@Irene, August 2023

**TLDR:**

*Today (Aug 2023) controlling the 33% of consensus power (ie, NetworkQAP) requires controlling a number of sectors whose cumulative pledge is at least*

*34.2 M-FIL**. If FILPrice = 4$, this means controlling ~$137M. In the future, especially if baseline becomes larger than NetworkQAP, this value becomes at least 10x smaller. See*

*[2023Q3] Cost of Consensus Security: Hardware*

*.*

- Quality Adjusted Power (QAP) Pricing
- Consensus Pledge
- Consensus Security
- Lower bound by considering min CP value in the last 1.5 years:
- Comments and Extras

## Quality Adjusted Power (QAP) Pricing

During the PoRep Protocol, when adding new sectors, an SP needs to lock down the `InitialPledge`

(IP). IP has two parts:* InitialPledge = StoragePledge + ConsensusPledge*.

By the original design, `StoragePledge`

(SP) aims to cover for possible future storage fault fees (see ), it depends only on ExpectedDailyBlockReward for the sector (SP ≈ 20*BR) and does not provide sufficient guarantees for consensus security. On the other hand, `ConsensusPledge`

(CP) was introduced to make consensus takeovers expensive attacks.

Since the goal of this doc is to review consensus security, for the rest of it we focus on ConsensusPledge. Moreover, currently SP is only 5% of IP and CP represents the large majority of IP. In other words, we consider “*CP per 1GiB of QAP power*” as the “price” of consensus power in Filecoin.

### Consensus Pledge

We have the following formula for CP for a sector: CP = 30% * SectorNormalizedCirculatingSupply https://github.com/filecoin-project/specs-actors/blob/master/actors/builtin/miner/monies.go#L167

That is:

$CP = 0.3 \cdot \frac{FILCirculatingSupply}{\max(baseline, NetworkQAP)}\cdot SectorQAP$Note that CP per QAP unity value changes over time since the fraction FILCirculatingSupply / max (baseline, NetworkQAP) is not constant. So CP depends on the time when a sector is added.

From March 2021 to now, $\max( baseline, NetworkQAP ) = NetworkQAP$

So in the rest of this doc we consider the formula __ without the baseline value__. That is

⚠️ __ Warning__: Ignoring baseline in the formula for CP is fine for studying the consensus security in the present or close future (eg, 6 months from now). See next section for this. However during next year (2024) baseline may become larger than NetworkQAP. Soon (ie, few months) after this happens, the analysis in this doc will no longer hold and we might have much lower consensus security. See the CE doc:

and this analysis about Consensus Security when IP = 0.

## Consensus Security

🎯 *We consider running the 33% attack today (ie, acquiring the 33% of current NetworkQAP) and we estimate how many tokens are needed to cover the ConsensusPledge (CP) for it. *

Let call the number of tokens needed to cover CP for the 33% of the power , “Target”. The formula for it is:

$Target = \sum_{i\in A}CP_i \\ \text{ with }A = \{ i | \sum_i Sector_iQAP = 0.33\cdot CurrentNetworkQAP\}$Basically, we sum ConsensusPledge values ($CP_i$) for a set of sectors (the set A) that gives the 33% of the current value of NetworkQAP.

Note that since the sector needs to be active today to be considered in the formula, we only look at CP values from now (July 2023) to back in past until January 2022 (current max sector duration is 1.5 years).

### Lower bound by considering min CP value in the last 1.5 years:

Using Starboard values for $FILCirculatingSupply$ and $NetworkQAP$ , we compute the daily value of “*CP per 1GiB of QAP power*” from January 2022 to July 2023.

We get that the minimum over that period is 0.0042 FIL (corresponding to ~0.13FIL per 32GiB of QAP, that is for a CC sector). Therefore

$Target = \sum_{i\in A} CP^{perQAP}_i\cdot Sector_iQAP\\ \geq 0.0042 \text{ FIL} \cdot \sum_{i\in A} Sector_iQAP\\ = 0.0042 \text{ FIL} \cdot 0.33 \cdot CurrentNetworkQAP$Since CurrentNetworkQAP ~23EiB, we get Target ≥ 0.0042 *0.33 * 23 * 1073741824 ~**34.2 M-FIL.**
If the FILPrice is 4$, the target lower bound above corresponds to ~**$137M**

## Comments and Extras

- From @Tom Mellan: what if the FIL is borrowed for 24h? “They borrow $200M, for 24hr, at say 1%/day, then pay the $200M back after the attack. So the cost of 24hr control is $2M? “

- Values for CP and SP from Cryptoecon: “So the smallest consensus pledge was right at the start. But if we exclude the first handful of days as atypical, and select the minimum value for consensus pledge that occurs around Oct 2021, the minimum value is 0.1371 per 32GiB of qap)