The problem with cryptocurrencies

I know almost nothing about cryptocurrencies or the blockchain technology that undergirds it. I was aware that all transactions by currency holders are recorded on a distributed public ledger, which apparently is what is meant by a ‘blockchain’. I had been aware that these currencies, of which there are many in addition to the best known one of bitcoin, are not backed by any government like ‘real’ currencies are. Their value is maintained by having their production limited by having it ‘mined’, which is a metaphor for actions that are done by computers.

Elizabeth Kolbert writes about how this ‘mining’ works.

Mining is the process by which bitcoin is both created and accounted for. Instead of being cleared by, say, a bank, bitcoin transactions are recorded by a decentralized network—a blockchain. Miners compete to register the latest “block” of transactions by solving cryptographic puzzles. The first one to the solution is rewarded with freshly minted bitcoin. Miners today receive 6.25 bitcoins per block, which, at current values, are worth more than three hundred thousand dollars.

It’s unclear exactly who dreamt up bitcoin, so no one knows what this person (or persons) was thinking when the mining protocols were first established. But, as Ari Juels, a computer scientist at Cornell Tech, recently explained to me, the arrangement seems to have been designed with equity in mind. Anyone devoting a processor to the enterprise would have just as much stake in the outcome as anyone else. As is so often the case, though, the ideal was soon subverted.

“What was quickly discovered is that specialized computing devices—so-called mining rigs—are much, much more effective at solving these puzzles,” Juels said. “And, in addition, there are economies of scale in the operation of these mining groups. So the process of mining, which was originally conducted by a loose federation of presumably individual participants with ordinary computing devices, has now become heavily consolidated.”

In the very early days of bitcoin, back in 2011, I downloaded this mining software, hoping to understand it by doing it but never actually got around to it. I still have the files though they they are likely no longer of any use.

Kolbert’s article does not address some questions that came to my mind, such as: Who makes up these puzzles? Who gives out these rewards? While I understand that the system’s appeal arises from its decentralized nature, there still has to be some body that overseas such issues.

Wikipedia discusses this a bit.

Proof-of-work cryptocurrencies, such as bitcoin, offer block rewards incentives for miners. There has been an implicit belief that whether miners are paid by block rewards or transaction fees does not affect the security of the blockchain, but a study suggests that this may not be the case under certain circumstances.

The rewards paid to miners increase the supply of the cryptocurrency. By making sure that verifying transactions is a costly business, the integrity of the network can be preserved as long as benevolent nodes control a majority of computing power. The verification algorithm requires a lot of processing power, and thus electricity in order to make verification costly enough to accurately validate public blockchain. Not only do miners have to factor in the costs associated with expensive equipment necessary to stand a chance of solving a hash problem, they further must consider the significant amount of electrical power in search of the solution. Generally, the block rewards outweigh electricity and equipment costs, but this may not always be the case.

The current value, not the long-term value, of the cryptocurrency supports the reward scheme to incentivize miners to engage in costly mining activities. Some sources claim that the current bitcoin design is very inefficient, generating a welfare loss of 1.4% relative to an efficient cash system. The main source for this inefficiency is the large mining cost, which is estimated to be 360 Million USD per year. This translates into users being willing to accept a cash system with an inflation rate of 230% before being better off using bitcoin as a means of payment. However, the efficiency of the bitcoin system can be significantly improved by optimizing the rate of coin creation and minimizing transaction fees. Another potential improvement is to eliminate inefficient mining activities by changing the consensus protocol altogether.

Who are these ‘benevolent nodes’? Whenever I read about this, I run up against the existence of some kind of collection of entities that are behind the whole thing but I never see them actually listed, which seems to be contradictory to the whole idea of transparency of the blockchain.

Kolbert says that this heavy use of computer mining is bad for the environment because it consumes a huge amount of energy.

According to the Cambridge Bitcoin Electricity Consumption Index, bitcoin-mining operations worldwide now use energy at the rate of nearly a hundred and twenty terawatt-hours per year. This is about the annual domestic electricity consumption of the entire nation of Sweden. According to the Web site Digiconomist, a single bitcoin transaction uses the same amount of power that the average American household consumes in a month, and is responsible for roughly a million times more carbon emissions than a single Visa transaction. At a time when the world desperately needs to cut carbon emissions, does it make sense to be devoting a Sweden’s worth of electricity to a virtual currency? The answer would seem, pretty clearly, to be no. And, yet, here we are.

