Qubic’s 51% Push on Monero Raises Alarms Over PoW Vulnarabilities

Monero, the leading privacy-focused cryptocurrency, is facing one of its most significant security threats to date. Qubic, a blockchain project led by IOTA co-founder Sergey Ivancheglo (known online as Come-from-Beyond or CFB), has been aggressively attempting to gain majority control over Monero’s mining network. The campaign has reignited debate over the viability of proof-of-work (PoW) systems and the role of economic incentives in network security.

Qubic’s Rise in Monero’s Mining Landscape

Qubic is built on a novel “Useful Proof-of-Work” (uPoW) system. Unlike traditional PoW mechanisms, uPoW repurposes mining resources to serve its own ecosystem. Since May 2025, Qubic has incentivized CPU miners to mine Monero (XMR), using the proceeds to buy and burn its own QUBIC tokens via stablecoins like USDT.

This model rapidly elevated Qubic’s influence over Monero’s network. Within two months, Qubic’s share of Monero’s global hashrate surged from below 2% to over 40% – a critical level that brought it close to majority control. For a brief period in July, it became the largest Monero mining pool before slipping to seventh place by late July after widespread backlash from the Monero community.

The 51% Ambition: Economic Demo or Coordinated Attack?

Ivancheglo has publicly stated that the goal is to control over 51% of Monero’s network hashrate between August 2 and August 31, 2025. He framed the effort as a stress test, not an attack. According to his posts on X and his June 30 blog post, the plan is meant to demonstrate the strengths of Qubic’s uPoW system and to expose vulnerabilities in existing PoW networks.

However, Ivancheglo’s statements have also raised red flags. He proposed that Qubic would stop reporting its Monero pool hashrate starting August 2, effectively entering “stealth mode” to make external monitoring more difficult. He also floated the idea of rejecting blocks mined by non-Qubic pools, potentially enabling censorship of transactions and centralization of block rewards.

Critics argue that regardless of stated intent, the move represents a serious threat to network stability. A successful 51% attack could allow Qubic to double-spend coins, censor or delay transactions, and orphan blocks from honest miners, all actions that could irreparably harm Monero’s credibility.

Monero Community Mobilizes in Defense

The Monero community acted quickly in response to Qubic’s growing influence. Independent miners and pool operators coordinated a counter-effort to redistribute hashrate across smaller, community-run pools like SupportXMR. This grassroots campaign was effective: by late July, Qubic’s hashrate dropped to between 10% and 15%, significantly reducing the likelihood of a successful 51% attack at least for now.

On forums like Reddit’s r/Monero, users expressed alarm and skepticism. Some accused Qubic of hashrate spoofing or deploying bots to exaggerate its dominance. Others questioned Ivancheglo’s motivations, labeling the campaign a marketing stunt to inflate Qubic’s token price or destabilize Monero. These suspicions gained traction after QUBIC surged 70% in the two weeks leading up to July 30, while Monero’s price fell about 5%, hovering near $320.

Economic Attacks: A New Class of Blockchain Risk

Security experts warn that the real issue may lie beyond Monero or Qubic. Dan Dadybayo, an analyst at Unstoppable Wallet, emphasized that this episode reveals a systemic risk in PoW networks. He pointed out that Monero’s daily security budget is roughly $130,000, yet a well-funded actor could buy majority control for as little as $7,000 to $10,000 per day under the right conditions.

“This isn’t about exploits or bugs,” Dadybayo wrote. “It’s about capital. Qubic has created a game of incentives where miners may voluntarily surrender the network if it pays better.”

He further argued that this scenario should concern all PoW-based cryptocurrencies. “The next ‘attack’ may not look like one at all. It might just be a better economic offer,” he said.

Debating Ethics, Security, and the Future of PoW

While Ivancheglo insists Qubic’s campaign is designed to raise awareness, others see it as an unethical exploitation of network design. Seth from Cake Wallet dismissed the project as a “publicity stunt to boost a meaningless cryptocurrency,” and many in the Monero community have echoed similar sentiments.

The episode has reignited discussion about the ethics of so-called “economic stress tests.” Can a self-proclaimed security audit justify actions that put users and developers on edge? Or are such efforts simply attacks cloaked in rhetoric?

So far, no formal protocol changes have been made. However, Monero’s open-source developer community has begun discussions on potential safeguards to mitigate future hashrate-based threats. Suggestions include algorithm tweaks, dynamic difficulty adjustments, and decentralization incentives for miners.

Where Things Stand Now

As of July 30, Qubic’s hashrate contribution to Monero has settled around 14%, well below the 51% threshold. The Monero network remains stable, with no reported double-spends, block reorgs, or censorship events. However, with Qubic’s declared campaign period set for August, vigilance remains high. There are also unconfirmed reports on X claiming upto 40% contribution but that doesn’t seem to align with the miningpoolstats website.

Monero’s developers and users continue to monitor the situation closely. The community is also exploring long-term strategies to ensure that Monero’s commitment to decentralization and privacy can withstand not only technical attacks, but economic ones as well.

Blockchain	Date	Method	Result	Impact
Ethereum Classic (ETC)	Jan 2019, Aug 2020	Double-spending via majority hash rate	Millions lost, 7,000+ blocks reorganized	Exchanges raised confirmations or delisted
Bitcoin Gold (BTG)	May 2018, Jan 2020	Hash rate control, double-spends	$18M+ lost, deep reorgs	Exchanges paused or tightened BTG trading
Vertcoin (VTC)	Dec 2018	Rented hash power for reorgs	~$100K double-spent	Exposed small PoW vulnerability
Verge (XVG)	Apr–May 2018	Time manipulation, multi-algo exploit	~$1M stolen	Multiple emergency hard forks
Feathercoin (FTC)	June 2013	Pool gained majority hash rate	Double-spends, orphaned blocks	Difficulty algorithm adjusted
Krypton & Shift	Aug 2016	51% attack on small Ethereum-based chains	Chain reorgs, double-spends	Shift shut down; Krypton merged
FLO Blockchain	May 2019	Hash rental via NiceHash	Suspected reorgs and double-spends	Raised concerns over hash market use