Monero coin suffers a 51% Computing Power attack: Who is the mysterious attacker Qubic?

Author | Aki Wu said Blockchain

This article does not constitute any investment advice. Readers are advised to strictly comply with the laws and regulations of their location and not to engage in illegal financial activities.

In mid-August, the Monero (XMR) network faced a 51% hash power attack led by Sergey Ivancheglo, the former co-founder of IOTA, on the Qubic project. Qubic controlled over 50% of Monero’s total hash power, meaning it had the ability to reorganize blocks, censor transactions, and potentially implement double spending. This incident triggered widespread attention and discussion in the crypto industry, particularly regarding whether the network security of Monero, as a privacy coin, would be threatened. In response, the cryptocurrency exchange Kraken announced that it had suspended Monero deposits as a security precaution, with plans to resume deposit functionality after confirming network security. This week, according to Cointelegraph, the Qubic community voted to decide that their next attack target would be Dogecoin (DOGE), which has a market capitalization of over $35 billion.

1. Qubic project and Monero: useful proof of work and RandomX

Monero, as a leading privacy cryptocurrency, has always been known for its unique technical characteristics. In terms of consensus mechanism, Monero has adopted the RandomX proof-of-work algorithm since the end of 2019. RandomX, which has undergone multiple community upgrades, is a PoW algorithm specifically designed to optimize for CPUs, aimed at maximizing resistance to ASIC mining monopoly, thereby encouraging ordinary processors to participate in mining and maintaining the decentralization of the network. Besides the consensus mechanism, privacy is another cornerstone of Monero. Since its launch in 2014, Monero has achieved comprehensive concealment of transaction senders, receivers, and amounts through technologies such as ring signatures, stealth addresses, and RingCT. Each transaction obscures the real inputs, making it nearly impossible for blockchain analysis to trace the flow of funds. This makes Monero one of the most influential projects among so-called “anonymous coins.”

The Qubic project, as a core participant in this event, was founded and led by former IOTA co-founder Sergey Ivancheglo (@Come-from-Beyond). Qubic itself is a Layer-1 Blockchain, originally intended to build a decentralized artificial intelligence model hosting platform. Its consensus design emphasizes the concept of “Useful Proof-of-Work” (uPoW), which, unlike traditional PoW that solely performs hash calculations, aims to utilize mining computational power for tasks of actual value, such as AI model training, thereby avoiding wasteful electricity consumption on simple hash collisions. The Qubic chain employs an innovative Quorum consensus mechanism, claiming to operate in node memory with a transaction processing capacity of up to 15 million transactions per second.

Qubic proposes a radical “Mining as Token Value” scheme: its miners do not directly mine block rewards on the Qubic chain, but are guided to mine on external PoW networks like Monero, and then convert the rewards into utility tokens for the Qubic ecosystem. The specific operation mechanism is as follows: Qubic miners use CPU computing power to join the Monero network for mining and obtain XMR block rewards; then, through smart contracts or platform services, they automatically convert the XMR earnings into equivalent stablecoins USDT, and use these funds to repurchase Qubic tokens (QUBIC) on the market and burn them. This process essentially transforms external mining profits into continuous repurchase pressure for QUBIC tokens, creating token deflation and enhancing the scarcity of QUBIC. Meanwhile, the Qubic community has optimized the incentive mechanism through governance voting — initially, 100% of the mining profits were used for repurchase and burning, but it was later decided to change to 50% of the profits for repurchase and burning, while the other 50% is directly distributed as additional bonuses to Qubic validators/miners to enhance their immediate earnings. This adjustment further increased the yield for miners mining through Qubic, greatly enhancing the appeal to Monero miners.

Through the above “Useful Proof of Work + Token Burn” model, Qubic has created a unique mining economic closed loop: the Monero network becomes the computing power output location for Qubic mining pool’s “Useful Work”, with XMR rewards continuously converting into buying pressure and burn power for QUBIC; conversely, the rising value of QUBIC tokens allows miners participating in this mechanism to obtain returns far exceeding direct mining of XMR. According to statistics, at its peak, the profit margin for mining Monero through Qubic channels reached nearly 3 times that of standalone mining. This high yield has lured a large number of Monero miners to “switch sides” and join the Qubic mining pool.

2. Detailed Explanation of the Attack Process: Hashrate Manipulation, Block Reorganization, and Transaction Impact

The 51% hash power attack on the Monero network by Qubic was not achieved overnight, but rather after months of buildup and multi-stage games. According to Coindesk, the Qubic mining pool was still an almost unknown small mining pool in May 2023, with a hash rate share of less than 2%. However, starting in late June, as Qubic launched the Monero mining incentive program (i.e., the aforementioned uPoW mechanism), its hash rate share began to soar.

