Preface: I started to write this as a reply to another post, but it became long enough to justify a new thread. This post is intended to clear up misconceptions around the current feasibility of a 51% attack. However, please be encouraged to state differing opinions.
The chance of a 51% attack on Zcash is close to zero, as an attacker would need to have sufficient monetary incentive to carry out such an attack. Right now there is about 100Mh/s of Equihash available on Nicehash. Given that Zcash’s network hashrate averages about 1.8Gh/s, the Equihash hashrate available for rent represents less than 6% of the Zcash network. In order to control 51%, a hypothetical attacker would need to acquire an additional 45% of the existing network, which works out to 810Mh/s or about 16,200 A9’s/Z9’s.
The top pools in order of network hashrate are Poolin (382Mh/s), F2pool (343Mh/s), Flypool (273Mh/s), and Slushpool (146Mh/s). Even if an attacker was already in control of Poolin and F2pool, they would still only have about 40% of the total network. Even combined with what’s available on Nicehash, they would be short of 51%. However, for sake of argument let’s assume an attacker could have theoretically purchased enough ASICs to acquire the 45% of the network they needed already and they’re currently mining on several pools.
If the hypothetical attacker purchased 16,200 full Z9’s at a cost of $3000 USD each, they would have spent over $50 million to acquire their hardware. Adding the cost of renting all the Equihash hashrate on Nicehash, the opportunity cost of a 51% attack would need to exceed $50 million in order to justify acting maliciously. The attacker would need to carry out a double spend attack on an exchange in that amount, which is greater than the daily ZEC trading volume of any exchange, excluding LBank and BCEX which are known to fake volume by amounts greater than 4000x. The combined volume of every other exchange in all ZEC pairs is $53 million.
An attacker would need to coordinate a double spend on every single exchange that supports ZEC in an amount that exceeds their daily trading volume, otherwise there simply isn’t enough monetary incentive to justify a 51% attack. Setting aside the feasibility of such an attack, the aftermath would potentially leave the attacker’s hardware worthless, so logic dictates that anyone with the resources to carry out such an attack would make more money by simply mining legitimately. That’s the beauty of proof of work, and Satoshi was very explicit in talking about this in the Bitcoin whitepaper.