Oddbean new post about | logout
shadowysuperbadger | 18 days ago (raw) | root | parent | reply | flag 
 1. Makes sense
2. Yeah but that's life. Sha256 is not provably secure. But because there are no known attacks we trust it
provoost | 18 days ago (raw) | root | parent | reply | flag +2 
 There's a massive gap between the confidence you can have in sha256 and that of the mempool of Bitcoin, let alone that of Monero (which has fewer incentives to be attacked, e.g. no second layer protocol that relies on it).
ede3d957 | 18 days ago (raw) | root | parent | reply | flag +4 
 Monero has fewer incentives to attack it? Are you even serious? Hace you been sleeping under a rock for the last 5 years?
shadowysuperbadger | 18 days ago (raw) | root | parent | reply | flag +1 
 I'm smelling a strawman
plebymous | 18 days ago (raw) | root | parent | reply | flag +3 
 
On bitcoin you could literally steal money with a good mempool attack, by closing a lightning channel with a previous state in your favor and censoring your peer to broadcast the real final state. There's good money to be made.

On Monero the only financial incentive is your government sponsored wage to de-anonymize users. It's motivating if got the job, but it's not like there's a sea of APT actors continuously looking on how to steal the cake, like North Korean Lazarus Group did on a bunch of ethereum L2 bridges (which I admit are much lower hanging fruits, but I'm sure one day they'll take a look into bitcoin L2s).