By the end of July, the Qubic mining pool had once risen to over 25% of the total network hashrate, even ranking first in the Monero network hashrate leaderboard for several days. This unusual growth raised alarms in the Monero community. From late July onwards, discussions questioning Qubic’s intentions continuously emerged on community forums and social media, with the first phase of open and covert conflicts taking place between the end of July and the beginning of August. At that time, the Monero community characterized Qubic’s actions as an “economic attack” and called on miners and enthusiasts to take countermeasures. It was reported that by the end of July, the hashrate of the Qubic mining pool suddenly dropped significantly from first place to seventh place in the network, due to various counteractions initiated by the community: including miners actively switching to other pools / switching to the decentralized P2Pool, and a DDoS attack launched against Qubic’s infrastructure. During this DDoS offense and defense that lasted about 6 hours, the hashrate of the Qubic mining pool plummeted from about 2.6 GH/s to only 0.8 GH/s.

The second phase reached its climax on August 11. Qubic later announced that they launched their final “selfish mining” strategy on this day, achieving 51% control of the Monero network’s hash power. Selfish mining refers to the practice where a mining pool, having a power advantage, temporarily conceals the mined blocks, allowing competing miners to continue mining on the old chain. When Qubic accumulated a certain number of hidden blocks, they suddenly released their own long chain, causing many existing blocks to become collectively isolated as orphaned blocks. According to Qubic’s official revelation, they secretly mined multiple times around August 11 and successfully initiated a deep block reorganization. At one point, there was a reorganization of 6 blocks deep on the Monero chain, resulting in approximately 60 blocks being abandoned as orphaned blocks. This unprecedented depth of reorganization in Monero’s history indicates that attackers can overturn several recent block records based on their hash power advantage. From community monitoring data, during a window period (from block height 3475729 to 3475850, totaling 122 blocks), the Qubic mining pool exclusively mined 63 of those blocks, exceeding 51% of the total, which means Qubic could alter the on-chain history, initiate double-spending attacks, and censor any transactions. In response, Ivancheglo had previously warned that from a certain point onwards, Monero users should expect an increase in orphaned blocks and should wait for at least 13 confirmations before considering transactions stable.

3. Community Self-Rescue and Industry Disputes

After the incident, the Monero community and practitioners in the cryptocurrency industry expressed their views on this matter:

The Monero community, from developers to ordinary miners, has shown a strong sense of crisis and resistance. Many Monero supporters on social media have accused Qubic of “overstepping” the spirit of decentralization. Some have even made radical threatening comments in forums. Although this is an extreme case, it reflects the community’s anger and distrust towards this “experiment.” The core developers and technicians of Monero quickly began discussions to assess the impact on the network. According to Cointelegraph, Luke Parker, the head developer of SeraiDEX exchange, stated that a single six-block reorganization does not mean the attack was completely successful — it may just be that the attacker was “luckily fortunate” to win several blocks in a row. He believes that to determine whether a 51% attack has truly occurred, it is necessary to observe whether there are unlimited deep reorganizations and whether other miners are completely suppressed over a longer period. In other words, whether Qubic can maintain an absolute hash power advantage in the long term remains to be seen, with estimates suggesting that the cost of sustaining this attack could reach up to 75 million dollars per day.

Qubic insists that this action is a “strategic experiment” intended to help the Monero community rehearse potential malicious attack scenarios that may arise in the future. Qubic claims it has no intention of harming Monero, but rather aims to reveal the impact of economic incentives on consensus security through game-theoretic means. However, most observers do not buy into this explanation. Dan Dadybayo, a researcher from Unstoppable Wallet, stated: “Intent does not matter; centralization itself is a risk.” He pointed out that even if Qubic claims goodwill, a centralized mining pool controlling hash power inherently weakens the network’s ability to resist censorship and attacks. Some in the community suspect that Qubic’s actions are more about profiting or gaining fame for itself. They noted that the price of QUBIC tokens rose against the trend during the incident, suspecting that Ivancheglo is using the Monero network as a “test subject” to prove the effectiveness of his project model, thereby boosting Qubic’s market recognition. This viewpoint believes that Qubic’s so-called “stress testing” for Monero is merely a pretext, and its essence is still a self-serving hash power hijacking.

