EBA: 51% Attack Remains Bitcoin’s Biggest Problem

EBA logo

Bitcoin’s biggest problem is still the threat of a 51% attack, according to Dr Dirk Haubrich, head of consumer protection and financial innovation at the European Banking Authority (EBA).

He said his main concern about the widespread adoption of bitcoin is the risk of a 51% attack, where a single entity contributes the majority of the network’s mining hashrate and, thus, gains full control of the network and can manipulate the blockchain.

Haubrich made these comments on Friday at an event titled Controlling Cryptocurrencies at the University of Birmingham in the UK.

He said he had spoken to numerous members of the virtual currency world two years ago and at the time, he was assured majority power would never occur. After it did, people assured him it didn’t matter, as the 51% would not abuse the system.

“As a financial regulator, I don’t believe it. I’ve seen so much stuff happen from the financial institutions that created the financial crisis – and that is partly what brought about virtual currencies in the first place – so I don’t believe in those promises any more,” Haubrich said.

Ensuring integrity

Haubrich feels the EBA could probably find a way to split up mining pools to prevent a 51% attack, but he is reluctant to go down this route. He said it goes against the philosophical origins of virtual currencies and the concept of a system without centralised control.

However, he added:

“We want to make sure there is integrity in a virtual currency system. So we want someone to be responsible for the integrity of the scheme.”

Haubrich said he doesn’t think a public authority or a regulator should take this responsibility. Two years ago, Haubrich would have suggested the Bitcoin Foundation for this role, but it’s not suitable now, given its “declining trajectory”, he said.

The EBA’s approach

The EBA produced a guidance document in July 2014, which outlined the risks and potential benefits of digital currencies such as bitcoin.

Dirk Haubrich
Dirk Haubrich of the European Banking Authority

Haubrich explained the EBA’s process on deciding whether to regulate new technology or other developments in the payments space: “We assess the benefits, we define the risks and there is then the question to ask – do we need to get involved? Is there some sort of regulatory framework required?”

He admitted that, at first, the EBA thought it might be able to “shoehorn” cryptocurrencies into some of the existing directives, such as the Payment Service Directive.

“That way we [would] have an easy fix, but then we realised that a more comprehensive and separate regulatory regime is required. We as an authority won’t want to deal with that ourselves, if the task had been a bit smaller we could have managed it, but it’s too much,” Haubrich explained.

Instead, the authority issued an opinion, designed to offer guidance to other European Union institutions so they can decide what regulation, if any, to create. Haubrich said:

“This is going to take a while, given the length of time it takes European Commission houses of parliament to actually develop something – it could take several years for this to get off the ground, if it ever gets off the ground.”

Whatever happens, the EBA is keen for a regulatory environment that provides suitable consumer protections while also making sure innovation can flourish.

Economic sanctions

Haubrich outlined that, when the EBA was assessing the risks presented by cryptocurrencies, there were many it would be capable of addressing, but others went beyond the authority’s remit.

Some risks, for example, fall within the political domain, such as the fact cryptocurrencies can undermine financial sanctions.

“The way financial sanctions are imposed is to tell the financial intermediary – a bank or payment services provider – they can no longer accept money from this person, or from this jurisdiction to that jurisdiction,” explained Haubrich.

He went on to say the peer-to-peer nature of cryptocurrency transactions means financial sanctions cannot be readily enforced. Whether these sanctions are right or wrong is not for him to decide, he said, so it’s up to separate authorities to consider whether they value this political tool more than the potential benefits cryptocurrencies present.

“We, as a financial regulator, are not elected by the populous. I am elected and I work to a mandate, not what I think should be the objective of society,” he concluded.

EBA image via EBA

51% attacksEBAEuropean Banking Authority

<!–

–>