to show how to achieve that while addressing the other security concerns.

A hybrid PoW/PoS system also sounds like a good idea, but each such variation has it's own challenges and drawbacks.