← Back to Media
Blockchain & Web3

Three Mining Pools Control Bitcoin

Over 50% of Bitcoin's hash power sits with just three pools. The Nakamoto Coefficient reveals how decentralized Bitcoin actually isn't.

Hyle Editorial·

Bitcoin's blockchain is theoretically controlled by no one. In practice, three mining pools in China and the United States could collude to rewrite transaction history — right now, today. As of late 2024, AntPool, Foundry USA, and ViaBTC collectively control approximately 54% of Bitcoin's total hash rate. This isn't a theoretical vulnerability debated in academic papers. It's the current operational reality of a network designed to eliminate trusted intermediaries.

The numbers are stark. Bitcoin boasts over 18,000 reachable nodes and millions of holders worldwide, yet the actual production of blocks — the fundamental act that secures the ledger — has concentrated into fewer hands than most participants realize. A single entity, Bitdeer Technologies, has ownership ties to two of the top three pools. The geographic concentration is equally troubling: despite China's 2021 mining ban, significant hash power still flows through operations with Chinese ownership and infrastructure.

Here's the question that should keep every Bitcoin holder awake: if just three executives in three boardrooms agreed to coordinate, could they execute a 51% attack? And perhaps more importantly — would anyone even notice before it was too late?

Measuring Decentralization: The Nakamoto Coefficient

The cryptocurrency industry loves to champion decentralization as an immutable property of blockchain networks. But how do you actually measure it? Enter the Nakamoto Coefficient, a metric proposed by Balaji Srinivasan in 2017 that quantifies the minimum number of independent entities required to compromise a blockchain network.

How the Coefficient Works

The metric examines several dimensions of decentralization: mining pools (for Proof of Work), validators (for Proof of Stake), nodes, clients, developers, and ownership distribution. For each dimension, it calculates how many entities would need to collude to control 51% of the network's resources.

For Bitcoin's mining dimension, the current Nakamoto Coefficient sits at approximately 3.

[!INSIGHT] A Nakamoto Coefficient of 3 means that just three mining pool operators could theoretically coordinate to execute a 51% attack, enabling double-spending, transaction censorship, or chain reorganizations.

This isn't merely academic. Ethereum, before its transition to Proof of Stake, maintained a Nakamoto Coefficient between 3-4 for mining. Post-merge, Ethereum's validator-based coefficient improved significantly to roughly 7-8. Bitcoin's coefficient has remained stubbornly low for years.

Why Concentration Happened

The economics of mining inexorably drive toward centralization. Specialized hardware (ASICs), access to cheap electricity, economies of scale, and pool hopping dynamics all favor larger operations. Individual miners join pools because variance in block rewards makes solo mining financially untenable for all but the largest operators.

*"The tragedy of mining is that the system's security depends on altruistic decentralization, but individual economic incentives push toward concentration.
Hasu, Cryptocurrency Researcher

Consider the capital requirements. A modern Bitcoin mining facility requires millions in ASIC hardware, industrial-scale cooling, and preferential electricity rates. The era of mining Bitcoin on a laptop in a dorm room ended around 2013. Today's miners are corporations with boardrooms, shareholders, and regulatory filing requirements.

The Geography of Hash Power

The distribution of mining power tells an even more concerning story than pool concentration. While the narrative suggests Bitcoin mining has dispersed globally after China's 2021 crackdown, the reality is more nuanced.

Current Hash Rate Distribution

As of 2024, the United States hosts approximately 35-40% of Bitcoin's hash rate, with Kazakhstan, Russia, and Canada trailing significantly. However, pool ownership doesn't neatly map to mining facility location. AntPool, headquartered in Beijing, operates globally but maintains significant Chinese operational ties. Foundry USA, while American, is a subsidiary of Digital Currency Group — a conglomerate with extensive crypto industry entanglements.

[!NOTE] Pool operators don't own the mining hardware — they coordinate hash power from individual miners who point their ASICs to the pool's stratum server. However, pools control transaction selection, block template construction, and payout distribution, making them powerful gatekeepers regardless of hardware ownership.

The China question remains thorny. Despite official bans, underground mining operations persist, and Chinese nationals maintain ownership stakes in major pools through complex corporate structures. The Communist Party's 2021 crackdown reduced visible mining but couldn't eliminate the infrastructure, technical expertise, and capital that had accumulated over a decade.

