Today: Is Ethereum Classic under a Fatal 51% Attack?

On January 6th and 7th, Ethereum Classic’s team, through their official Twitter account, indicated that an attack on the blocks of ETC’s Blockchain had probably taken place.  It was an attack in the form of a misguided reorganization of the chain with the goal of obtaining illicit gains. The following messages were published regarding the possibility of being under attack.

“Chinese blockchain security firm SlowMist sent out an alert that the Ethereum Classic (ETC) network might have been targeted by a 51% attack… We are working with Slow Mist and many others in the crypto community. We recommend exchanges and pools significantly increase confirmation times (400-4000+)… Regarding the recent mining events. We may have an idea of where the hashrate came from. ASIC manufacturer Linzhi confirmed testing of new 1,400/Mh ethash machines #projectLavaSnow – Most likely selfish mining (Not 51% attack) – .”

“Double spends not detected (Miner dumped blocks)… Regarding @coinbase account of recent events: it allegedly detected double spends but unfortunately did not connect with ETC personnel regarding the attack. This is still very much an ongoing process… To be clear we are making no attempt to hide or downplay recent events. Facts are facts and as the situation develops we’ll soon get a full picture of what actually took place. Linzhi is testing ASICS. Coinbase reported double spends; both may be true. In time we will see.”

The so-called 51% attack —one that is highly feared by many engineers in nascent or relatively weak Blockchains— is in fact a malicious reorganization of the last blocks of a Blockchain.  A Blockchain is controlled by many nodes, indeed hundreds or thousands. Each node can broadcast to the rest of the network one version of the Blockchain thousands of times per hour.  If one of the them broadcasts a chain longer than those of the other nodes —this means a chain with more blocks, the longer chain — is accepted by the rest as the “new truth”, as the most recent version of the Blockchain.

This is one of the most important rules of Decentralization: “LONGEST CHAIN WINS”. The proper operation of a Blockchain as Satoshi Nakamoto envisioned it depends on this rule, particularly if one is talking about Blockchains that process via algorithms of Proof of Work (PoW).  One of the reasons for the LONGEST CHAIN WINS rule is that in PoW systems, having even one extra block in one’s chain implies that one has “worked” more than the other nodes. In other words, one has done more mining. This also means that one has already registered the most recent transactions.

51% attacks are based on the same mechanisms that use the rule, LONGEST CHAIN WINS.  Nodes are miners and each miner must do work to add blocks to the chain. The type of power that is required by this work to create blocks is called HASH POWER (the number of “hashes” that the system can emit per second).  The miner who has more hash power will exhibit more possibility to create blocks. And if it can create more blocks, then it has more capacity to establish the truth of the system allowing it to make the chain longer.

If a miner has a lot of hash power, it can beat many other miners, and there will always be some miner that is more powerful than another.  However, if a miner can get a degree of power equal to 51% of all the hash power of the Blockchain, then it would be physically impossible for anyone to beat it.  No one would be able to have more power, as a result this miner will be able to continue creating blocks making the Blockchain grow. The new blocks that are going to be written by this super miner could decide to print false information into the blocks, like allowing them a double-spend.

What this super-powerful malicious miner would be doing is literally reprogramming the Blockchain to suit their purposes.  This evil miner could then use their supreme power to establish the truth within the system (at least for some limited time until it is identified) in order to make payments with their coins and reuse them more than once.  This is usually called the double-spend problem. The criminal miner could also use their coins to make purchases, and after the seller verifies the payment the miner could erase the transfer from the Blockchain and recover all their coins.

In the case of the Ethereum Classic blockchain, according to the statistical data of ETCSTATS.net, the total Hash Power is a little more than 8.5 TeraHash of power (that is a total power of 8,500,000,000,000 hashes per second). If you compare this power with that of Bitcoin which is over 39 million TeraHash, you can think that the total power of Ethereum Classic Network is very low.  The engineers think that it is possible for someone to get an amount of hashes per second equal to 51% of 8.5 TeraHashes.

The 51% attack is considered near impossible for Bitcoin, but it is evident to experts that it is not unthinkable for Ethereum Classic.  It is still a question to be answered if someone really was able to gather this level of superpower in ETC’s Blockchain and if this miner has acted in a malicious way.  As can be seen in ETC’s official announcement, it is not completely clear yet if the Blockchain has really undergone a 51% attack.

Some Tweets have indicated that everything is probably alright with one recommending that Exchanges should increase the number of confirmations needed to accept a transaction in ETC.  This recommendation applies to miners and regular wallet users too. Increasing the number of confirmations needed to accept a transaction as valid is the safest way to eliminate danger during a potential 51% attack.

With multiple confirmations and the analysis of the network, the malicious miner could actually be identified and the manipulation could be corrected.  This means that even if a miner with 51% of the whole power of the system prints false data onto the Blockchain, the rest of the nodes can detect this wrongdoing later and correct it by isolating the bad actor under the more powerful rule of “the chain that is chosen by the majority of the nodes beats other chains”.

Recently, an article by Donald McIntyre was published in Medium and it has been cited by the official Twitter account of Ethereum Classic.  According to this author, what has happened this time is in fact a 51% attack by a pool of miners —“The attacks by private pool 0x3ccc8f74”—  and there are ways to overcome its effects: “the current attacks ETC suffered are not a function of a flawed internal design or a ‘hack’ to the system. It was a double-spend mining attack and a breach of security which is a formal assumption in its design, which is vulnerable to 51% attacks, as in any other proof of work blockchain, including Bitcoin.”

McIntyre also expressed that, “I think that continuing to build the stack as planned (a secure PoW base layer, with layer 2 sidechains, plus developer tools, continuous efficiency gains and adding of new features in the long term) will get ETC closer to the long term vision of a blockchain perfectly suitable for secure decentralized computing… With the above in mind I think the best path is to explore a mining algorithm change to put ETC in a unique, incompatible PoW niche.” (source).

Ethereum Classic is a Blockchain that is known for its efforts to represent and protect the most original ethical values associated to the existence of Blockchains: Decentralization, immutability and fair distribution of wealth, among others.  In this respect, it is one the Blockchains closest to Bitcoin’s ideals. For many Blockchain developers, Ethereum Classic represents an example of integrity and loyalty to Satoshi’s original vision, even for many who are not involved in the project.  ETC has many investors and fans, all of whom are now crossing fingers wishing the best to this exemplary project.

GCN will continue to monitor the situation and provide updates as they become available.