DarkWhale Talks - Mining Pool Centralization: Bitcoin's $1.8 Trillion Vulnerability
- Blockchain Team
- Jan 12
- 12 min read
Updated: Jan 16
Who Really Secures Bitcoin?
Bitcoin’s market cap is $1.8 trillion, drawing participation from institutions, sparking debate among governments, and earning the trust of millions who see it as an alternative to centralized financial systems. Yet beneath this global confidence lies a less discussed reality: the infrastructure responsible for securing Bitcoin is increasingly controlled by a relatively small number of entities.
This is not a story of security breaches or technical failures. Rather, it is about a gradual and largely unnoticed consolidation that has unfolded in plain sight. Over time, block by block, mining power has concentrated into fewer hands, without attracting the kind of attention such a shift would normally command. When the data is examined closely, it raises an uncomfortable but important question, whether Bitcoin’s decentralization is as robust in practice as it is in principle.
What the hell is Hashrate?
Before we dive into the data, let's clarify what we're actually talking about.
When people say "Bitcoin is decentralized," they usually mean no single entity controls the network. In theory, thousands of miners around the world compete to validate transactions and add new blocks to the blockchain. The more computing power or hashrate you control, the more blocks you mine, and the more influence you have.
Think of hashrate as voting power in a global election that happens every 10 minutes. If you control 10% of the hashrate, you mine roughly 10% of all blocks. If you control 51%, you can effectively rewrite recent transaction history, double-spend coins, or censor specific transactions.
But here's what most people miss: hashrate isn't just about who mines the blocks. It's about who decides what goes into them.
Mining pools don't just combine computational power. They produce block templates, which are the actual blueprints that determine which transactions get included, which get excluded, and in what order. Individual miners contribute their hashrate, but the pool operator calls the shots.
This distinction is critical. When we look at mining pool concentration, we're not just measuring computational power. We're measuring control over Bitcoin's transaction layer.
Mining Pool Centralization & Distribution
Let's look at the current landscape. As of January 2026, here's what Bitcoin mining looks like:
S. No | Mining Pool | Hashrate Share (%) |
1. | Foundry USA Based in USA and HQ at USA | 31.23% |
2. | AntPool Based in China and HQ at Singapore | 18.10% |
3. | ViaBTC Based in China and HQ at China | 10.86% |
4. | F2Pool Based in China and operated Globally | 9.10% |
5. | SpiderPool Based in Singapore and HQ at Singapore | 6.72% |
6. | MARA Pool Based in USA and HQ at USA | 5.38% |
Source: Data acquired by mempool.space The top two pools control nearly 50% of all hashrate. The top six pools control over 81%. When you account for smaller pools, we're looking at roughly 95% of all Bitcoin blocks being mined by just six entities.
Foundry USA, the largest Bitcoin mining pool, commands approximately 30% of the network's total hashrate. Founded in 2020, it is a subsidiary of Digital Currency Group (DCG), the same conglomerate that owns Grayscale Investments, operator of the multi-billion dollar Grayscale Bitcoin Trust. Foundry links the network's dominant mining pool to one of Bitcoin's most influential investment firms.
Bitmain Technologies represents a vertically integrated force within the Bitcoin mining ecosystem. As of 2026, Bitmain dominates around 60% of the global market for Bitcoin mining equipment, manufacturing the industry-standard Antminer ASIC hardware. The company also operates AntPool, historically one of the largest mining pools, which was spun off from Bitmain in 2021 as a separate holding company. Additionally, Bitmain maintains an investment relationship with ViaBTC, though the pool operates independently with its founder retaining majority voting control. This structure allows Bitmain to exert influence across hardware manufacturing, mining coordination, and pool infrastructure simultaneously.
F2Pool and SpiderPool, despite operational adjustments following China's 2021 mining ban, retain their Chinese origins. F2Pool, founded in 2013, was China's first Bitcoin mining pool and remains headquartered in Beijing. SpiderPool, founded in 2018, is also based in Beijing and operates servers globally. The growing cooperation among major pools on shared infrastructure has become notable. In May 2025, Bitlayer announced strategic partnerships with AntPool, F2Pool, and SpiderPool, pools whose combined hashrate represents approximately 36% of the total Bitcoin network to advance the implementation of BitVM Bridge. Under this partnership, these pools will serve as guardians of the BitVM Bridge, ensuring non-standard transactions are reliably included in blocks, highlighting increasing coordination around critical Bitcoin infrastructure rather than pure competition.
