Category – Uncategorized

The potential of 51%-attacks on small cryptocurrencies

Over the past few months, several so-called 51%-attacks have targeted a number of smaller cryptocurrencies. A recent attack occurred on June 2 on the ZenCash network, where an unknown actor defrauded an exchange of funds worth over 700.000 USD.

In this article, you are going to learn about the properties of such attacks, the measures you can take to protect yourself and what Genesis Mining is doing to prevent these attacks from happening in the first place.

Understanding Transactions

In order to understand 51%-attacks, one needs to understand how transactions within the Bitcoin network and other, similar networks are processed. If Alice wants to send 1 BTC to her friend Bob, she has to broadcast a transaction to the Bitcoin network, stating, “Hey, this is Alice, I want to send 1 BTC to Bob. Signed, Alice.” — All miners in the network will then receive this information. In order for the funds to show up in Bob’s wallet, the transaction needs to be processed, or in other words, get included into the blockchain. After receiving Alice’s broadcast, every miner is going to check whether she has enough funds in her wallet to spend 1 BTC. After successfully verifying this, all miners that have received Alice’s broadcast will include her transaction into their next block.

As you might know, mining is a race. The first miner to find the correct solution for a hash puzzle earns the right to attach his block to the blockchain. As hash puzzles are random by design, the person to try out the largest number of different input values in the shortest amount of time is also most likely to find a correct solution first. In other words, a person controlling 1% of all processing power should statistically be the first to find a correct solution every 100th block.

The Double Spend

As there are miners spread all around the world, not all the information is available to all actors at all times. As a result, Alice could try to play the system.

One possibility is a so-called double spend attack. Alice could broadcast two transactions at the same time, with the first transaction sending 1 BTC to Bob and the second one sending the exact same funds to a wallet she owns herself. After doing so, she shows Bob only the transaction hash for the first broadcast, proving that she broadcasted the transaction. But different miners might receive those two transactions at different times, with each miner successfully verifying the transaction they received first and dismissing the “bad” second one – “bad” because Alice’s wallet is lacking funds to carry out the second transaction. Before the first lucky miner finds the correct solution and can attach his block to the blockchain, it is unclear whether the first or the second transaction is going to be processed.

Under normal conditions, simply waiting for the first confirmation by a miner usually effectively prevents this attack – after the confirmation Bob should know exactly which transaction was included and which was not.

New transaction on the block

Sometimes however, two different miners find two different solutions at the same time and both gain the right to attach their block to the existing blockchain. Now the system is in a limbo – there are two valid states of the network. The block on one end of the chain might include the first one of Alice’s broadcasts, the block on the other end of the chain the second one. Depending on their location, some miners in the network are now going to build on top of the first end and some are going to start building on top of the second end. Only after a miner attaches an additional block to either end, the situation is cleared up, as future miners will always attach their blocks to the longer end of the chain. The shorter end is abandoned and the network is going to ignore the transactions it contains.

This is also the reason why so many sites accepting cryptocurrencies wait for a certain number of blocks (usually between 6 and 20) before accepting funds in order to ensure they are always on the longer end of the chain. As the longest end of a chain usually contains the most transactions, it is considered the main chain. The main chain is the generally accepted version of the ledger.

The 51%-Attack

In our next scenario, Alice owns 51% of all processing power within the Bitcoin Network. Alice now sends 1 BTC to an exchange. After doing so, she waits for the mandatory 10 confirmations required by the exchange and swaps her funds for another currency. Following, Alice transfers back the funds in the new currency from the exchange to a wallet she owns.

Now she starts a so-called side chain by mining on top of the last block in the Bitcoin blockchain before the block that included her first transfer to the exchange. In her own version, Alice now excludes the transactions where she originally sent the money to the exchange. As Alice owns 51% of all processing power, statistically she is going to catch up at some point with the main chain. Once her end of the chain is longer, other miners are going to build on top of Alice’s chain, therefore abandoning the end including the transaction sending 1 BTC to the exchange. These funds now appear back in her own wallet and vanish from the exchange’s wallet.

For the most time, 51% percent attacks have been a theoretical problem. Sure, some malicious multi-billionaire could attempt to buy all available GPUs or ASICs and start attacking Bitcoin – but thanks to the sheer size of the Bitcoin network it is highly unlikely that a single miner could come even close to a relevant percentage in terms of processing power.

Another much more practical attack angle are mining pools. These pools concentrate large amounts of processing power and have control over what transactions are included into the blocks. However, massive opportunity costs, as well as the immediate exit of the vast majority of honest users would be deadly for any pool trying to execute such an attack. The Bitcoin community also keeps a close eye on the size of the largest pools and makes an effort to keep single pools from growing too large.

Smaller Coin, Larger Risk

While Bitcoin and Ethereum offer good protection against 51%-attacks due to the size of their networks, several smaller coins have fallen victim to successful 51%-attacks over the past few months. In order to process transactions, many smaller cryptocurrencies rely on similar hash puzzles such as Bitcoin and Ethereum do. Often, the same mining hardware used for Bitcoin or Ethereum is capable of also mining smaller coins. As a result, even a relatively insignificant miner according to Bitcoin’s standards could successfully execute a 51%-attack on a smaller network, which utilizes the same Proof-of-Work algorithm.

51% attacks on smaller coins are a real problem that cannot be ignored anymore. New coins need to put systems in place to make such attacks much harder to execute. Proposed mechanisms include switching partially or completely from Proof-of-Work to Proof-of-Stake, requiring more validations or closely monitoring the network with counter-measures in place. One such measure could for example be the dismissal of side-chains only including a relatively small number of transactions compared to the main chain.

Our Policy: “Be a good crypto citizen”

Genesis Mining is a big player in the mining market – and with great power comes great responsibility. While we do not publish a list of the mining pools we are using, we choose our pools on three main criteria: reliability, fee structure and reject rate. To preserve the decentralized nature of crypto networks, we are always using at least two different pools per coin, sometimes even up to four. Once a pool approaches the 50% mark, we switch to a backup pool. By combining all these measures we are aiming to preserve the original mission of Bitcoin and other cryptocurrencies – reliable and decentralized transactions.

Relevant Insights