A demonstration of the magic of the free market. With no central actor, Bitcoin miners allocate hashrate as the market continually evaluates their relative merits.
Profit-seeking miners naturally split their mining between BTC and BCH until the coins reach equal profitability. What this means is, the ratio of BTC:BCH mining hashrate floats at roughly the the same as the BTC:BCH price ratio. If BTC:BCH is 1:100 in market price, then BTC will have roughly 100x as much hashrate and BCH will have roughly 1% of the hash rate of BTC.
This raises questions about whether or not BCH could be "51% attacked", and thus be an insecure coin.
Low hash rate on BCH is not ideal, and it would unquestionably be better if it could take more hash rate from BTC. Despite the many reasons to prefer BCH, hash rate is one of the few reasons to prefer BTC or another coin currently. Importantly however, there's no "shot clock" or deadline for BCH to regain majority hashrate. Nor is there any limiting factor on upward speed of return.
The BCH community has a very clear, sustainable plan to improve the hash rate: spread adoption, grow the coin's utility, which will (eventually) increase the price and attract mining hash rate by default. This is not a quick fix, but it is a permanent one.
In practice, while that is in progress, low hash rate isn't a huge issue. There is no guarantee that miners won't 51% attack BCH, but there are two VERY significant factors that make it highly, highly unlikely:
- History: BCH has been a minority hash rate for a very, very long time. It hasn't suffered any successful attacks in that time. It has been attempted at times, including during the fork with BSV, and every time it does more miners come from BTC to protect it. This has been seen on a couple of occassions, so it seems the miners overall want to keep BCH alive, which makes sense because they need it as a backup for when BTC scaling stops working.
- Incentives: Bitcoin miners have no reason to attack BCH, since their profits come from SHA256 coins (ie all Bitcoin forks), not BTC specifically. Imagine if you owned a gold mine and a silver mine, would you send your metal miners away from your gold mine to attack your own silver mine? Makes no sense, not only are you losing the income of your silver mine, but also the time wasted by the gold miners, suffering damage on your silver mines and creating loss of investor/internal confidence in your own mining operation plus a loss of confidence in the broader silver market.
It is important to note that BCH has a difficulty algorithm that adjusts every block (so roughly every 10 minutes). BTC is much slower, and only adjusts every 2016 blocks or roughly every two weeks. Therefore BCH is far more resilient in the face of significant changes in hash rate.
Furthermore, to protect against any sudden mining attacks, BCH has a 10-block rolling checkpoint system. This finalizes coins that are (on average) 100 minutes (a little less than two hours) old, as nodes will ignore a wildly different chain that appears from nowhere as an attack. As mentioned before, the need for this is not ideal, but it's a measure in place to mitigate risk in the short term while growing adoption and price and hash rate can occur to fix it in the long term.
Also note that the hash rate = price equation cuts both ways. While BCH has a low price (relative to BTC), it recieves a low hash rate. However, a rising price will organically (and inevitably) bring increased hash rate to BCH. At the same time, it sucks hash rate away from BTC. Increasing price and increasing coin security can compound on each other in a virtuous cycle, which could potentially create a scenario where BCH rapidly climbs past BTC (which would have falling hash rate, potentially triggering a fall in price, repeat).
Cost to Attack
For numbers on what cost to attack is realistically, see this 51% attack estimator. As of January 2024 (BCH price roughly $230, BTC price roughly $44 000) the listed cost to attack BCH is around $8 000 / hour.
This number sounds relatively low (despite being difficult for the vast majority of individuals or even corporate interests to stomach), but is fairly substantial. Consider the following factors:
- Low NiceHash availability: A popular mining rental service, NiceHash, is only offering around 3% of the BCH hashrate (as of Jan 2024). Acquiring further hashrate will be inordinantely more difficult as it requires negotiating with other mining companies or sourcing external hardware somewhere else with market price rising sharply for each additional percentage of hash - even before the premium miners would demand to sabotage their own operation by attacking BCH (as explained above) if they were even willing at all. 3% is only a fraction of the amount needed for an attack, over 17x more hash is required for a true "51%" attack.
- Defence equivalent: If an attacker chooses to spend $8 000 / hour to attack BCH (assuming they can get a significant hashrate share at that price, which is unlikely), then a defence can be mounted at the identical cost. An attacker not only has to fund this attack continually, they have to outbid the resources of the combined Bitcoin Cash community (not only miners, but also native business interests & holders). This will get expensive quickly, with a central party at a severe economic disadvantage against the collective interests of the BCH ecosystem who can crowdfund a defence by distributing costs as necessary.
- Opportunity cost: Anyone interested in this kind of attack is burning a ton of time & capital they could easily have allocated anywhere else for easier returns (whether in the BCH/BTC ecosystem or otherwise). Even in the case of a determined nation state attacker, the political blowback will be immense the second it is discovered that the current regime (democratic or not) is expending national resources in a fruitless attempt to battle one of more than 20 000 cryptocurrencies.
- Instant recovery time: The second the attacker runs out of money or gives up, the BCH ecosystem is once again running perfectly. An attack has to be sustained through adversity long enough for the entire community to give up completely. Given Bitcoin's existing 15 years of dedicated persistence through anything & everything the world has to throw at it, it's hard to fathom this outcome where everyone would just pack up and say "I guess it's over".
Propaganda is only visible to eagle-eyed critical thinkers or those with the requisite background knowledge.
Criticising the low BCH hashrate, while partially valid, is often overblown or misunderstood in a classic case of extreme propaganda. One thing often mentioned in this "analysis" is howmanyconfs.com, a site which purports to demonstrate how relatively quickly BTC transactions are secure in comparison to BCH or other coins. The most important part of the site is not actually listed on the site at all, which is the extensive clarifying note that adds a lot of caveats & explanations to the calculations displayed. This critically relevant information is only available from the tiny asterisk * next to "equivalent" in the title, which is an obvious demonstration of the way true information presented without relevant or visible context can deliberately create a totally false imputation.
As the clarifying notes themselves make clear, the displayed numbers only measure work, NOT security (although they are presented to make the naive viewer believe it's the same thing).
Although a little more nuanced, even the argument is presented here to make it appear as though minority hashrate chains such as BCH are easier to attack than majority chains on a smaller algorithm, although that ignores discussion of both the demonstrated history & theoretical incentives for all SHA256 miners to protect BCH (excess active hashrate is simultaneously a threat & defence, not just a threat). Significantly smaller algorithms may be easier to rapidly manufacture majority hardware in undetected secrecy for instance.
The reality is that the BCH economy operates 24/7/365 at instant speed completely uninterrupted despite its minority hashrate.
After the BTC/BCH fork, some investors accidentally sent BCH to BTC SegWit addresses. These coins got stuck because BCH does not have SegWit. BCH had a specific upgrade so that miners could return those coins to their owners. One miner decided to try and steal these coins as SegWit allows them to be "spent by everyone". BTC.com and BTC.top came together and saved those coins and returned them to their owners. This was a chain reorganisation, similar to the ones that happen on BTC. This incident is sometimes mislabelled as a "51% attack" to attempt to smear the security of the BCH chain.
For more analysis of BCH security, see this article by Jessquit.
For further discussion of miner profit switching, see here.