What Could Actually Go Wrong?

Skeptics argue that a 51% attack remains economically irrational. Destroying Bitcoin's value would harm attackers holding BTC. This argument deserves examination.

The Rationality Assumption

The "attackers would hurt themselves" argument assumes: (1) attackers hold significant BTC, (2) they care about BTC's long-term value, and (3) they're profit-motivated rather than ideologically or state-sponsored actors. Each assumption has vulnerabilities.

A state actor facing sanctions evasion through Bitcoin might calculate that destroying confidence in cryptocurrency serves strategic interests. A competing blockchain project might benefit from Bitcoin's reputational damage. An activist group might attack for ideological reasons unrelated to profit.

*"The security model assumes rational economic actors. But nation-states don't always optimize for profit, and neither do ideologues.
Ari Paul, CIO of BlockTower Capital

Attack Vectors

A 51% attack enables several scenarios, not all equally catastrophic:

  1. Chain Reorganization: Rewriting recent transaction history to enable double-spending. This is the classic attack scenario and would severely damage trust.

  2. Transaction Censorship: Selectively excluding certain addresses or transaction types. This could be used for sanctions compliance or targeted harassment.

  3. Denial of Service: Mining empty blocks or artificially slowing transaction confirmation.

[!INSIGHT] The most insidious attack might not be dramatic reorganization but subtle, gradual censorship
excluding certain transactions while maintaining normal operations elsewhere. This "soft capture" could persist undetected for extended periods.

The Path Forward

Bitcoin's decentralization problem has no easy solutions. Protocol-level changes to reduce pool centralization face significant hurdles: any hard fork proposal triggers contentious debate, and miners themselves would resist changes diminishing their influence.

Proposed Solutions

Several technical approaches offer partial remedies:

  1. Stratum v2: This updated mining protocol allows individual miners to select transactions rather than delegating entirely to pool operators. It's gaining adoption but remains far from universal.

  2. Alternative Pool Structures: P2Pool and similar decentralized mining pools distribute block construction authority among participants, but adoption remains minimal due to complexity and payout inefficiencies.

  3. Geographic Distribution Incentives: Some proposals suggest protocol-level incentives for mining in specific jurisdictions, though these face implementation challenges.

The market may also self-correct. If concentration reaches dangerous levels, rational miners might independently migrate to smaller pools to protect their own investments. This happened briefly in 2014 when GHash.io approached 51%, prompting voluntary miner exodus.

Conclusion

Bitcoin's promise was trustlessness — a network where no single entity could seize control. The reality in 2024 is a system where three pools could theoretically collude to compromise the ledger, where one country hosts nearly 40% of hash power, and where the Nakamoto Coefficient sits at an uncomfortable 3.

This doesn't mean Bitcoin has failed. The network has operated securely for over 15 years, and economic incentives do provide meaningful protection. But participants should hold realistic expectations. Bitcoin is not "decentralized" in some absolute sense — it's sufficiently decentralized for current purposes, with concentration levels that demand ongoing vigilance.

Key Takeaway: Bitcoin's security depends not on mathematical guarantees but on game theory and economic incentives. The Nakamoto Coefficient of 3 represents a manageable risk, not a catastrophic failure — but it's a risk that requires monitoring, transparency, and potentially, future protocol innovations to address.

Sources: Blockchain.com pool distribution data, Cambridge Bitcoin Electricity Consumption Index, Balaji Srinivasan's Nakamoto Coefficient framework, Coin Metrics research reports, Digital Currency Group financial disclosures.

This is a Premium Article

Hylē Media members get unlimited access to all premium content. Sign up free — no credit card required.

Sign up for freeGet Founding Access

Related Articles

Bitcoin Was Supposed to Kill Banks. It Invented New Ones.

Satoshi built Bitcoin to eliminate intermediaries. Instead, we got Coinbase, Binance, and FTX. Here's why decentralization keeps re-creating the problem.

The One Blockchain Use Case That Actually Works

Forget crypto speculation. The real blockchain revolution is tracking lettuce at Walmart—and it proves immutability, not decentralization, creates value.

The DAO That Was Too Democratic to Function

Blockchain governance promised democracy. Instead, 1% of token holders control 90% of votes. The paradox of decentralized organizations, explained.