Written by: Craig Wright
Compiled by: Luffy, Foresight News
There is a standard narrative about Bitcoin and the law: Bitcoin was designed to operate outside of governments, replacing institutional trust with mathematical trust. It is permissionless, anyone can participate, and there is no central authority in control. The system relies on the cost of attack itself for security. The law is optional, external, something Bitcoin was meant to circumvent.
This narrative is wrong, yet not entirely false; it contains some truth. But as a description of how Bitcoin actually operates in real-world, high-value transactions, it is a fairy tale. And it is this fairy tale that distorts the understanding of blockchain security among economists, regulators, and even the crypto industry itself.
The Economic Version
The most rigorous version of this narrative comes from economics, not cypherpunk forums. Its core argument is concise: in a permissionless system without the rule of law, the only thing preventing a double-spend attack is the cost of amassing enough hash power to surpass the honest chain. Security is a matter of cost: the network must continuously invest enough resources to make attacks unprofitable. If the value that can be stolen exceeds the attack cost, the system is insecure.
This is a valid conclusion; its math is correct under the given assumptions. But it leads to an uncomfortable corollary: securing large-value transactions on a proof-of-work blockchain requires massive, ongoing resource consumption proportional to the value at risk. If you want to settle a billion-dollar transaction, the network must consume enough electricity and hardware to make a billion-dollar attack unprofitable. This is costly, seemingly wasteful, and appears to be a fundamental economic limit.
But note this crucial premise: *in the absence of the rule of law*. The entire conclusion rests on an assumption: the attacker operates in a legal vacuum, anonymous, untraceable, and faces no consequences beyond the direct cost of the attack itself. This is not an insignificant simplification; it is the core assumption. And in the real world, for all economically significant Bitcoin transactions, this assumption does not hold true.
Who Mines Bitcoin
The story of anonymous miners in basements ended years ago. Bitcoin mining is an industrial-scale activity, organized through mining pools that coordinate block creation, capture block rewards, and distribute earnings to participants providing hash power according to contractual rules.
As of March 2026, the top five mining pools control over 70% of Bitcoin's hash rate. The top two pools, Foundry USA and AntPool, together hold nearly half the share. They are not secret, anonymous entities: Foundry USA is a subsidiary of Digital Currency Group; MARA Pool is operated by Nasdaq-listed MARA Holdings, whose latest annual report discloses ownership of 400,000 mining machines, 53 EH/s of hash rate, and Bitcoin reserves worth over $4 billion. These are named companies with addresses, stock tickers, auditors, banking relationships, and legal counsel.
The coordination layer of Bitcoin mining (the entities actually responsible for creating blocks and distributing rewards) is highly concentrated in a few jurisdictions. Pools associated with the US account for about 42% of the hash rate; those associated with China about 41%; Singapore, Japan, the Czech Republic, and Slovenia account for most of the remainder. Pools that cannot be identified via Coinbase tags, corporate filings, or public operators represent less than 2% of the hash rate.
This is not a picture of operating outside the law, but an oligopolistic industry: a few identifiable entities operating within reach of the law. When economists model Bitcoin attackers as anonymous, legally unreachable agents, they are describing not the real industry, but a fantasy the industry itself abandoned a decade ago.
What a Real Attack Looks Like
A double-spend attack on Bitcoin is not abstract. The process is: an attacker sends Bitcoin to a counterparty (e.g., to an exchange for dollars), while secretly mining an alternative chain that does not contain that transaction. If the attacker's secret chain becomes longer than the public chain, it replaces it, and the original transaction vanishes. The attacker gets the dollars and keeps the Bitcoin.
For such an attack to be significant, the attacker needs to control a majority of the hash rate for an extended period. In today's network, that means mastering over 400 EH/s. An individual cannot do this. The only feasible attack path is through the pool layer: either a single large pool deviates from honest mining, or multiple pools collude.
Now ask: what happens to that pool after the attack?
The attacker (a named public company or well-known pool brand) has just defrauded an exchange. The double-spend victim knows it was cheated; the blockchain record will show which pool built the attack chain (the Coinbase tag clearly identifies it). The defrauded exchange has legal counsel, insurance, and regulatory relationships, and the pool itself relies on these exchanges to convert mining revenue into fiat currency.
The attacker is not anonymous, the victim is not helpless, and the system connecting them is not outside the law.
The Law Enforcement Participation Constraint
The standard economic narrative is only half right. For small transactions—a $5 coffee, a $20 online purchase—no one will sue; legal costs exceed the loss. Hiring a lawyer costs more than the coffee. In this range, the law is indeed irrelevant, protocol security is everything, and the pure economic model applies.
But the irrelevance of law is inversely proportional to the transaction amount. A $5 million double-spend against an identifiable pool, involving asset freezes and exchange balance seizures, is a different matter entirely: this is wire fraud, computer fraud, a case prosecutors would take, insurers would pursue, and exchanges would cooperate with.
The real question is not whether laws against double-spending exist—they do. It's whether anyone is willing to invoke them. For small amounts, no; for large amounts, yes. There is a threshold, which can be called the law enforcement participation constraint: below this line, legal costs exceed the expected recovery; above it, legal action becomes worthwhile.
Recent enforcement actions in the crypto industry roughly indicate this threshold: Binance paid $4.3 billion to settle with the DOJ, FinCEN, and OFAC; BitMEX settled for $100 million.
These were compliance violations, not double-spend attacks. A deliberate double-spend would trigger not only civil liability but also criminal charges leading to prison time and asset forfeiture.
The conclusion is straightforward: the "no law" model applies to small transactions; it does not apply to large ones. The dividing line is not at the billion-dollar level but in the few million dollar range, depending on the jurisdiction, the victim institution's capabilities, and the attacker's identifiability. For pool-led attacks, identifiability is close to 100%.
Why Coordinated Attacks Fail
Even ignoring the law, pool attacks have structural weaknesses the standard model overlooks: pools rely on others' machines.
The pool operator coordinates block creation, but much of the actual hash power comes from external contributors: companies and individuals who connect their machines to the pool for a share of the rewards. These contributors can leave at any time; they join the pool to make money. If the pool's earnings decline, they move to a competitor.
A covert double-spend attack degrades earnings quality: the pool diverts hash power from honest mining to a secret chain, earning nothing if it fails. Contributors see lower, more volatile earnings and more invalid blocks. They don't need to know an attack is happening; they just see this pool performing worse than others and leave.
If the attack is detected or suspected, a further exodus occurs. Remaining contributors face risks associated with fraud: hardware could be flagged, exchange accounts scrutinized, hosting contracts affected. For companies with hundreds of millions in dedicated mining hardware, the rational choice upon a pool's public involvement in an attack is to leave immediately and distance themselves.
Another often-overlooked point: if the attack fails (the honest chain remains longer), the attacker loses all investment in building the secret chain. Honest miners need do nothing special; they just keep mining. The Nakamoto protocol's longest-chain rule automatically applies: if honest hash power exceeds attack hash power, the attack chain is orphaned. The protocol itself is a rejection mechanism. Honest miners aren't联盟ed; they aren't defending; they are just doing their normal work. The attacker, conversely, must act abnormally and sustain it, all while their coalition bleeds participants.
The result: an attacking pool's hash power is not fixed but continuously erodes during the attack. Simple simulations show: a pool starting with 31% of the network's hash power could lose the vast majority of its external contributed hash power within hours if the earnings distortion is observable, eventually being left with only its own hash power. For most pools, this is only a small fraction of their total stated power. An attack that seems nominally feasible becomes infeasible as contributors flee.
The Capital Problem
The standard model completely ignores a deeper issue: capital specificity.
Bitcoin mining hardware, ASICs, are not general-purpose equipment. A Bitcoin ASIC does one thing: compute SHA-256. It cannot mine Ethereum, cannot be a web server, cannot run machine learning. Once excluded from profitable Bitcoin mining, the hardware is worthless—just scrap metal with a power cord.
Large pool operators own billions of dollars in ASICs, hosting contracts, power agreements, and Bitcoin reserves. MARA Holdings alone discloses over $5 billion in combined ASIC miners and Bitcoin assets. Foundry USA aggregates the hash power of dozens of companies, each with significant capital exposure. A successful double-spend might yield tens of millions, but the capital risk from being identified, sanctioned, and excluded is measured in billions.
This is no longer a flow cost problem; it's a stock cost problem. The attacker risks not days of mining revenue, but the entire productive value of irreversible capital with no alternative use. This fundamentally changes the economics.
In the standard model, security requires ongoing investment proportional to the value at risk; in reality, for identifiable, capital-heavy pool operators, security is backed by the threat of permanent capital destruction.
Ironically, the original economic critique itself acknowledges that stock cost deterrence, if it existed, would be extremely powerful. It just argued proof-of-work lacks this deterrence because attack hash power can be rented, deployed, and discarded. This was roughly true in 2012, but it is absolutely not true in 2026. Mining is a heavy-capital industry with fixed infrastructure, long-term power contracts, and hardware that cannot be repurposed. Stock costs are real; the economic models just haven't caught up.
Two Mechanisms, One System
What we get is not a refutation of the economic model, but a localization of its application. Bitcoin does not have one security mechanism, but two operating simultaneously:
- For small transactions: Pure protocol security is effective. Individual transactions are too small to warrant legal action. The system relies on the cost of assembling attack hash power for security. This mechanism works, fits the standard model description, and supports high throughput. Millions of small payments can run entirely on the protocol layer, with very low per-transaction security cost.
- For large transactions: Legal + organizational mechanisms take over. The attacker's payoff is no longer determined solely by protocol costs but is significantly reduced by legal sanctions, exchange freezes, liquidation friction, reputational ruin, capital impairment, and the self-destruction of the attack coalition as contributors flee. Under this mechanism, the pure flow cost model overestimates the attack payoff because it ignores all the consequences the identifiable attacker faces after the on-chain action concludes.
The two mechanisms are not in conflict but complementary: the protocol layer handles volume; the legal layer handles value. Combined, they create a security environment far more robust than any single mechanism could be.
The Real Revelation
The deeper conclusion is not about Bitcoin specifically, but about how we view technology and institutions.
The cypherpunk narrative frames law and protocol as substitutes—choose one, and Bitcoin's point is to choose protocol. The economic critique accepted this framework and then questioned whether the protocol alone could suffice. Both are trapped in the same false dichotomy.
In reality, protocol and law are complements:
- The protocol provides the base layer: transaction ordering, immutability, censorship resistance, using cost to deter casual attacks.
- The law provides the upper layer: identity, accountability, sanctions, recovery, using severe penalties to deter heavyweight attackers.
Neither layer alone is sufficient; together they cover the full spectrum.
This should not be surprising. No valuable economic system in history operates entirely outside a legal framework. Banking, securities, insurance, telecommunications, even the internet itself—once proclaimed to be beyond government—do not. The question was never *if* law would come to Bitcoin, but when and through which channels. The answer is: law is already deeply embedded, through the industrial structure of mining itself.
Miners did not need to be forced into compliance by regulation. They moved towards a legally identifiable state driven by the basic economic logic of pooling, specialization, and scale. The very forces that made mining efficient (pooling for risk-sharing, ASIC capital investment, exchange relationships for liquidation) are the same forces that made mining legally identifiable.
Bitcoin's security does not depend on operating outside the law, but on being embedded within it. The protocol handles small matters; the law handles large ones. The industrial structure of mining is the bridge connecting the two. This structure was not imposed by regulators; it evolved naturally from the economics of mining itself. This is the most fundamental misjudgment in the standard economic critique of Bitcoin security.