According to Bitcoinist, after Qubic fully occupies the Monero hash power, about 432 XMR mined daily (worth approximately $118,000 at the time) will have half of the funds, around $59,000, used to purchase QUBIC and destroy it, amounting to about $1.656 million burned monthly. Such a strong influx of funds undoubtedly boosted the price of the QUBIC token. In fact, the market once regarded Monero and Qubic as a “seesaw” where the two assets alternately rose and fell: as Monero was sold off and dropped, QUBIC was sought after by speculators due to the proven “success” of its model. This also confirms the community’s skepticism about Qubic’s motivations—regardless of its original intentions, this behavior objectively brought exposure and value enhancement to the QUBIC token.

Over the weekend following the incident, a large number of originally scattered CPU miners responded to the call to join the decentralized mining pool P2Pool or other small mining pools to dilute Qubic’s hash rate share. According to Coinspeaker, the overall hash rate distribution of Monero improved significantly in mid-August, with increased participation in P2Pool and a decline in Qubic mining pool’s hash rate share to a safe level. This somewhat undermined Qubic’s offensive: as of August 17, Qubic no longer held a majority of the hash rate, and the Monero network returned to a normal state of multi-party participation, resulting in a rebound in XMR prices. @smartsdegen criticized Kraken’s decision to suspend trading and deposits, suggesting that its overreaction exacerbated the panic, as there had not been any actual theft or attack on the network. Although Kraken’s actions may have objectively amplified market volatility, from a risk control perspective, it is understandable; exchanges do need to responsibly protect user assets and proactively avoid the risk of double spending.

4. The Double-Edged Sword of Regulation and Economic Incentives

As the leading privacy coin, Monero has been under the close scrutiny of regulatory agencies. The occurrence of this 51% attack has further sparked discussions about regulatory risks. Monero claims to be resistant to ASICs, yet a small team was able to achieve control over its hashrate through economic means, which undoubtedly confirms the vulnerability of medium-sized PoW networks. Regulatory agencies may question the security guarantees for investors in these anonymous coins and even impose further restrictions on the trading of such high-risk assets under the guise of “investor protection.” The attack on Monero is essentially an infiltration of the anonymous coin network by an anonymous group, and this incident may strengthen regulators’ distrust of privacy coins, leading them to believe that these networks are more susceptible to manipulation by unknown forces. Particularly, if regulatory authorities characterize Qubic’s actions as malicious attacks or market manipulation, future legal measures against privacy coins may become more severe, such as banning mining pool centralization or requiring operators to register under their real names.

This event also fully demonstrates that economic incentives are a double-edged sword. In the past, people always believed that a 51% attack required massive financial and equipment investment, which rarely happened in reality. However, Qubic leveraged a clever economic model to mobilize the hash power of a network like Monero, which has a market value of 60 billion dollars, with a relatively small capital (the market value of QUBIC tokens is only about 300 million dollars). This indicates that as long as an attractive incentive mechanism is designed, it could drive a large number of miners to voluntarily cooperate in attack behavior, without the attackers needing to purchase a massive amount of hardware themselves. If someone issues a token and uses part of the funding to reward miners to jointly mine another chain, then control the hash power of that chain, it will lead to “competitive evolution between protocols.” This is fundamentally different from past purely technical attacks and is more deceptive and disruptive. The Qubic event directly implies that other major PoW coins may face similar risks. It has been proven that after Monero was thwarted, Qubic quickly turned its attention to Dogecoin; in late August, the Qubic community voted to decide that the next attack target would be the higher market value Dogecoin.

5. Conclusion

The story of Qubic vs Monero is a microcosm of the continuous evolution of the cryptocurrency industry. It illustrates that the blockchain space is never short of “surprises” and “ambushes,” with each major event propelling the industry towards maturity. For Monero itself, although this turmoil was thrilling, fortunately, the network ultimately weathered the storm without the worst-case scenarios of theft or permanent chain split occurring. The Monero community demonstrated a high degree of cohesion and adaptability, with miners, developers, and users working together to fend off external computational power invasions. After experiencing a significant drop, the XMR price quickly rebounded, indicating that the market still has confidence in Monero’s fundamentals. In the future, we may witness an acceleration in the innovation of consensus mechanisms, the emergence of more robust algorithms to counter economic incentive attacks; a reshaping of the relationship between miners and communities, with governance mechanisms becoming more refined and transparent; and a shift from isolated actions among public chains to more collaboration to jointly fend off cross-chain threats. In this incident, a small community with only a few hundred followers (Qubic) was able to challenge a large network with tens of thousands of users (Monero), which itself highlights the unpredictability and drama of the decentralized world.