\The control of network hashrate is just the tip of the iceberg when we talk about decentralization.The recent 51% attack on Monero not only reminds us that decentralization must be permanently monitored, but also that there are precedents still pointing to the threat even among the leading crypto assets.On August 11, 2025, the Qubic pool (led by Sergey Ivancheglo, co-founder of IOTA and creator of NXT) announced that it had surpassed 51% of Monero’s hashrate, triggering a six-block reorganization that discarded 60 previously valid blocks. This experiment, described by its promoters as a “stress test,” immediately generated media shockwaves that even drove the token’s price down while the broader crypto market was rising. Although several Monero developers argued at the time that a six-block reorganization alone did not prove a successful 51% attack, experts such as SlowMist’s co-founder warned that if the majority was confirmed, Qubic could rewrite the chain, enable double spending, and censor transactions.\Ledger’s CTO, Charles Guillemet, agreed: “Monero appears to be in the middle of a successful 51% attack… Qubic can rewrite the blockchain, enable double spending, and censor any transaction” (Source). Meanwhile, developer Peter Todd pointed out that measuring hashrate control in real time is difficult, since Proof of Work (PoW) is probabilistic. (Source)But what began as an alleged experiment—surrounded mainly by doubts regarding the accuracy of the claimed hashrate percentage—ended up proving its impact just a few days later, when Qubic managed to mine 80% of Monero’s blocks in just two hours, with 52% of the global hashrate.https://x.com/Cointelegraph/status/1956355360073146859?embedable=trueHow did they achieve it? The strategy was twofold: combining mining with training their AI to increase profitability, and reforming their reward system by shifting from burning all revenues to burning only half and distributing the other half directly to their validators. ==This mix of higher returns and immediate payouts proved too tempting for miners from other pools==, weakening the competition and consolidating their position in the offensive for network control. \The result was clear: Qubic reorganized six blocks and orphaned sixty, mined around 750 XMR and 7 million XTM, and—together with leftover Tari from the last epoch—accumulated 17.2 billion QUBIC that were burned (about USD 55,000). \Meanwhile, Computors and miners received 62.2 billion QUBIC in rewards, valued at roughly USD 200,000. In total, Qubic’s network reached a peak of 2.71 GH/s and found 5,506 blocks, making it nearly four times more profitable than direct Monero mining, with the 51% experiment active.This specific strategy reinforces the relevance of game theory in blockchain projects. The true test of equilibrium lies in the alignment of objectives: multiple actors, each with different intentions and goals, coordinating to achieve a final outcome that does not always coincide with the common good. \Sometimes, that outcome benefits only those who gain effective control of the network, highlighting the idea that many blockchains function more like dynamic social organizations than neutral protocols.\Beyond majority hashpower control, recent history shows that external factors—such as censorship enforced by regulators (OFAC), extreme concentration in mining pools, and even the growing influence of institutional actors—can put the desired immutability into question. Here, the key takeaway is that alignment of objectives ultimately determines whether a system is centralized or decentralized: if participants’ incentives prioritize efficiency, control, or regulatory compliance over the equitable distribution of power, the system inevitably tends toward effective centralization, regardless of its theoretical design. \This is why blockchain project code is continuously subjected to reviews from multiple perspectives, explaining the frequency of updates. ==Bitcoin, Ethereum, and other networks are not immune to failures or risks: history and the numbers speak for themselves.==The Case of GHash.io in BitcoinOn January 8, 2014, when Bitcoin had just turned five years old, users on r/Bitcoin and other forums began urging miners to leave GHash.io. This community pressure, which intensified around January 9, led CEX.io/GHash to announce measures such as stopping the acceptance of new mining equipment and prompted coverage by technical media.\Almost simultaneously, developers and prominent ecosystem actors reacted publicly, and outlets like Wired and CoinDesk amplified the alert, helping the response spread quickly.\Despite the warnings, ==GHash.io briefly surpassed 51% of Bitcoin’s hashrate between June and July 2014==. The episode, which according to various measurements lasted only a few hours, generated alarm in the community and mass calls for miners to leave the pool. \In response, GHash/CEX.IO issued statements promising not to use that power to attack the network and voluntarily committed to limiting its share, proposing a 40% cap. The decision and media coverage are documented in contemporary articles (e.g., CoinDesk, The Guardian).\In its statement, CEX.IO reaffirmed its commitment to the Bitcoin ecosystem: “Our investment, participation, and highly motivated staff confirm that our intention is to help protect and expand Bitcoin adoption and, categorically, under no circumstances to harm or damage it. We have never participated—and will never participate—in any 51% attack or double-spend against Bitcoin.” Source: CoinDesk\However, the company also noted that it opposed temporary solutions to reduce the threat of a 51% attack, warning that such measures did not eliminate the underlying problem but merely postponed it for a few weeks or months, until another pool—or even GHash.io again—reached a similar percentage.\Previously, in 2013, it was detected that the GHash.io pool had been involved in attempts at double-spending unconfirmed (0-conf) transactions against BetCoin Dice, a gambling site that did not require transaction confirmations. Bets were submitted with low or zero-fee transactions and were confirmed or replaced depending on the outcome of the bet, allowing whoever controlled confirmation to keep the winnings. \Although GHash claimed to have identified and dismissed a responsible employee, it did not provide conclusive public evidence; the episode left a permanent shadow over the pool, which later manifested in its increased share of the network’s hashrate the following year.\The attack mechanism was simple: by holding considerable mining power, GHash.io could find the next block and prioritize the second transaction (the one returning money to the attacker), including it in the block that solved the network and invalidating the original transaction sent to the casino. In this way, losing bets could be reversed, while winning bets remained intact.