Beyond the 51% Attack: Attacks on Bitcoin & Co. | BTC-ECHO
A unique selling proposition, which is emphasized not only in terms of Bitcoin but more generally in terms of proof-of-work cryptocurrencies, is that of immutability. "What's once in the blockchain, remains there," some DLT evangelists like to summarize the strengths of a blockchain together. However, if the interested digger digs deeper, he quickly realizes that it is not so easy: the likelihood of a block change, that is, a chain reorganization, becomes less and less likely as the blockchain grows, the overall hash rate and the decentralization of the mining network grows , This decreasing probability is the reason for the rule of thumb that Bitcoin users should wait 6 blocks in a transaction to be sure that this transaction is irreversibly stored in the blockchain.
It turns out, however, that the bill is sometimes too simple. Over a year ago, we discussed the investment case 51 percent attacks. Sites like 51crypto make it easy for attackers to see the cost and available hash rate available. They can estimate whether a 51 percent attack is worthwhile. For Bitcoin an attacker via Nicehash could currently acquire 106 PH / s. The global hash rate of Bitcoin is currently almost 78,000 PH / s. With what can be acquired via Nicehash, an attacker does not get very far. This may look different with other cryptocurrencies, but with large proof-of-work cryptocurrencies like Bitcoin or Ethereum, everything looks safe at the moment.
Front running, gold finger, censorship – attacks before a block formation
However, it looks significantly more uncertain when forming the blocks. Recently, Judmayer et al. presented in a paper various attack vectors that do not require rewriting the blockchain. They are correspondingly much cheaper: You only need to find miners who are bribable. As Binance's thoughts of bribing miners after the recent hack show, this is not an irrational thought.
In particular, the above-referenced paper identifies various attack vectors that do not require chain reorganization. Thus, the attacker needs well less than 51 percent of the total hash rate, so that the attack on a block chain network is much cheaper. The paper was quoted as alarmist in the social media. Are proof-of-work cryptocurrencies like Bitcoin safe at all?
To get to the bottom of it, let's take a closer look at these "cheap" attacks. In this article we would like to briefly consider how dangerous these are and how to detect such attacks. We focus on attacks that apply to all proof-of-work blockchains.
Front running is described in the paper as a form of attack. Ultimately, however, it is simply a consequence of the toll market in a proof-of-work consensus. In frontrunning, the attacker has an incentive to accommodate his own transaction in a block as early as possible. He does that by a high fee. Strictly speaking, as Christian Decker said in an interview, there is something about Lightning network-related on-chain transactions. These are sent with a significantly higher fee particularly lucrative in the network of Bitcoin. The Paper introduces pay-to-win attacks as particular examples of such front-run attacks. These are ultimately frontrunning attacks, which are controlled by a smart contract. In part, this happens across different block chains. In all those cases, front-run attacks are recognizable by the emergence of particularly high transaction fees.
One of those attacks is the Goldfinger attack. This attack aims to question the use case of a cryptocurrency. For this purpose, miners are bribed to mine only empty blocks, so that no more transactions leave the Mempool. Gold finger attacks may be evil, but are easily recognizable: You just have to analyze whether a mining pool currently finds only empty blocks. Empty blocks were actually a problem at Bitcoin a few years ago.
However, some attackers are not just talking about empty blocks, but about controlling the block contents. This should happen via a censorship attack. A mining pool with less than 51 percent of the hash rate, therefore, captivates other mining pools and asks them to withhold their blocks. So the first mining pool can determine what's coming into the blockchain and what's not (yet). In the ethereum network, by taking advantage of the so-called uncles this attack will be significantly cheaper than a 51 percent attack. The attacker exploits that Uncles – valid, but a bit too late found blocks – also get a, albeit smaller, Mining Reward. Also this attack is easily recognizable: One will see, which miner constantly generates blocks. In the Ethereum network you can also track the Uncles.
Bitcoin and Ethereum – vulnerable, but still safe
As described above, several people have received the paper quite alarmist. It turns out, however, that the attacks pose no real danger. The transparency of the blockchains of, for example, Bitcoin and Ethereum help to quickly detect such attacks. They only point out that the acronym DYOR still applies: It is worthwhile to observe with alert eye what actually happens on the blockchain used.
Be sure not to miss any important news related to Cryptocurrencies! Follow our news feed in the way you prefer; through Twitter, Facebook, Telegram, RSS or email (scroll down to the bottom of this page to subscribe). Bitcoin never sleeps. Neither do we .