Marathon Digital Holdings (MARA), a U.S. publicly traded miner, demonstrated that transaction censorship is technically feasible when it launched an "OFAC-compliant" mining pool in May 2021. Marathon's pool filtered transactions using DMG Blockchain's Walletscore surveillance software to exclude addresses on the U.S. Treasury's sanctions list. The first "clean" block mined by MARA Pool contained only 178 transactions and earned substantially reduced fees compared to adjacent blocks. The Bitcoin community reacted strongly, viewing the practice as a threat to Bitcoin's censorship resistance. Following community outcry, Marathon reversed course in June 2021, announcing it would stop censoring transactions and move to standard Bitcoin Core software. While Marathon's experiment was short-lived and voluntary, it proved that regulatory pressure can directly influence block selection—a structural vulnerability should a handful of economically aligned entities choose, or be compelled, to coordinate. of early 2026, MARA holds over 53,000 BTC, a massive treasury that trails only MicroStrategy in size. MARA's huge reserve helps them stay in business even when prices drop, unlike smaller miners who might fail. However, because they are so big and based in the US, it is easier for the government or larger organization to pressure them to block certain transactions.
None of this evidence proves active collusion among mining pools. However, it highlights a structural risk: over the past two years, six mining pools have mined around 80% of all Bitcoin blocks, with Foundry and AntPool together controlling around 49% of the network's hashrate. Under sufficient pressure or incentive, this concentration could theoretically compromise Bitcoin's neutrality and censorship resistance.
The Proxy Pool Problem
But even those numbers don't tell the full story.
Proxy pooling is when smaller mining pools forward mining work from larger pools but still label the block as if they mined it themselves, even though the block was effectively produced by a larger pool.
Analysis of block templates (the unique fingerprints of how pools construct blocks) has revealed that several pools share eerily similar patterns with AntPool. These pools, collectively referred to as "AntPool & friends," include names like Poolin, Binance Pool, Braiins, Luxor, and others.
When you combine them, some estimates suggest this coalition controlled around 40% of network hashrate at its peak in 2023-2024.
If true, that means just two entities (Foundry USA and the AntPool coalition) could have controlled 60-70% of Bitcoin's hashrate for extended periods earlier. That's not decentralization.
The Moment Bitcoin Was Vulnerable
History has already given us a preview of what concentrated mining power can do.
In June 2014, a mining pool called GHash.io briefly exceeded 51% of the Bitcoin network's hashrate. For a short window, a single entity had enough power to potentially rewrite transaction history, double-spend coins, or block specific transactions from being confirmed.
The community panicked. GHash.io, facing public pressure, voluntarily reduced its hashrate to below 40%. Crisis averted, but only because the pool operator chose to back down.
Think about that. Bitcoin's security at that moment relied not on cryptographic guarantees or decentralized consensus, but on the goodwill of a single mining pool operator.
It worked because the incentives aligned. Destroying Bitcoin's credibility would have crashed the price and hurt the pool financially. But it exposed a fragile truth: when hashrate centralizes, Bitcoin's resilience becomes social and economic, not automatic.
The system held, not because it was mathematically impossible to attack, but because it wasn't profitable. Yet.
Why This Matters Before 51%
Most people think Bitcoin is safe as long as no single entity controls more than 51% of the hashrate. But that's a dangerous oversimplification.
Even with 40% of hashrate, a mining pool has nearly a 50% chance of mining six consecutive blocks (the standard threshold for considering a Bitcoin transaction "confirmed"). With that kind of power, an attacker could:
Censor transactions by refusing to include them in blocks
Delay confirmations for specific addresses or entities
Attempt chain reorganizations to reverse recent transactions
And here's the kicker: the more miners that join in coordinated behavior, the easier it becomes. If two large pools (say, a coalition with 40% and another with 30%) decided to collaborate, they wouldn't just have majority power. They'd have near-total control.
This isn't hypothetical. Mining pools have already demonstrated the willingness to filter transactions:
In 2020, BlockSeer filtered transactions linked to OFAC-sanctioned addresses
In 2021, Marathon Digital experimented with mining "clean" blocks that excluded certain transactions
In 2023, F2Pool blocked specific transactions before quickly reversing course after backlash
These weren't attacks. They were tests, small flexes of power that revealed just how much control pools actually have over what gets written to Bitcoin's blockchain.
The Geographic Risk
In April 2021, a coal mine flooded in Xinjiang, China, triggering safety inspections that shut down multiple power plants. Within days, Bitcoin's global hashrate dropped by 25%. Transaction fees spiked. Block times slowed. The network congested.
A localized blackout in a single Chinese province disrupted a supposedly global, decentralized network.
Academic researchers studying the event found that blockchain congestion led to:
135% increase in transaction fees
Significant drop in transaction volume
Increased price volatility and reduced market liquidity
The blackout only lasted a week. Bitcoin recovered. But the incident revealed a structural vulnerability: when mining concentrates geographically, local events can have global consequences.
