The Intransigent Minority: The Cypherpunk Defense Against Capturing Bitcoin

The attack on Bitcoin has no off switch, so it has to be a handshake

On November 8, 2017, a man named Mike Belshe sent an email canceling a fork of Bitcoin. He sent it on behalf of the chief executives of BitGo, Xapo, Bitmain, Bloq, Blockchain, and ShapeShift. The agreement they were abandoning had been signed six months earlier in a Manhattan hotel and claimed 58 companies across 22 countries and 83.28 percent of the network's mining power. By every conventional measure of corporate and industrial weight, it was a winning coalition. It lost. It lost to a dispersed population of people running validation software on their own machines who had announced, in advance and in plain language, that they would reject the blocks the coalition intended to produce. The most powerful financial and mining interests in the industry, holding a supermajority of hash power, could not change a single rule that ordinary node operators declined to run.

That outcome is the whole game, and it is why the threat Jeff Booth describes is the correct one to worry about. Booth's argument, stripped to its frame, is that Bitcoin cannot be killed by force because there is no throat to choke. The protocol is communication, and a widely dispersed system has no head to remove. Eric Hughes wrote this into the cypherpunk manifesto in 1993: software cannot be destroyed, and a widely dispersed system cannot be shut down. So an adversary with effectively unlimited money does not attack the network. It attacks the people who maintain the network, and it attacks the discipline of the people who hold the coins. The first vector is social capture of the developers. The second is the quiet centralization of Bitcoin itself into custodians, treasury vehicles, and exchange-traded products until the coins that enforce the rules sit in a handful of hands. Both vectors aim at the same target. They aim to recreate, inside Bitcoin, the centralized chokepoint that every prior monetary technology eventually grew.

The question is what the answer is. Not a slogan, an actual plan. And the answer is that the plan was already built, before Booth named the threat, by people who assumed from the beginning that someone would try exactly this.

The capture playbook is being rehearsed in public right now

Booth describes the social attack with precision. If he controlled the legacy system and could not kill Bitcoin, he would befriend a few core developers, draw closer each time the community attacked them, sympathize with how hard their work is, and slowly use that relationship to get them to insert changes that hand control back to the center. Over time the decentralization erodes from the inside, not by a coup but by a series of reasonable-sounding merges.

The thing to understand is that this is not a hypothetical. A version of this fight ran through 2025 over a parameter most people had never heard of. Bitcoin Core's version 30 release, in October 2025, raised the default relay limit on the OP_RETURN field from roughly 80 bytes to 100,000 bytes, which in practice removes any meaningful default cap on arbitrary data attached to a transaction. The change had defenders with serious arguments. Relay policy is not consensus. A node's mempool filter cannot actually keep a fee-paying transaction off the chain; it only pushes that transaction toward private channels that route directly to large miners, which centralizes rather than restrains. The old limit had stopped functioning as a deterrent and was arguably pushing data into worse places, including outputs that bloat the set of unspent coins every node must hold in memory forever. Those are good-faith positions held by competent people, and nothing in the public record establishes that anyone was paid to corrupt the protocol. Allegations to that effect were made and denied, and no evidence was produced.

The relevant point is not whether this particular change was an attack. The relevant point is that it looked enough like one to trigger the immune response, and the immune response worked exactly as designed. Operators who disagreed switched to Bitcoin Knots, a Core-derived client that keeps the strict data limits. Knots sat near one percent of reachable nodes at the start of 2024. Across the second half of 2025, as the controversy peaked, it climbed past a fifth of them and briefly approached a quarter before pulling back, by the public-node estimates that exist. People who could not win the argument inside one codebase exercised the only vote that has ever mattered. They changed what they run. No permission was required, and none was asked.

Developers propose, nodes dispose

The first pillar of the defense is a separation of powers that most people misread because they import the wrong mental model. They assume the developers govern Bitcoin the way a company's engineers govern a product. They do not. Pierre Rochard laid out the three roles cleanly during the last war. Developers and researchers propose, implement, and publish changes, but they hold no veto and no command. Miners provide proof of publication and order transactions, and Rochard's blunt assessment is that they are mercenaries who cannot be trusted to enforce validation rules on their own. The full nodes enforce. A block that the economically relevant nodes reject is worthless no matter how much energy was burned to produce it.

