Empirical Analysis of Qubic's Selfish Mining Campaign on Monero: Strategy, Evidence, and Economic Impact

Table of Contents

1. Introduction & Overview

In August 2025, the Monero network experienced a significant security event when the Qubic mining pool publicly announced and executed a "selfish mining" campaign, marketing it as a demonstration of a potential 51% takeover. This paper presents a rigorous empirical analysis of that campaign. By combining on-chain data from Monero nodes with API data from the Qubic pool, the authors reconstruct Qubic's mining activity, identify ten distinct intervals consistent with selfish mining strategies, and evaluate the economic and security implications. Contrary to Qubic's promotional narrative, the analysis finds that the campaign was largely unprofitable compared to honest mining, failing to achieve sustained 51% control and highlighting the practical constraints of theoretical attack models.

2. Methodology & Data Collection

The empirical investigation faced significant challenges due to Monero's privacy features, which obscure direct miner/pool attribution in blocks. The study's methodology is a cornerstone of its contribution.

2.1 Data Sources & Reconstruction

The authors operated a Monero pruning node to capture the canonical chain and block timestamps. Simultaneously, they collected real-time mining job notifications from the Qubic pool's public API. By correlating the job difficulty, timestamps, and subsequent blocks found on the chain, they reconstructed a timeline of blocks highly likely to have been mined by Qubic.

2.2 Attribution Heuristics

Without explicit identifiers, block attribution relied on heuristics. A primary method involved timing analysis: when a block was mined very shortly after Qubic's API broadcast a new job of matching difficulty, it was attributed to the pool. This allowed for the estimation of Qubic's effective hashrate and the identification of potential withholding periods indicative of selfish mining.

3. Empirical Findings & Analysis

3.1 Hashrate Share & Attack Intervals

The analysis identified ten specific time intervals where Qubic's behavior deviated from honest mining. During these intervals, Qubic's average hashrate share surged into the 23-34% range, significantly above its baseline. However, the data clearly shows that the pool never achieved the sustained >50% hashrate necessary for a classical 51% attack. The attack was executed in bursts, not as a continuous assault.

3.2 Revenue Analysis vs. Honest Mining

The core economic finding is that Qubic's selfish mining strategy was not profitable. For most of the analyzed periods, the revenue obtained from the selfish mining campaign was lower than the expected revenue had the pool mined honestly. This directly contradicts the potential advantage promised by the classical selfish mining theory under certain conditions.

4. Technical Modeling & Framework

4.1 Classical vs. Modified Selfish Mining Model

The study evaluates Qubic's actions against two models: the classical selfish mining model (Eyal and Sirer, 2014) and a modified Markov-chain model. The authors observed that Qubic did not follow the optimal strategy of the classical model, likely due to real-world concerns like network latency and the risk of being discovered. Instead, they employed a more "conservative release strategy," publishing private blocks earlier than the theoretical optimum to avoid losing them to the public chain.

4.2 Mathematical Formulation

The selfish mining strategy can be modeled as a state machine. Let $\alpha$ be the attacker's hashrate fraction and $\gamma$ be the probability the attacker wins a race when their private chain and the public chain are of equal length. The classical model defines states representing the lead of the attacker's private chain. The expected relative revenue $R$ of the attacker is a function of $\alpha$ and $\gamma$. The modified model in this paper adjusts the state transition probabilities to account for the conservative release policy, which effectively lowers the attacker's potential revenue. The key inequality from the classical model states that selfish mining is profitable when $\alpha > \frac{1-2\gamma}{3-4\gamma}$. For a typical $\gamma \approx 0.5$ (fair network), the threshold is $\alpha > \frac{1}{3}$. Qubic's inferred parameters placed it near or below this threshold during most intervals, especially when factoring in the conservative strategy, explaining the lack of profitability.

5. Results & Interpretation

5.1 Observed vs. Predicted Revenue

The data largely confirmed the prediction of both the classical and modified models: selfish mining was not profitable for Qubic at its observed hashrate levels and strategy. However, the paper notes "noticeable deviations" from the predicted revenue curve. The authors attribute this gap to two main factors: 1) Time-varying hashrate: Qubic's share was not constant but fluctuated, making static model assumptions less accurate. 2) Coarse-grained attack segmentation: The attack was not a smooth, optimal process but was executed in distinct, sub-optimal phases.