China's mining ban in 2021 caused a temporary shock, but the network adapted because hashrate dispersed globally. If the U.S. were to take similar action today, there's far less geographic diversity to absorb the impact.
Until 2021, though, China was the world’s dominant Bitcoin mining hub, at times accounting for over 65–75% of global hash rate. This concentration gave China enormous de facto influence over Bitcoin’s security, an influence Beijing ultimately decided was incompatible with its legal, financial, and energy objectives.
Chinese authorities justified the ban on three primary legal-policy grounds:
Financial Stability
Cryptocurrencies were viewed as speculative assets that could facilitate capital flight, undermine capital controls, and expose retail investors to systemic risk. Mining amplified these risks by anchoring crypto activity within China’s domestic economy.
Energy Consumption & Climate Policy
Bitcoin mining conflicted with China’s energy intensity targets and carbon neutrality goals (2030 peak / 2060 neutrality). This is because mining often relied on coal-heavy regional grids, particularly in Inner Mongolia and Xinjiang.
Monetary Sovereignty
Decentralized currencies threatened the state’s exclusive control over
money issuance and payment systems. This was especially sensitive as China was rolling out the e-CNY (digital yuan).
China banned crypto not with one single law. Instead, it used coordinated administrative and regulatory actions. They issued a State Council Decision in May 2021, coming from the State Council’s Financial Stability and Development Committee, which acted as the political trigger. The Committee explicitly called for “Cracking down on Bitcoin mining and trading behavior.” While not a statute, this directive carried binding authority across ministries and provincial governments. This decision effectively instructed regulators to eliminate mining as a matter of macro-financial risk control.
The National Development and Reform Commission (NDRC) then operationalized the mining ban. Mining was subsequently removed from the “encouraged industries” list and targeted under energy efficiency enforcement. Local governments were empowered to cut electricity, shut down facilities and impose administrative penalties
This framed mining as an energy and industrial law violation, not merely a financial one.
However, the most explicit legal prohibition came from the “Notice on Further Preventing and Disposing of Risks in Virtual Currency Trading and Speculation” issued on September 24, 2021. The issuing bodies were many, and included:
People’s Bank of China (PBOC)
Supreme People’s Court
Supreme People’s Procuratorate
Ministry of Public Security
Cyberspace Administration of China
State Administration for Market Regulation
And other central authorities
The notice effectively declared all cryptocurrency-related business activities illegal, and it explicitly covered mining, exchanges, token issuance and overseas platforms serving Chinese users. Lastly, it established criminal, civil, and administrative liability. China’s ban demonstrates a key vulnerability in Bitcoin’s architecture: mining centralization invites jurisdictional risk.
Today, these risks haven't disappeared. They just shifted jurisdictions. With roughly 75% of the global hashrate concentrated in just a few developed countries, what would happen if:
A future administration decides to regulate or restrict mining?
Energy crises force localized shutdowns?
Political pressure mounts to censor certain transactions under the guise of sanctions compliance?
The Nakamoto Coefficient
There's a metric called the Nakamoto Coefficient. It measures how many entities you'd need to collude to control 51% of a network. For Bitcoin today, that number is 3. Three entities. That's it.
In 2017, during a brief period often cited as Bitcoin's most decentralized era, the top six mining pools controlled less than 65% of hashrate, and no two pools combined held majority power. The Nakamoto Coefficient was higher. The system felt more resilient.
By 2023, the top two pools controlled over 55% of hashrate. By 2026, Foundry USA alone sits at 31%, with AntPool (and potentially its proxies) not far behind.
Compare this to the early days. In 2010, no single entity controlled more than 5% of the hashrate. Solo miners dominated. GPUs were still competitive. Anyone with a laptop could contribute.
That era is gone. Today, industrial-scale mining in jurisdictions with cheap energy has replaced hobbyist participation. And with it, the structural decentralization that once made Bitcoin robust has quietly eroded.
Why Bitcoin Still Works
If mining is this centralized, why hasn't Bitcoin collapsed?
Large mining pools are deeply invested in Bitcoin's success. If Foundry USA or AntPool were to attack the network, Bitcoin's price would likely crash, wiping out their revenue and the value of their holdings. It's a classic case of aligned self-interest.
But incentives can change. Regulatory pressure, geopolitical conflict, or financial desperation could shift the calculus. And unlike Bitcoin's cryptographic guarantees, incentive alignment is fragile. It depends on conditions staying favorable.