This is why the title of Bitcoin Core maintainer carries so much less power than its critics imagine. Jameson Lopp, who has written the clearest account of who actually controls Core, calls the maintainer role a janitorial function rather than a position of authority. Maintainers merge code that reflects the rough consensus of contributors; they cannot force anyone to run what they merge. The GitHub repository is a matter of convenience, not definition. The protocol is not the repository, and the repository is not the protocol. If a captured change ever did slip through, the response is the one that has happened before: developers fork the software, strip the change, and publish a version users can run instead. Bitcoin Core deliberately ships without an auto-update mechanism, precisely so that no one can ever push code that users did not explicitly choose to run. The bar for consensus-critical changes is set deliberately high, because a mistake there is expensive and a malicious change there is fatal, and the project's own contribution rules say so in writing.

The deeper design choice is to refuse dependence on the virtue of any single person. Wladimir van der Laan, who led Core for years, eventually wrote that he had become a centralized bottleneck and that he wanted to remove himself from the critical path, and he then relinquished his commit access and his release-signing key. That is the correct instinct rendered as architecture. A system that needs its maintainers to be incorruptible has already lost, because incorruptibility is not a property anyone can guarantee about another human being. The cypherpunk move is to build the system so that the maintainers' character does not matter.

A binary nobody has to trust

The second pillar is the part of the answer that most directly defeats the specific attack Booth describes, which is a developer who has been turned shipping a compromised release. Bitcoin Core's binaries are produced through reproducible builds. Independent builders compile identical source code in a deterministic environment and must arrive at bit-for-bit identical output, then sign the hash of that output with their own keys. For a recent release, roughly twenty independent people attested to the same binary. The project moved from the older Gitian system to a GNU Guix build pipeline, official since version 22.0 in 2021, which hardens the toolchain itself rather than just the final compile.

The consequence is that no single developer, captured or coerced, can ship a backdoored binary that still matches the published hashes, because a divergence from the source would produce a hash that every honest builder's attestation contradicts. As the engineers who built it put it, no one person and no one computer needs to be trusted to produce the executable that most people run. This does not make the build process magically trustless in some absolute sense, and the people who built it are careful to say so. What it does is convert a problem of trusting individuals into a problem of auditing math, and a problem of auditing math is one that anyone in the world can check without asking.

Ten organizations funding ten developers

The third pillar attacks the attack at its root, which is money. Booth's scenario depends on an adversary buying influence over the people who write the code. The structural defense is to make sure no single source of money owns those people in the first place. Steve Lee of Spiral has described the goal as something like ten organizations each funding ten developers, with no dominant patron. That is close to the present reality. Brink funds protocol engineers through grants and fellowships on donations from hundreds of contributors. Spiral, inside Jack Dorsey's Block, funds Core and related work and has stated publicly that its corporate parent does not direct what it builds. Chaincode Labs runs research and residencies. OpenSats, a pass-through nonprofit whose board members are barred from receiving its grants, has routed tens of millions of dollars to hundreds of contributors. The Human Rights Foundation funds developers in quarterly rounds aimed at financial-freedom tooling. MIT's Digital Currency Initiative gives several long-tenured engineers a deliberately neutral home. BitMEX, OkCoin, and others have written direct checks.

The point of this redundancy is not generosity. It is that an adversary trying to buy the protocol has to buy a dozen mutually independent institutions across multiple jurisdictions, each of which would notice the others being bought, and each of whose grantees can walk to another funder the moment the strings appear. A monoculture of funding is a single point of capture. A market of funders is not. Diffusion is the defense, the same way it is everywhere else in this system.

The proof is already on the record

The reason to take any of this seriously rather than treat it as hopeful theory is that the defense has already been tested against precisely the coalition Booth fears, and it held. The user-activated soft fork of 2017 is the empirical anchor. After miners stalled the SegWit upgrade for months under the existing signaling rules, a pseudonymous developer called Shaolinfry proposed something different. Starting August 1, 2017, nodes running the new software would reject any block that did not signal readiness for the upgrade. This put the mining majority in a trap. Keep stalling and watch your blocks get orphaned by the chain the economy actually valued, or capitulate. The miners capitulated days before the deadline, locking in the upgrade through a faster mechanism on July 20 and 21, and SegWit activated cleanly that August. The threat alone was sufficient. The economic nodes never had to fire the weapon, because the credibility of their refusal was enough.

This is the dynamic Nassim Taleb calls the intolerant minority, and Booth calls the intransigent minority. A sufficiently committed group that will not yield can impose an outcome on a passive majority when the majority finds compliance cheaper than the fight. In Bitcoin the committed group is the set of economically relevant nodes that enforce rules they have chosen and refuse the rules they have not. The New York Agreement and its 83 percent of hash power discovered that hash power orders transactions but does not write rules. Users write rules by choosing which software to validate against. That is not a metaphor for governance. It is the mechanism, and it has a date attached to it.

