This doesn't seem like as much of an actual risk. A better way to make money would be to create a perception that the value of the coin is at risk before buying it cheap.

Actually devaluing it doesn't seem worthwhile financially.

BTC will have to move to a proof of stake design to survive. It's unavoidable.

Like, trivially, it's an ASIC, so I can use it to simulate a von Neumann[*] machine, hence I can use it to run whatever algorithm I want. Would that be more efficient than using a modern OoO superscalar? Almost surely not, but that doesn't mean it can't be done, just that it shouldn't be done that way.

*: I realize that the ASICs used in Bitcoin miners don't have dram access, but that isn't a general limitation of ASICs, just those ASIC 'chips' (and maybe not even those chips, just their implementations in bitcoin miners)

EDIT: Thanks to everyone who answered! For some reason, I had it in my head that the way we implement fixed function stuff in an ASIC was basically the same as a "burn once" FPGA. Brains gonna brain.

- The attacker can doublespend their transactions if their hashing power is high enough to create more blocks than what the recipient is waiting for. E.g. you buy a lambo, the shop waits 10 blocks after the tx is in a block and gives you the lambo, then you create a longer chain with 11 blocks to replace the other one, and don't include the original lambo tx. 51% of hashing power is enough to create new blocks, but not enough to create 11 alternative blocks. That requires more hashing power.

- The attacker can prevent other transactions from landing in a block, as long as they have majority

- But the attacker can't create fake transactions (e.g. if they only have 1k Monero, they can't create a tx with 2k Monero). Because all nodes (not only miners) still verify the transactions

- And the attacker can also not steal your money, because they don't have your private keys

Or, you need to spend a lot of resources to do the attack even if it's the case that you get that money back when you succeed. And the attack is not available to you if you can't front those resources (because it's expensive rather than cheap).

Looking at that website I see that the unknown pool keeps getting a longer chain and it switches to it

specially given its only backing is "trust" (trust that you won't get invaded or overthrown)

anonymous alt coins, real digital cash, are competition to the monetary system. there can be only one.

Monero transactions are inherently obfuscated, which solves this problem. If you want more details, the Monero whitepaper is well written to be accessible for the common reader.

The tldr is it works atop ring signatures: https://en.m.wikipedia.org/wiki/Ring_signature

"unsustainable"

Qubic was able to orchestrate its network of miners to temporarily halt their AI-related tasks and redirect their collective CPU power to mine on the Monero network instead.

Also, Qubic has implemented an economic strategy that involves selling the Monero it mines for a stablecoin like USDT and then using those funds to benefit its own ecosystem and attract more miners, and renting hardware to gain more hash power. The proceeds from the sale of XMR are used to buy Qubic's native token (QUBIC) from exchanges. These purchased tokens are then "burned" or permanently removed from circulation.

I bring this up because people are always asking what platforms are allowing me to short cryptocurrencies, which seems to miss that it's enough to just have a debt denominated in what you want to bet against.

This is electrically impossible for Bitcoin specifically, modern ASICs exceed 3 orders of magnitude more hashes/Joule and hashrate/chip than a RTX5090 and cost $2-40 retail per chip.

It's only a secure system if adversaries are either small or economically rational.