@Anonymous, August 2023

<aside> 🎯 Goal of this doc: understand the cost of the “33% attack” (ie, controlling the 33% of the consensus power for at least 24h) in Filecoin when the Consensus Pledge value is zero (or close to zero).

</aside>

Intro and Result Recap

We consider different strategies for getting to control the 33%:

  1. “Bribing SPs”: the attacker convinces existing SPs in the network to run its software for block production for at least 24h, virtually controlling 33% of the power.
  2. “Buying sectors”: the attacker convinces existing SPs in the network to sell their sectors until it gets to control 33% of the power.
  3. “Adding new sectors”: the attacker is a valid SP in the network and adds sectors in such a way that in a short period, its consensus power reaches the 33% share

The recap of the estimated (lower bounds of) the costs of these strategies is in the table below, the analysis about how we got to these numbers is in the next section.

| | Strategy 1 “Bribing” | Strategy 2 “Buying” | Strategy 3 “Adding” | | --- | --- | --- | --- | | Cost components | HDDCost | HDDCost + StoragePledge + FutureEarnings | HDDCost + SealingCost + GasCost | | Range of the estimated cost (exact value depends on numbers of deals) | [$18k, $184k] | - | - | | Estimated cost (when 12% of sectors are with verified deals) | $88.4k | $9.5M | $4M |

<aside> ⚖️ Note that running this attack today (with Consensus Pledge NOT zero) implies controlling a number of sectors whose cumulative consensus pledge is at least about 34.2 M-FIL. If FILPrice = 4$, this means controlling ~$137M. See [2023Q3] Cost of Consensus Security: Pledge for more details on this.

</aside>

Analysis

The goal is to estimate the cost of these strategies, and the first cost that we want to calculate is the HW cost of storing the sectors (HDD cost).

HDD cost for storing 33% of the QAP for 24h: