Written by: Craig Wright

Translated by: Luffy, Foresight News

Regarding Bitcoin and the law, there is a popular narrative: Bitcoin is designed to operate outside of government, replacing institutional trust with mathematical trust. It is permissionless, anyone can participate, and there is no central authority in control. The system relies on the cost of attack itself to achieve security. The law is optional, external, and is something Bitcoin tries to circumvent.

This narrative is incorrect, yet not completely wrong; it indeed contains some truths. But as a description of how Bitcoin operates in actual monetary transactions, it is a fairy tale. And it is this fairy tale that distorts the understanding of economists, regulators, and even the crypto industry itself regarding blockchain security.

Economic Version

The most rigorous version of this narrative comes from economics, not from cypherpunk forums. Its core point is succinct: in a permissionless system without the rule of law, the only thing that can prevent double-spending attacks is assembling enough computational power to exceed the cost of the honest chain. Security is a cost issue: the network must continually invest enough resources to make attacks unprofitable. If the value that can be stolen exceeds the cost of the attack, the system is insecure.

This is a true conclusion, and under established assumptions, its mathematical calculations are correct. But it leads to a disturbing inference: ensuring the security of large transactions on a proof-of-work blockchain requires a massive and ongoing resource consumption proportional to risk value. If you want to conduct a billion-dollar transaction, the network must consume enough electricity and hardware to ensure that a billion-dollar level attack is unprofitable. This is costly, seems wasteful, and acts like a fundamental economic limit.

But pay attention to this key premise: in the absence of the rule of law. The entire conclusion is based on an assumption: attackers operate in a legal vacuum, are anonymous, untraceable, and bear no consequences beyond the direct costs of the attack itself. This is not an inconsequential simplification, but a core assumption. And in the real world, for all economically significant Bitcoin transactions, this assumption does not align with reality.

Who Mines Bitcoin

The story of anonymous miners in basements ended years ago. Bitcoin mining has become an industrial activity, organized through mining pools, which are responsible for coordinating block production, obtaining block rewards, and distributing profits to participants providing computational power according to contract rules.

As of March 2026, the five largest mining pools control over 70% of Bitcoin's computational power. The two largest pools, Foundry USA and AntPool, together occupy nearly half the market share. They are not secretive anonymous entities: Foundry USA is a subsidiary of Digital Currency Group; MARA Pool is operated by Nasdaq-listed MARA Holdings, which disclosed in its latest annual report that it has 400,000 mining machines, 53 EH/s of computational power, and a Bitcoin reserve worth over 4 billion dollars. These are legitimate companies with names, addresses, stock codes, auditors, banking relations, and legal advisors.

The coordination layer of Bitcoin mining (the entities responsible for block production and reward distribution) is highly concentrated in a few legal jurisdictions. Mining pools related to the United States account for about 42% of the computational power, pools related to China account for about 41%, and the remaining majority is occupied by Singapore, Japan, the Czech Republic, and Slovenia. The computational power of mining pools that cannot be identified through Coinbase labels, company documents, or public operators accounts for less than 2%.

This is not a picture that transcends the law, but rather an oligopolistic industry: a few identifiable entities operate within legally accessible jurisdictions. When economists model Bitcoin attackers as anonymous, legally unreachable entities, they are not describing the real industry, but a hypothesis that the industry abandoned a decade ago.

What Does a Real Attack Look Like

Double-spending attacks on Bitcoin are not an abstract concept, and the process is as follows: the attacker sends Bitcoin to a counterpart (for example, transferring it to an exchange to obtain dollars) while secretly starting to mine an alternative chain that does not include that transaction. If the attacker's secret chain becomes longer than the public chain, it will replace it, causing the original transaction to disappear. The attacker then gets the dollars while keeping the Bitcoin.

To make this attack significant in scale, the attacker needs to control the vast majority of computational power over an extended period. In today’s networks, this means needing to control over 400 EH/s. An individual cannot achieve this; the only feasible attack path can only be through the mining pool layer: either a single large mining pool deviates from honest mining, or multiple mining pools collude.

Now, let me ask: after the attack occurs, what will that mining pool face?

The attacker (a well-known publicly listed company or a well-known mining pool brand) has just defrauded a certain exchange. The double-spending victim knows they have been cheated, and the blockchain record will show which mining pool constructed the attack chain (Coinbase labels can clearly identify them). The defrauded exchange has legal advisors, insurance, and regulatory relations, and the mining pool itself relies on these exchanges to convert mining income into fiat currency.

The attacker is not anonymous, the victim is not helpless, and the system connecting the two is not extralegal.

Enforcement Participation Constraints

The standard economic narrative is only half right. For small transactions, like a $5 coffee or a $20 online purchase, no one would sue; the legal costs exceed the losses. Hiring a lawyer costs more than coffee; within this range, the law is indeed irrelevant, and security at the protocol layer is everything, and the pure economic model applies.

But the irrelevance of law is inversely proportional to the transaction amount. A $5 million double-spend aimed at identifiable mining pools, accompanied by asset freezes and exchange balance seizures, is a whole different matter: this is wire fraud, computer fraud, and is a case that prosecutors will take over, and insurance companies will pursue, and exchanges will cooperate.

The real question is not whether there is a law governing double-spending—there certainly is. But whether there are individuals willing to invoke the law. Small amounts won’t; large amounts will. There exists a threshold, which can be called the enforcement participation constraint: below this line, the legal costs are higher than the expected recovery amount; above this line, legal action becomes worthwhile.

Recent law enforcement actions in the crypto industry roughly indicate this threshold: Binance paid $4.3 billion to settle with the Department of Justice, FinCEN, and OFAC; BitMEX settled for $100 million.

These are compliance violations, not double-spending attacks. Intentional double-spending would not only lead to civil liability but would also incur criminal charges with imprisonment and asset forfeiture.

The conclusion is straightforward: small transactions apply the "no law" model; large transactions do not. The dividing line is not at the billion-dollar level, but in the millions, depending on jurisdiction, the victim organization's capability, and the level of attacker identifiability. In the case of pool-dominated attacks, the level of identifiability is nearly 100%.

Why Combined Attacks May Fail

Even without considering the law, mining pool attacks have structural weaknesses overlooked by the standard model: mining pools rely on machines owned by others.

Mining pool operators are responsible for coordinating block production, but a large portion of actual computational power comes from external contributors: companies and individuals who plug their machines into the pool for reward sharing. These contributors can leave at any time; they join the pool to make money. If mining pool earnings decrease, they will turn to competitors.

Covert double-spending attacks will degrade the quality of earnings: the pool will shift its computational power from honest mining to the secret chain, and if it fails, they will end up with nothing. Contributors will see lower earnings, greater volatility, and more invalid blocks. They do not need to know that an attack is happening; they only need to notice that this pool is performing worse than others, and they will leave.

Once an attack is detected or suspected, a new wave of departures will occur. Remaining contributors will face risks associated with fraud; hardware may be flagged, exchange accounts may be scrutinized, and custody contracts may be affected. For companies with hundreds of millions of dollars in dedicated mining machines, the rational choice after a pool gets publicly implicated in an attack is to exit and dissociate.

One more often overlooked point: if the attack fails (the honest chain remains longer), the attacker will lose all the investment made in constructing the secret chain. Honest miners do not need to do anything special; they just continue mining. The longest chain rule of the Satoshi protocol automatically takes effect: honest computational power exceeds attack power, and the attack chain will be isolated; the protocol itself acts as a rejection mechanism. Honest miners do not form alliances, do not defend, and simply engage in normal activities. Instead, attackers must perform abnormal actions and maintain them while their alliance continues to bleed.

The result is: the computational power of the attack mining pool is not fixed but will steadily decline during the attack process. Simple simulations show that a mining pool initially holding 31% of the network's computational power could lose most of its external contributor power within hours of observable earnings distortion, ultimately leaving only the pool's own computational power. For most pools, this represents a very small portion of total computational power. What may seem feasible in theory becomes unfeasible as contributors flee.

Capital Issues

The standard model completely overlooks a deeper issue: the specificity of capital.

Bitcoin mining hardware ASICs are not general-purpose devices. Bitcoin ASICs only do one thing: compute SHA-256. They cannot mine Ethereum, cannot act as web servers, cannot run machine learning. Once excluded from profitable mining, the hardware becomes worthless, merely scrap metal with power cables.

Large mining pool operators possess billions of dollars in ASICs, custody contracts, electricity agreements, and Bitcoin reserves. MARA Holdings alone disclosed that its ASIC mining machines and Bitcoin assets total over $5 billion. Foundry USA aggregates the computational power of dozens of companies, each with significant capital exposure. A successful double-spend could yield tens of millions of dollars, but the capital risks faced from being identified, sanctioned, or excluded amount to billions.

This is no longer a problem of flow costs but of stock costs. The risk that attackers face is not the earnings of a few days of mining, but the risk of the entire capital production value with no alternative uses. This fundamentally changes economics.

In the standard model, security requires ongoing investments proportionate to risk value; in reality, identifiable, capital-intensive mining pool operators are underpinned by the threat of permanent capital destruction.

Ironically, the original economic criticism itself acknowledges: if there exists a deterrent based on stock costs, it would be extremely powerful. It merely states that proof-of-work lacks this deterrent because attack computational power can be rented, deployed, and discarded. This may have been true in 2012, but it is certainly not the case in 2026. Mining has become a capital-intensive industry, with fixed infrastructure, long-term electricity contracts, and hardware that cannot be repurposed. Stock costs genuinely exist; the economic models simply have not caught up.

Two Mechanisms, One System

What we have is not a negation of the economic model but a localization of its application. Bitcoin does not operate with a single security mechanism but rather two mechanisms running simultaneously:

• For small transactions: pure protocol security is in effect. Single transactions are too small to be worth initiating legal action, and the system relies on the cost of assembling attack computational power to ensure security. This mechanism is effective, aligns with standard model descriptions, and supports high throughput. Millions of small payments can run entirely at the protocol layer with low cost per transaction.
• For large transactions: the law + organizational mechanisms take over. The attacker’s profit is no longer dictated solely by protocol costs; it will also be significantly offset by legal sanctions, exchange freezes, liquidity friction, reputational damage, capital devaluation, and the disintegration of the attack alliance due to contributor withdrawal. Under this mechanism, the pure flow cost model overestimates attack rewards because it overlooks all the consequences identifiable attackers will face once on-chain behaviors end.

The two mechanisms do not conflict; rather, they complement each other: the protocol layer processes flow, while the legal layer handles value. The combination of the two creates a much more robust security environment than any singular mechanism.

The Real Revelation

The deeper conclusion is not about Bitcoin itself but about how we perceive technology and institutions.

The cypherpunk narrative views law and protocol as substitutes, either/or, while the significance of Bitcoin lies in opting for protocol. The economic criticisms accept this framework and then question whether the protocol can stand alone. Both sides are trapped in the same erroneous binary opposition.

In reality, protocol and law are complements:

• The protocol provides the foundation: transaction ordering, immutability, censorship resistance, using costs to prevent arbitrary attacks.
• The law provides the upper layer: identity, accountability, sanctions, recovery, using heavy penalties to prevent heavyweight attackers.

Neither layer is sufficient on its own; together they cover all scenarios.

This is not surprising. Historically, no valuable economic system has operated completely independent of a legal framework. Banks, securities, insurance, telecommunications, and even the internet, once claimed to be beyond government intervention, are not. The question has never been whether the law will enter Bitcoin, but when and through which channels. The answer is: the law has long been entrenched within the very structure of the mining industry itself.

Miners do not need to be coerced into legal compliance by regulators. They voluntarily move towards a legally identifiable status due to the simple economic logic of mining pools, specialization, and scaling. The forces that make mining efficient (shared pool risk, capital investment in ASICs, connections for fiat conversion with exchanges) are also the forces that make mining recognizable by law.

The security of Bitcoin relies not on transcending the law, but on embedding it within the law. Protocols handle small matters, while laws handle big matters. The structure of mining is the bridge that connects the two. This structure is not imposed by regulation but has naturally evolved from the economics of mining itself. This is also the most fundamental misjudgment of standard economic criticism concerning Bitcoin's security.