Ethereum Classic’s 51% Attack Wasn’t Unexpected
By Frisco d’Anconia
Cryptosphere is hoping for a better 2019 following the dismal market performance in 2018. Alas! A setback, however, was recorded in less than two weeks into the year which has consequently reverse some earlier gains in market cap.
Since last week the media has extensively reported traders on the Gate.io Exchange platform lost 219,500 ETC which was more than $1 Mln in last week’s valuation to hackers. The infamous Ethereum Classic 51 per cent attack last week bestows a challenge to the entire ecosystem that needs critical attention by industry players.
Earlier on Tuesday news filtering in revealed the hacker/hackers have returned $100,000 of the booty to the exchange raising further eyebrows and questions. There is no doubt, this warrant reexamination of Proof of Work (PoW) and its hashing power security.
CoinNewsLive sought out the views of Lead Dev at Gulden, Malcolm MacLeod concerning the implications, impacts, lessons and what must be done to avoid such pitfalls.
In his anatomy of the hack, MacLeod emphatically hinted that any PoW coin that doesn’t completely dominate the hash rate for its algorithm is a sitting duck for such attacks. “To anyone with a proper understanding of blockchain consensus, to see an attack like this on ETC should not be surprising at all,” he strongly asserted.
Judging from his perspective, it is only a matter of someone having the knowledge and motive to do it and it will happen, and the knowledge has certainly become more readily available over the years. MacLeod revealed any developer in the crypto space with any integrity at all has been warning about this for years and cited a couple of sites that have been spreading the warning in more recent times as well.
These sites are not always right in every case, but they do give a pretty realistic/reasonable insight into how bad the situation is. ETC has a network hash rate of only 9 TH/s, while ETH which is on the same algorithm has a network hash rate of 167 TH/s. This means that at a minimum there is 176 TH/s of hashing power available worldwide and an attacker needs only 5 TH/s to pull off an attack, or less in some circumstances. Nicehash alone has 8.5 TH/s available for rent right now, so it is really not surprising at all.
Impact On Industry
According to him, these sorts of attacks can certainly cause a lot of damage to the credibility of the sector making it harder to be taken seriously by the mainstream. However there is enough enthusiasm for cryptocurrencies that it is unlikely to be the end, but rather it is his hope that over time people will start to focus on more serious projects like Gulden and others that can solve this and stop lending their support to those who do not.
“Ultimately those coins that are usable will eventually thrive while those that succumb to such attacks have no future. So I wouldn’t go so far as to say they are a threat, but they are certainly not good or desirable,” the lead dev inferred.
Exchanges Must Adapt
Needless to say, exchanges ought to rethink how to accommodate coins with such hash rate. Even though MacLeod admitted he doesn’t follow exchanges closely but thinks many of them have already taken such move to some degree pinpointing how Bittrex has set a lot of smaller coins to 300 confirms for instance.
To him, in as much as such measures help to a point, it’s probably the bare minimum that should be done. It was his wish exchanges would take a more moralistic stance, and look through their coins and ask whether some coins really have any substantial development over Bitcoin as well as implement some kind of feasible mitigation against 51% attacks.
“If the answer is no, they should really look beyond immediate profits they can make from people trading the latest fad, and instead remove or not list these coins and focus instead on coins that are actually realistic,” was his suggestion.
Lessons At Stake
In the grand scheme of things, Cryptosphere has some lessons to gather from the theft which MacLeod deems there are many lessons here for those who are looking for them. The developer who is credited with developing Proof of Work 2.0 (PoW2) urged end users to stop glorifying high market cap and buying into bold marketing claims and begin paying attention to the actual work (or lack thereof) that goes into projects.
“Start paying attention to how knowledgeable and how much experience/qualifications the people doing the above work have; we have people with almost no prior development experience and no computer science qualifications who are now portraying themselves as experts and this is a problem and dangerous,” he asked.
For his fellow developers this was his advice:
“For smaller coins, PoW is simply not enough, it is time to accept this and either lead the charge in innovating with new ways forward, or close up shop if you can’t, anything else is dishonest. For the larger coins, it’s time to stop ignoring or brushing off the flaws that a Bitcoin-style PoW blockchain has, and start talking honestly about them and looking for ways to improve.
Despite the situation, he acknowledged Bitcoin is now safe from this sort of thing due to price growth over time, but, this, he maintained can’t and won’t be the case forever.
When asked if such an attack is impossible when it comes to Gulden, he responded that any fully decentralized blockchain, Bitcoin and Gulden included the possibility of such an attack is always there so it is never 100% true that it is impossible but rather a matter of whether such an attack is practical or not.
“The way the system is meant to work is that the cost of doing such an attack is meant to be so expensive and require so much resource,” MacLeod pointed out. “It is impractical to do so, and the difficulty of doing so approaches the impossible to the point that it is not going to happen.”
This article was originally published at https://coinnewslive.com/ethereum-classics-51-attack-wasnt-unexpected/