She says that as a result, bitcoin mining operations chase cheap energy, moving their servers from place to place. But now they have even started creating their own power plants, converting old coal-fired plants to natural gas for their use, such as the Greenidge Generating Station in Dresden in upstate New York. These plants create greenhouse gases and local communities have rallied to protest against them but local governmental bodies say they are powerless to stop these companies.

Whether this is, in fact, the case is debatable. What’s beyond debate—or should be, at least—is that this is a matter that shouldn’t be left to a local planning board to decide. There’s no way for New York, or the U.S. as a whole, to meet its emissions-reductions goals if old generating stations, rather than being closed, are converted into bitcoin-mining operations. Greenidge may become the first mining firm with a “wholly-owned power plant,” but, unless the state or federal government steps in, it won’t be the last.

Andrew Yang, the former Presidential candidate who’s now running for mayor of New York City, has said that he wants to turn the city into a cryptocurrency-mining hub. It’s hard to imagine a worse idea. The city is already looking at spending billions of dollars to protect itself from sea-level rise; increased emissions are pretty much the last thing it needs. Forward-looking politicians should be thinking about ways not to buoy bitcoin mining but to bury it.

It looks like there is going to be a legal showdown fairly soon between environmentalists concerned about a rapidly growing source of energy use and carbon emissions, and those who are attracted by the anarchic appeal of a currency not controlled by any government.


  1. Mark Dowd says

    From what I understand, the foundation of all cryptocurrencies is the “blockchain”, a ledger of all transactions that have ever been done. This ledger is not kept in a central server but is maintained by a consensus algorithm. Whatever the majority of miners decide the ledger is, that is what the ledger will be. If the miners are honest (the “benevolent nodes” Wikipedia mentions) the ledger will stay honest. If more that 50% of active miners conspire together though (such as if they are under control of a single entity), they have the power to dictate consensus and rewrite the ledger however they want.

    While there are organizations that oversee the cryptocurrencies and I understand they have some power to affect to future of their features, they have basically no power over the actual operation of the network. If there is a fraudulent transfer of funds for example, it is impossible for them to freeze assets or forcefully revert the transaction since that is under the control of the miners and the ledger.

  2. sonofrojblake says

    it is impossible for them to freeze assets or forcefully revert the transaction

    I’ve always thought the point of these things (or at least the publicly stated point) is to operate like cash -- anonymous, uncontrollable, untraceable -- but be better than cash because no government can suddenly unilaterally devalue it. The description above seems to suggest that at least some of this intention is working -- no organisation can “freeze” the cash in your mattress (although the government could deliberately devalue it or inflation could make it worth less), and nobody can simply “revert” a cash transaction. I don’t really see why these features are bad, apart from the obvious fact that a large number of people interested in having transactions with these features are criminals.

  3. lanir says

    I haven’t looked at this in years but last time I did there was some talk about how using an ASIC (application specific integrated circuit) to mine bitcoins was the most efficient way. Those do cost something up front of course. But they should be more efficient because they’re not general purpose computers. Instead of the instructions for how to mine bitcoin being in software, on an ASIC the program is part of the hardware itself. You have a piece of silicon that can’t do any other function even if you try giving it new software.

    For at least the last two or three years high-end graphics cards have been scarce because it is no longer efficient enough to mine bitcoin with the CPU of a general purpose computer. People are using somewhat specialized hardware that is still a general purpose computer but capable of using 3 or 4 high-end graphics cards. They don’t display anything. Their capabilities are entirely dedicated to crunching the numbers to mine bitcoin. As far as I know this should be less efficient than an ASIC, but it does have the benefit of being adjustable. You can patch the software used to do this and upgrade it. Upgrading an ASIC would probably mean scrapping the entire thing and replacing it with an entirely new model of ASIC. So greater efficiency or not, this is not the environmentally sound way forward.

    At some point mining bitcoins will cease to be worth it using graphics cards. A lot of gamers will be very happy when that happens because it’ll mean they can MSRP for graphics cards instead of 30-50% more, if they can acquire one at all. For years now the top end video cards have been nearly impossible for an individual consumer to get because the supply cannot keep up with the demand from gamers and bitcoin miners. On the surface it may sound like the companies that make graphics cards would want to just make more and cheer at their good fortune but this is not the case. Retooling is costly but ramping up production capacity in this field (CPU or GPU fabrication) is so expensive and requires such specific expertise that Chinese efforts to do so recently seem to have failed spectacularly. The manufacturers are aware this is a fad and it will not continue. There’s no way they could look at this and feel it would be a sound investment.

    That’s basically what I know about bitcoin and the impact it has had on other areas of computing. Most of it is old (but not necessarily outdated) info but the high-end graphics card shortage is still ongoing as far as I’m aware.

  4. John Morales says


    In 2013, FPGAs are replaced by other chips -- ASICs, which are already initially designed for a specific task. Because of what such solutions have the greatest efficiency per watt, because all unnecessary elements that are in central processors, video cards and FPGAs are simply absent here. The increase in performance compared to video cards is one more order of magnitude. Because the first ASICs, with the same power consumption as those of video cards, went through hashes 10-20 times faster. A typical Asik miner in 2013 had a performance of 10GH / s. But this was only the beginning, since with each new generation of ASICs, the hash rate of these devices, due to various optimizations and a decrease in the manufacturing process of the ASICs themselves, increased several times. The progress in the development of ASIC miners has brought the speed of brute-force hashes of one ASIC miner to 100TH/s, which is equal to 100.000GH/s. Those. for 7 years, the performance of Asics miners has increased 1000 times. For comparison, video cards over the past 7 years have added their hash rate by only 3-4 times. For example, the Nvidia Geforce RTX 2080Ti video card produces only 2.6GH/s when mining Bitcoin, which is less than even the very first Asic miners of 2013.

  5. Who Cares says

    For bitcoin at least the puzzle is a reversing a hash the miners receive (through the algorithm that underpins Bitcoin), that is to find a value that would result in that specific hash and do it in the time a new block is added to the ledger, first found solution gets the bitcoin.

    The benevolent nodes should be read differently. Once you get control of 50% + 1 unit of the computational power running the puzzle above you can replace blocks created during the time you have that amount (or more) by your own. So you need at least that many nodes not working together to put falsified blocks on the chain. And this is a problem that has happened, for example a single pool of miners (GHASH) managed to get that kind of control multiple times at the end of 2013 and first half of 2014.

    The energy problem, in the case of Bitcoin, might be automatically solved by how Bitcoin hands out coins. Every so often the amount of coins received for solving the puzzle first gets halved. The last time was 30th November 2020. So you need to get ever more computational power for steadily declining rewards.

    The problem that lanir(#4) mentioned about the GPU shortage being caused by miners buying up cards. NVIDIA announced that the next generation of cards they bring out will contain hardwired safeguards against them being used (effectively) for mining. That said they are planning to produce cards specifically for miners. And when the ‘normal’ cards drop in price there is still a chance that they are worth being bought in bulk.

  6. Mano Singham says

    Who cares @#6,

    Thanks for explaining what these puzzles consist of. If the reward only goes to the person who first finds the solution, are there people who keep trying and failing? In other words, is there a huge amount of energy used in failed efforts?

  7. xohjoh2n says

    @8, yes, absolutely.

    The way it works is that a cryptographic hash function takes some input (in this case the block full of transactions) and produces a small fixed size piece of data as output. That output data is essentially “random” in that it is impossible to predict by any means more efficient that just calculating the hash from the input data, covers the whole of the output domain. In the case of Bitcoin, SHA-256 is used, which produces a 256 binary bit (or 32 byte) output. You can treat the output as a number, in which case it can take a value between 0 and (2^256)-1. Bitcoin also uses a “difficulty” value which is automatically scaled by consensus to keep the time between block updates roughly the same at around 10 minutes. (So if a bunch of new miners appear and start finding blocks faster, the problem gets automatically more difficult to slow everyone back down to the same overall rate.)

    The problem then is is stated as this: given the input block, can you produce a small additional piece of data which when hashed alongside the block, produces a hash whose value is less than a limit decided by the difficulty. That additional data is also a number: you start at 1 and count up until you win or someone else beats you. (There’s additional randomisation so that not everyone is trying the same values.)

    For example lets use a model where the hash produces values between 0 and 999,999, and at the current difficulty the limit is set to 100,000. Thus to win we need to produce a hash value between 0 and 99,999. If the hash is truly random then each attempt has a 1 in 10 chance of succeeding, 9 out of 10 attempts will fail *and be completely wasted effort*. If the difficulty rises and the limit decreses to 10,000, then 99 out of 100 attempts will be wasted.

    (And if you do win, no one gives you the reward: the input block itself is constructed with an initial one-sided transaction that adds the reward bitcoins to your own wallet without taking them from anywhere, and so those are magicked into existence by the block itself. A block without that transaction would most likely be considered invalid and not accepted by the rest of the network.)

  8. xohjoh2n says

    (Currently the bitcoin network is producing ~1.5 × 10^20 hashes per second. The current difficulty is set to accept roughly 1 in 7.5 × 10^22 hashes.)

  9. fwtbc says

    I read this article about a minute after turning on my electric heater.

