Research: Smaller Cryptocurrencies like Bitcoin Private are Trivial to 51 Percent Attack
While blockchain technology is famous for its secure, immutable framework, the thousands of overlying cryptocurrencies do not display equal characteristics. A recently conducted research goes on to show the depths of this concerns and concludes that a billion-dollar cryptocurrency network could be brought down with a few million dollars, and a little technical work.
Algorithms Tremendously Exposed
As per a blog post on May 22, 2018, Brazilian cryptocurrency researcher Husam Abboud demonstrated the fatal exposure of Ethereum Classic’s (ETC) blockchain algorithm to a 51 percent attack. Abboud estimated that a 51 percent attack could be conducted by an enterprising miner for as little as $1.5 million. A 51 percent attack allows the aggressor to ‘double spend,’ which could potentially cause havoc for exchanges.
The startling findings go on to show that simulations suggest an amount of $55 million could bankrupt the world’s 17th largest digital currency (by market cap). In return, the attacker could obtain a $1 billion profit by short selling ETC with 35x margin, assuming a price drop of 50 percent.
As stated, the protocol’s proof-of-work algorithm – same as Bitcoin and Ethereum – is inherently vulnerable to network attacks, which can effectively put an entire network in jeopardy with minimal resources, as there are no barriers to entry regarding capital costs.
“Any miner who contributes as little as 2.5 percent of Ethereum Nethash can simply switch to mining Ethereum Classic and control more than 51 percent of hashing power of Ethereum Classic network.”
For purposes of his research, Abboud deployed a Rindex v2.0 model, moving away from the traditional model for calculating the costs of a 51 percent attack, which include the costs of acquiring mining equipment and electricity. However, the Rindex focuses only on hashpower leasing, ignoring the redundant equipment costs for PoW blockchains.
Several Cryptocurrencies Face 51 Percent Attack Threat
Abboud used the same model to calculate the costs for executing a similar attack on other cryptocurrency blockchains. The researcher calculated an amount of $2 million for performing a network attack on Bitcoin Cash, the world’s fourth-largest cryptocurrency valued at $16 billion, and a paltry $300,000 for Bitcoin Gold, a Bitcoin hard fork with a value of $750 million.
The estimate for the cost of a 51 percent attack on Monero is suggested to be inflated, as Nvidia GTC 1080 mining cards are not as powerful as Vega mining cards. Once taken into account, it would make Monero the fifth most expensive blockchain network to attack and cuts the cost of 51 percent attack by two thirds, according to one Monero subreddit user.
Cost of launching network attacks on major cryptocurrencies. Source: Medium
In theory, the attacks are present as long as the core developers of the victim blockchain deploy a patch, or as long as the attacks remain profitable for the attacker to continue.
The researcher states that Bitcoin’s creator did not consider a 51 percent as a major threat while developing the protocol, as it would ultimately lead to a lower market value for the digital currency, making it highly unprofitable and disadvantageous for them.
However, the launch of bitcoin futures and margin trading has created an environment where traders can profit from short-selling the plunging market, making this assumption false.
“We have major exchanges with a lot of liquidity which allow you to short-sell with a trading margin from 2.2 to up to 100 times. It’s just becoming easier everyday and the market is more liquid for opportunities where you can benefit from price decline.”
Crypto51 Highlights Theoretical Costs of an Attack
A website known as Crypto51 has also emerged, which highlights the theoretical cost of a 51 percent attack on each network. The data shows that the one-hour attack cost for Bytecoin is $981 despite the altcoin having a market cap exceeding one billion.
Moreover, Bitcoin Private has a similar figure for the one-hour attack cost, but with the coin not present on many exchanges and the lack of options to short the altcoin, the only incentive to attack coins like these would be “malice” according to Jackson Palmer, a former Dogecoin developer.
The NiceHash-able column shows how much computing power could be rented from NiceHash to conduct such an attack. So for a cryptocurrency with 100 percent or more in the NiceHash-able column, the capital costs of a 51 percent attack are eliminated as the hashrate needed can be entirely rented out.
Bitcoin Core developer Luke Dashjr reckons that 51 percent attacks are feasible for altcoins like bitcoin gold and bitcoin cash, and maybe even bitcoin if “Bitmain wanted to”:
While attacks on some cryptocurrencies seem trivial regarding finance, it is the technical know how that is the biggest obstacle to translating these theoretical attacks into actual double spends on these blockchains.
Sticking with the Heavyweights
The recent findings highlight how index-tracking the top cryptocurrencies by market capitalization could become devastating, given that Bitcoin, Ethereum, and Litecoin are the most robust and hardest to attack, while others in the top ten, 15, or 20 are relatively easier to attack.
A takeaway from these results for investors is to stick with coins that are dominant for their respective hashing algorithms; i.e., bitcoin for SHA-256, Ethereum for ETHhash, and Litecoin for Scrypt.
A possible solution for such concerns – which are only stipulated to grow as the networks increase – is to introduce newer consensus protocols to blockchains, primarily moving wholly away from a PoW consensus to other types, such as proof-of-stake.
Various suggestions have been buoyed, ranging from increasing the number of required confirmations, upgrading the hashing algorithms to make the networks ASIC-resistant, and sharding.
A Blitz Against Low-security Blockchains Incoming?
But with 51 percent attacks emerging on networks like Bitcoin Gold and Verge, many commentators believe it is just a matter of time before the weaker cryptocurrencies are exposed to attack. It could be the case that hackers are just testing the waters and will gear up toward more lucrative attacks on larger cryptocurrencies in the near future.
While attacking a cryptocurrency network in of itself is not illegal, shorting the said crypto and conducting a 51 percent attack is, which may deter some attackers.
Interestingly, after cryptocurrency markets were overstretched regarding valuation during early 2018, the rest of the year could well see attacks on smaller cryptocurrencies and weed out the good from the bad.
Contributions by Jamie Holmes.