> If every mining pool buys 20% extra GPUs, isn't everyone soon back where they started, wasting hundreds of millions in the process?
In theory you could run the entire network on one CPU, though it would take a very long time for the difficulty to adjust downward by that much from its current level. However, the extra capacity isn't wasted—a network secured by the hashing power of a single CPU would be extremely vulnerable since a trivial expenditure would give an attacker >99% of the hashing power and the ability to create forks and double-spend almost at will. The point of spending so much on hashing is to ensure that no attacker could plausibly out-spend the rest of the network and thus acquire a majority of the hashing power.
Now, do we need all of the current hashing power to secure the network? I don't think so. That's a consequence of the initial block distribution system, with a fixed halving schedule for block rewards and a price which has risen much more quickly than anyone anticipated. The cost of reliably executing a double-spend via a 51% attack far exceeds the potential reward for pulling off the attack. At some point the market will be saturated, the price will cease to double every four years (or less), transaction fees will make up a majority of the block reward, and the resulting drop in the total market value of the block rewards will lead to a decrease in hash rate to a level which is sustainable and yet still sufficient to discourage any would-be attackers.
In theory you could run the entire network on one CPU, though it would take a very long time for the difficulty to adjust downward by that much from its current level. However, the extra capacity isn't wasted—a network secured by the hashing power of a single CPU would be extremely vulnerable since a trivial expenditure would give an attacker >99% of the hashing power and the ability to create forks and double-spend almost at will. The point of spending so much on hashing is to ensure that no attacker could plausibly out-spend the rest of the network and thus acquire a majority of the hashing power.
Now, do we need all of the current hashing power to secure the network? I don't think so. That's a consequence of the initial block distribution system, with a fixed halving schedule for block rewards and a price which has risen much more quickly than anyone anticipated. The cost of reliably executing a double-spend via a 51% attack far exceeds the potential reward for pulling off the attack. At some point the market will be saturated, the price will cease to double every four years (or less), transaction fees will make up a majority of the block reward, and the resulting drop in the total market value of the block rewards will lead to a decrease in hash rate to a level which is sustainable and yet still sufficient to discourage any would-be attackers.