The harder front is the coins, not the code

The technical defenses are mature. The part of Booth's warning that should keep a serious person up at night is the other one, because it does not route through any repository. It is the slow migration of Bitcoin itself into custodial claims. United States spot exchange-traded products now hold somewhere around six to seven percent of all the Bitcoin that will ever exist. A single issuer's fund holds north of 800,000 coins. A single public company holds something close to three percent of total supply and keeps buying. By one analysis, roughly four-fifths of the Bitcoin inside those exchange-traded products sits with a single custodian. Add the corporate treasuries and the institutional total runs well past a million coins concentrated under a handful of names.

A custodial balance is not a coin. It is a promise about a coin, and promises can be issued in excess of the thing they reference, rehypothecated, frozen, or recalled. This is the gold lesson, and it is not abstract. Executive Order 6102, signed April 5, 1933, did not have to break into anyone's home. It compelled the surrender of registered, custodied gold, and then the government revalued what it had collected. Holdings that someone else stored were exactly the holdings that could be seized. Keys held personally were not. The migration of Bitcoin into funds and treasury vehicles is the voluntary reconstruction of the 6102 vulnerability, dressed as convenience and a yield. Booth's mechanism is the offer of eleven or twelve percent on coins you hand over, which feels like income and is actually the slow transfer of consensus-enforcement power away from the people who validate and toward the institutions that custody. When the leveraged claims on those coins eventually face their margin call, the entities holding the centralized pile may try to use it to change the rules. The nodes will tell them no, the same way they told the New York Agreement no. The people holding paper will discover what their paper was.

The defense here is not technical and cannot be automated. It is self-custody paired with a validating node. The phrase Andreas Antonopoulos made unavoidable, that without your keys you do not have coins, is usually heard as advice about counterparty risk. It is more than that. The coins that enforce Bitcoin's rules are the coins controlled by people who run their own nodes and reject invalid blocks. Every coin that moves into a custodian is a coin whose enforcement vote has been delegated to someone else. The number of reachable nodes sits in the tens of thousands, with broader estimates running toward a hundred thousand once non-listening nodes are counted, and the figures are contested. The strategically important fact is the direction. The intransigent minority has to be larger and more credible than the pile of centralized coins before the margin call arrives, not after. That is the one part of the plan that depends on individual decisions made now, by people who would rather take the yield.

Hard to change is the feature, not the bug

The last pillar is the one that looks like stagnation to outsiders and reads as immunity to anyone who understands the threat. Bitcoin's base layer is hard to change on purpose. The conventional complaint is that this is sclerosis. The cypherpunk reading is the inverse. If the rules could be changed easily, that ease would itself be evidence that some small group had acquired the power to push changes through, which is the exact condition of capture. Difficulty of change is the observable signature of decentralization. An adversary who has corrupted developers still has to get past the review culture, the high consensus bar, the independent builders, the funders, and finally the nodes, and at every gate the answer can be a refusal that costs the refuser nothing.

This has a real cost worth stating plainly rather than waving away. Client diversity is dangerous in a consensus system in a way it is not elsewhere, because two implementations that disagree about whether a block is valid do not produce redundancy, they produce a chain split. The 2013 fork, when two versions of the software disagreed over a database lock limit and the chain divided for several hours, is the standing proof that an obscure implementation detail can silently become a consensus rule. There are also genuine future problems, from the eventual security budget after the subsidy fades to the threat quantum computing poses to existing signatures, that will require careful change rather than frozen refusal. So the goal is not literal ossification into a dead artifact. It is something closer to equilibrium, a system that changes only when the agreement to change is overwhelming and verifiable, and that treats every proposed change as a power question first and a technical question second. The covenant debates and the activation-method fights of recent years are exhausting precisely because the participants understand that the mechanism of change is the real prize, and they refuse to let it be set casually.

The plan, then, is not a document and not a committee. It is a separation of powers in which developers can only propose, a build process that makes a corrupted developer's binary detectable by anyone, a dozen funders no single hand can buy at once, a base layer hardened against easy revision, and behind all of it a population of people who validate their own coins and will not upgrade on command. Booth is right that the attack will be social, patient, and well financed, and right that a great many people will hand over their agency for a yield and a convenient story. The defense is older than the attack. It is running now, quietly, on tens of thousands of machines owned by people who already decided that the most powerful coalition in the room does not get to write their rules. The coalition learned that once already, on a November afternoon, in an email.