\Although it could not be conclusively proven that GHash.io management directly orchestrated the attacks, circumstantial evidence and blockchain analysis showed that the pool had mined blocks containing these “double-spend” transactions, raising serious suspicions about its possible complicity or, at least, the lack of internal controls to prevent this type of activity.\It is important to note that the introduction of RBF (Replace-by-Fee) came later. The formal proposal, known as BIP 125 (Opt-in RBF), was implemented in Bitcoin Core version 0.12.0, released in early 2016. This functionality allows a transaction sender to mark it as replaceable, explicitly enabling the creation of a new version with a higher fee before it is confirmed. This provides a transparent mechanism to accelerate stuck transactions, unlike the opaque and controversial method used in the 2013 attacks.\While double-spending was not a confirmed block-level problem (since transactions were never fully validated), it was common for certain partial verifications to be considered sufficient to deem them “good.” And when we consider that, the following year, this same pool would reach 51% of Bitcoin’s hashrate, the question inevitably arises: ==what would make us trust that it could not repeat something similar, this time with enough power for it to be recorded and affect the entire network?==\This historical precedent from 2013 makes the 2014 episode even more concerning, generating the mentioned alarm in the community and putting trust in the public promises of the actors to the test.Regulatory Pressure: Censorship in EthereumWhen the OFAC (Office of Foreign Assets Control, U.S.) sanctioned Tornado Cash in August 2022—a privacy-focused on-chain mixer for Ethereum accused of facilitating money laundering—a precedent was set: the law not only targeted a service, but also created a legal incentive for intermediaries such as relays, builders, and validators to exclude certain transactions from blocks. This occurred just as Ethereum adopted a new block-building architecture that routed transaction flow through centralized markets and relays, increasing dependence on a few actors. (Source)\This legal shift coincided with a technical modification in Ethereum, specifically the adoption of Proposer-Builder Separation (PBS), a scheme that separates the builder—responsible for assembling and ordering transactions—from the proposer or validator who signs and publishes the block, along with MEV-Boost, which allows validators to “outsource” block construction to a builder marketplace. \In practice, this increased dependence on a few actors (relays and builders) who concentrated transaction flow and could filter transactions before the block reached the validator.\ Maximum Extractable Value (MEV) is the process of extracting value from a blockchain network by adding, removing, or reordering the transactions included in a block. MEV profits are often obtained at the expense of the average user. Flashbots, an MEV research organization, created MEV-Boost to mitigate block producers’ ability to harm users. Source: What is MEV Boost?\What happened? Just one month after the Merge—the September 2022 upgrade that replaced Ethereum’s consensus mechanism from Proof of Work to Proof of Stake—it was reported that 51% of blocks were still following OFAC-compliant criteria, and later measurements showed even higher peaks of censorship. Some metrics even indicated that over 70% of blocks passed through builders’ filtering sanctioned addresses. \Academic and journalistic investigations have quantified this situation: 46% in one academic study for a specific period; daily peaks of 60–79% in other sources. Most importantly, the evidence shows that de facto censorship reached significant levels at various times. (Source)This mediation of transaction inclusion is not just a technical problem: it shapes incentives. Maximum Extractable Value (MEV) rewards those who best organize transactions within a block, and the builder/relay market captures a large portion of that value. Flashbots and MEV-Boost were created as attempts to “order” that market and reduce negative externalities, but they also institutionalized the existence of intermediaries with real power over inclusion.\However, this is not an Ethereum-exclusive phenomenon. In Bitcoin, there have been episodes where pools filtered transactions associated with OFAC lists (the case of F2Pool in 2023 was a notable example, followed by a public “retraction” after community reaction). This confirms that regulatory pressure can reach the operational level of those building and propagating blocks, ==regardless of whether the blockchain uses Proof of Work or Proof of Stake as its consensus mechanism==. (Source)\This difference in consensus mechanisms becomes less relevant when analyzing power concentration: in PoS, economic concentration in staking creates similar vectors of influence. Lido, the main liquid staking service, came to control a significant portion of staked ETH (around 30% at various points in 2023/2024), raising concerns that a single staking provider could exert disproportionate influence over the network. In 2025, its share decreased due to market competition and diversification: by mid-August 2025, Lido held around 24.4% of Ethereum staking (down from highs near 32% at the end of 2023), a decline that partially eased fears but does not eliminate the need for vigilance. (Source)\The same dynamic applies today in Bitcoin, though under a different structure: mining pools now concentrate a significant portion of hash power. ==Foundry USA exceeds 26%, and AntPool around 18%; together, they control over 45% of global hashrate, while the top three pools (Foundry, AntPool, and ViaBTC) accumulate more than 55%==. \In other words, even the longest-standing and most robust blockchain depends, in practice, on these few actors not coordinating against the network’s interests.\ConclusionImmutability is like Schrödinger’s cat: only by observing it do we know its state. The Monero case illustrates how designing incentives that provide greater benefits to certain actors can favor an effective concentration of power. We cannot reduce blockchain vulnerabilities to a single vector—whether a 51% attack, Sybil attack, or another—because threats also arise from external and human factors. \From regulatory pressure (such as OFAC’s actions) to extreme concentration in pools or the influence of institutional actors, any third party capable of filtering or controlling transaction inclusion can, de facto, weaken a network’s operational immutability—not because the code stops validating, but because those validators (miners, nodes, relays, or even authorities) prevent valid transactions from being included.\The multiplicity of factors leads us to consider incentives that properly align participants’ interests. To preserve network resilience, we need to combine technical auditing, effective diversity of participation, governance mechanisms, and operational transparency. Only then can we reduce the likelihood that concentrated profits or external pressures turn a blockchain, in practice, into a mutable system.