5.2 Network Impact & Stability

While economically ineffective for Qubic, the campaign did induce measurable instability on the Monero chain. The increased rate of orphaned blocks (blocks mined but not included in the canonical chain) and the presence of competing chain forks were higher during the attack intervals. This confirms that even an unprofitable selfish mining attempt can degrade network reliability and confirmation confidence.

6. Core Analyst Insight: A Four-Step Deconstruction

Core Insight: Qubic's campaign was less a sophisticated attack and more a costly, noisy proof-of-concept that ultimately validated the resilience of Monero's Nakamoto Consensus under real-world constraints, while exposing the stark gap between clean-room cryptographic theory and the messy reality of live networks.

Logical Flow: The paper brilliantly traces the arc from hype to reality. Qubic marketed a "51% takeover," leveraging the terrifying specter of selfish mining theory. The authors' forensic data work, however, reveals a different story: hashrate never crossed the critical threshold, and the executed strategy was a watered-down, risk-averse version of the optimal attack. The logical conclusion is inescapable—the campaign was a strategic and economic failure, but a valuable empirical data point.

Strengths & Flaws: The study's strength is its methodological rigor in an area plagued by data opacity. Creating a reliable dataset for mining attribution in Monero is a significant contribution, akin to the data-driven breakthroughs in analyzing MEV in Ethereum. The flaw, which the authors acknowledge, is the inherent uncertainty in attribution heuristics. Could some "Qubic" blocks be from other miners? This uncertainty slightly blurs the precision of the revenue calculations. Furthermore, while they adapt the selfish mining model, the analysis could be deepened by incorporating more advanced concepts like "stubborn mining" (Nayak et al., 2016) or the impact of transaction fees, which are relevant in Monero's dynamic block reward environment.

Actionable Insights: For protocol designers, this is a case study in implicit robustness. Monero's RandomX algorithm and network latency, while not designed as anti-selfish-mining features, created a hostile environment for the attack's profitability. Future PoW designs should consider explicit mechanisms, like the "Forward Block-Withholding Accountability" proposed by Gervais et al. in their CCS '16 paper. For mining pools, the lesson is clear: executing a theoretically profitable attack in practice is fraught with hidden costs and risks, making honest cooperation the more stable revenue strategy. For the community, the incident underscores the need for transparent, pool-agnostic monitoring tools—a public good that this paper's released dataset helps to build.

7. Future Directions & Research Outlook

This research opens several avenues for future work. First, developing more robust and generalizable block attribution techniques for privacy coins is crucial for ongoing security monitoring. Second, the field needs more empirical studies of other potential PoW deviations, such as time-bandit attacks or consensus delay exploits, to build a comprehensive understanding of real-world threats. Third, there is a growing need to model and analyze hybrid attacks that combine selfish mining with other vectors, such as transaction censorship or double-spend attempts in a privacy-preserving context. Finally, the lessons from PoW selfish mining should inform the security analysis of emerging Proof-of-Stake and hybrid consensus mechanisms, where analogous "staking" or "validation" withholding attacks could be formulated.

8. References

1. I. Eyal and E. G. Sirer, "Majority is not enough: Bitcoin mining is vulnerable," in Proceedings of the 2014 International Conference on Financial Cryptography and Data Security (FC), 2014.
2. K. Nayak, S. Kumar, A. Miller, and E. Shi, "Stubborn mining: Generalizing selfish mining and combining with an eclipse attack," in Proceedings of the 2016 IEEE European Symposium on Security and Privacy (EuroS&P), 2016.
3. A. Gervais, G. O. Karame, K. Wüst, V. Glykantzis, H. Ritzdorf, and S. Capkun, "On the security and performance of proof of work blockchains," in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2016.
4. Monero Project. "RandomX." [Online]. Available: https://github.com/tevador/RandomX
5. Qubic Pool. "Public API Documentation." (Accessed via the study).
6. J.-Y. Zhu, T. Park, P. Isola, and A. A. Efros, "Unpaired Image-to-Image Translation using Cycle-Consistent Adversarial Networks," in Proceedings of the IEEE International Conference on Computer Vision (ICCV), 2017. (Cited as an example of a seminal paper that established a new empirical benchmark and framework, analogous to the goal of this work in blockchain security).