Mining centralization is also more opaque than it appears. Even after an official ban, China is estimated to still contribute a meaningful share of global hashrate ( > 14%), according to Hashrate Index, which shows policy flexibility emerges when economic incentives are strong in specific regions.
Moreover, Bitcoin's resilience today isn't just about mining, it's about adoption, liquidity, and ecosystem diversity. Even if mining centralizes, a broad base of users, developers, and economic activity creates friction against unilateral control.
But that friction isn't guaranteed. And it certainly isn't cryptographic.
What This Means for the Future
Bitcoin was designed to resist centralization, but economic forces (cheap energy, industrial efficiency, regulatory favorability) push in the opposite direction. The result is a tension between decentralization by design and centralization by economics.
The question isn't whether Bitcoin can survive centralization. Clearly, it has so far. The question is: how much centralization can it tolerate before it stops being what it was meant to be?
If six entities control 95% of block production, is Bitcoin still decentralized? If two jurisdictions host 80% of hashrate, is it still censorship-resistant? If proxy pools obscure the true power distribution, can we even measure the risk accurately?
These aren't rhetorical questions. They're the questions that determine whether Bitcoin remains a neutral, permissionless system or slowly transforms into something else.
The Illusion of Decentralization
Bitcoin's decentralization is not automatic. It's conditional. It depends on a fragmented mining landscape, diverse geographic distribution, and aligned economic incentives. When any of those factors break down, the system becomes vulnerable to structural capture rather than cryptographic failure.
Bitcoin has survived major disruptions before, from the China mining ban to the GHash.io incident to various regulatory crackdowns. The network adapts, but adaptation is not the same as resilience, and resilience is not invulnerability.
Right now, Bitcoin works because the mining pools in control choose not to abuse that control. This isn't a technical guarantee written in code. It's a social contract that depends on aligned incentives. Social contracts can break when circumstances change, and history has shown us this repeatedly across different systems and institutions.
The data shows clear concentration. The risk is measurable. Whether the Bitcoin community and the broader financial world will address these structural vulnerabilities remains an open question. For now, the system holds because it's more profitable to maintain it than to break it.
Bitcoin works. Contact us to bridge on-chain reality with compliant execution for businesses.
About the Author
Marco Beffa
CEO at cryptocompliance.ai
Author of the Book “The Darkwhale Protocol” and “What The Hell are Cryptocurrencies?”
Lecturer on Digital Assets
Radio Broadcaster, Crypto and Blockchain Insights
LEGAL DISCLAIMER
This article is provided strictly for general informational and educational purposes only. It does not constitute, and must not be construed as, investment advice, financial advice, legal advice, tax advice, trading advice, or any other form of professional advice, nor does it constitute a personal recommendation, solicitation, or offer of any kind.
We are not licensed financial advisors, brokers, dealers, or investment managers, and we are not authorized, supervised, or regulated by any regulatory or supervisory authority. We do not provide regulated services, do not offer or endorse virtual assets, digital assets, securities, or investment strategies, and do not act as an intermediary, promoter, or advisor in relation to any financial or digital asset activity.
Any views, opinions, analyses, or statements expressed herein are solely those of the author and are provided for educational discussion only. References to specific cryptocurrencies, digital assets, protocols, platforms, exchanges, third-party companies, or strategies are made solely for illustrative or informational purposes and do not constitute endorsements, recommendations, or guarantees of performance. We do not receive compensation, incentives, or consideration of any kind in connection with any asset, product, or service mentioned, unless expressly stated otherwise.
Cryptocurrencies and digital assets are inherently volatile and speculative and involve substantial risk, including the risk of total loss. Market conditions, yields, prices, platform availability, legal classifications, and regulatory frameworks may change at any time without notice. Past performance is not indicative of future results.
All information is provided on an “as is” and “as available” basis, without any representation or warranty of any kind, whether express or implied, including but not limited to accuracy, completeness, reliability, timeliness, or fitness for a particular purpose. To the maximum extent permitted by applicable law, we expressly disclaim all liability for any direct or indirect loss, damage, cost, or consequence arising from reliance on, or use of, this content.
Any code, scripts, or technical examples included are provided strictly for illustrative and educational purposes only and are not production-ready. No responsibility or liability is accepted for any implementation, modification, or use of such code. Unauthorized copying, reproduction, reuse, or distribution of any code or content is strictly prohibited. No claims for damages may be made in connection with its use.
You are solely responsible for conducting your own independent research and for consulting with qualified, licensed professionals before taking any action based on this content. By accessing, reading, or using this blog, you acknowledge that you have read, understood, and agreed to be bound by this Disclaimer and our Terms of Service. If you do not agree, you must discontinue use immediately.
For further details, please refer to our Terms of Service at:
Comments