    I’m now imagining a world where people can get get a heater, free of charge that is just a glorified bitcoin miner that mines for the company that manufacture it. A lot of energy could be saved if only we harnessed the generated heat.

  10. xohjoh2n says


    Slightly worse than that: 99.999999999999999999999% is “wasted”. Which is practically indistinguishable from 100%. And that’s assuming you accept the premise that the fraction that produces the winning value has actual value.

  11. mastmaker says

    All of you have been talking about the issues and problems with the ‘production’ of bit coins. But there the danger at the other end of it too: The very non-traceability of currency that makes it appealing to common man sick of being tracked everywhere also makes it a darling of the worst criminal element.

    Most of the online extortionists these days are asking for cryptocurrency and it is possible to a multi-million dollar cryptocurrency extortion from a shack when you don’t have to open accounts at anonymous tax havens or have to setup a dead drop of two suitcases full of cash and then deal with safe storage and disbursal.

    The increase in crime resulting from popularity of cryptocurrency is just beginning to manifest. It can only get very bad from here until authority learn how to deal with it. Kind of like the heyday of piracy when international maritime trade was exploding.

    cryptocurrency = bad news (at least as of now)

  12. Mano Singham says


    Thanks for that explanation.

    The energy waste you describe is far worse that I had anticipated. It seems utterly insane to have a system where so much computer power and energy is used while producing nothing of value.

  13. jenorafeuer says

    Saw this late, but mostly to +1 some of the other comments:

    As ‘Who Cares’ says at #6, ‘benevolent’ in this case means ‘not colluding together to undermine and take over the whole thing’. So anybody not actively antagonistic. That said, my understanding is that the 50%+1 was overly optimistic; a comment I vaguely recall from over at Bruce Schneier’s blog (Marcus probably remembers more than me) is that somebody had figured out a way to reduce that to 34%… a group of people who collectively own 34% of the bitcoins can pretty much take over unless actively opposed by a larger collective.

    ‘Take over’ in this case means publish their own blockchain in competition with the original with them having control and essentially locking out everybody else that isn’t on theirs.

    And as xohjoh2n says above, a lot of the energy is wasted for bitcoin… in fact, one of the things that even other blockchain people complain about with bitcoin is that the ‘mining’ method gets rather harder over time as you have to verify that you haven’t found one of the already-found coins, and almost all of the coins have already been found. (There is also, I believe, an inherent limit on the number of possible values to mine with bitcoin.)

    So not only is bitcoin wasteful in terms of power usage, it was deliberately set up to be more and more wasteful as time goes on.

  14. xohjoh2n says


    the ‘mining’ method gets rather harder over time as you have to verify that you haven’t found one of the already-found coins, and almost all of the coins have already been found. (There is also, I believe, an inherent limit on the number of possible values to mine with bitcoin.)

    That’s not *quite* true.

    There is a fixed number of bitcoins that will ever exist. Currently each new block mined awards 6.25 bitcoin to the successful miner, and has done so since May 11th 2020. Every 210,000 blocks that number exactly halves, and since as I pointed out above the protocols that run the network try to maintain an average block rate of one every 10 minute, that happens roughly every 4 years.

    But that won’t continue forever. There is a maximum total number of bitcoin that can ever exist, set at 21 million. So even with the 4 yearly rate halving, that will happen around 2140ish. So you’ve got some time. At that point mining a new block will not award any new bitcoin just for the mining, but only the transaction fees (which do exist now but are smaller than the block award.)

    At least, that is currently the case and will remain so until the network as a whole negotiates a consensus to change the protocols to work differently, but there doesn’t appear to be much appetite for that. (My guess is it’ll probably collapse before that happens.)

    You don’t have to worry about not mining “already-found” coins: each block is mined independently, you just have to find a solution which fits the current difficulty. And that is adjusted every few weeks (each 2016 blocks) by a consensus algorithm whose only motivation is keeping a steady 10 minutes per block average mining rate. That might sound like it should keep the apparent hardness the same, except that new miners are usually coming online or expandint their existing operations all the time, so though for the network as a whole is stays the same, for you personally, it does get harder. (There have been a few exceptions where the miner pool has shrunk and the difficulty was adjusted down as a result.)

    (AFAICT a coin isn’t individually identifiable as such. You can work out the total number of coins every wallet contains by tracing back through the blockchain and adding up the number of coins output by each transaction into that wallet. Only the number of coins transferred is significant, not “which one” they are.)

  15. xohjoh2n says

    ((err, and subtracting any coins removed from the wallet by a transaction, of course…))

Leave a Reply

Your email address will not be published. Required fields are marked *