Vitalik Buterin: Proof-of-Stake Is More Secure and Resilient Than Proof-of-Work

TLDR:

• Proof-of-Stake requires acquiring over $80 billion in ETH to mount a successful attack on the Ethereum network.
  
• Ethereum’s slashing mechanism automatically burns the coins of validators who sign two conflicting messages.
  
• If one-third of validators censor the chain, a community-coordinated soft fork can restore honest operations.
  
• Proof-of-stake security scales with network value, making Ethereum harder to attack as ETH’s price rises.

Proof-of-stake has become one of the most discussed topics in blockchain security. Ethereum co-founder Vitalik Buterin recently outlined why it offers stronger protection than proof-of-work.

His explanation covered attack costs, the slashing mechanism, and network recovery options. Currently, more than 37 million ETH are staked on Ethereum, with another 3 million waiting in the validator queue. Some estimates suggest the cost to attack Ethereum now exceeds even the cost of attacking Bitcoin.

Why Attacking a Proof-of-Stake System Is Economically Prohibitive

Buterin made clear that an attacker must acquire a stake comparable to the rest of the network. To threaten Ethereum today, that means sourcing well over $80 billion worth of ETH. This kind of capital requirement creates an enormous barrier that is difficult to overcome in practice.

Buterin explained the concept directly, stating: “I think proof of stake is very secure because to attack the system, you need to have basically as much stake as the rest of the network. Right now, for example, we have 5 million ETH staking, which means you have to come up with 5 million ETH and then join the network.” That figure has since grown past 37 million ETH, raising the threshold considerably higher.

Beyond the initial cost of acquiring stake, an attacker also risks losing those same funds after the attack. This is a penalty that does not exist in proof-of-work, where mining equipment can simply be redirected after an attack. The dual risk of high cost and asset loss makes a proof-of-stake attack far less appealing.

Buterin also addressed this from a broader security perspective, saying: “The security needs of a thing have to be proportional to the size of that thing, because as a thing gets bigger, its enemies become bigger and more well-motivated.”

Security in a proof-of-stake system therefore scales naturally with the overall value of the network, making it increasingly harder to compromise over time.

Slashing and Community Coordination Provide Layered Defenses

Slashing is a built-in feature that guards against attempts to revert finalized Ethereum blocks. To carry out such an attack, validators would need to sign two conflicting messages on the network. Once those messages are detected, the protocol burns the ETH of every validator involved.

Buterin described the mechanism in clear terms: “In order to revert a finalized block, you basically have to have a big portion of your validators sign two conflicting messages. Once these messages are on the network, you can go and prove ‘these people did it.’ So we have this feature in the protocol where you basically take all these people who provably misbehaved and you burn their coins.” This process runs automatically, without any human involvement.

Ethereum also has a contingency for censorship attacks, where a third of validators stop attesting. In that scenario, Buterin outlined the community response: “Everyone who got censored would create a minority chain, and the community would have to do a soft fork. They would have to say, ‘this chain is clearly attacking us and this one is not attacking us, so we’re going to join this chain.’”

Following that fork, the attacking validators would also face heavy losses to their staked ETH.

Buterin further noted what sets proof-of-stake apart from proof-of-work in this regard: “The difference between proof-of-stake and proof-of-work is that in a proof-of-stake system, you can identify specific participants — and this isn’t a human going in and saying ‘I don’t like you’. It’s all automated.” This level of precision makes proof-of-stake a considerably more resilient consensus model overall.