From the beginning of digital currency, defending against ‘51% attacks’ has been the Sword of Damocles hanging over the cryptocurrency system. Last week, the sword over ETC (Ethereum Classic) fell.
On January 6, the SlowMist received information about ‘ETC block rollback anomaly’ but was unable to confirm it for lack of further evidence.
On January 8, the cryptocurrency exchange Gate.io released a report confirming that 51% of the attacks occurred on the ETC blockchain and had been located at the ETC address of the attackers. The report said that there were seven rollback transactions had been detected, four of them by attackers, with a total of 54,200 ETC transactions worth $271,000.
The attack began at 0:40 UTC on January 7 and ended at 4:20 UTC, lasting about 4 hours. During this time, the attackers’ hash rate accounted for over 51% of the ETC network, and all transactions were real and valid. After success, the attackers used hash rate to roll back the ETC blockchain, forcing previously confirmed transfer records to be invalid.
At least 15 suspected double spend on ETC during the day of 5 January solstice 8. According to the Coinbase report, a total of 219,500 ETC suffered attacks, causing about $1.1 million in damage.
In a surprise move, one of the affected exchanges, Gate.io, announced that it had received ETC’s $100,000 in payments from the attackers on January 10. Tracking the transactions revealed that more money was being returned to other platforms.
So far, there has been a lot of speculation about why the attackers launched the attack and what their intentions were. According to Gate.io, ‘Maybe they were trying to draw our attention to the blockchain consensus algorithm and hash rate protection.’
ETC fell in price due to the incident, trading at $4.25.
So, what is the ‘51% attack’? It is known as majority attacks.
It means that if the attacker controls more than 50% of the hash rate in the network, the average time for the attackers to construct a valid block will be less than all the other miners, so that the attackers can create more blocks in a certain period of time, and the longest fork accepted by the network is the final confirmed block. So, the whole blockchain is under their control.
In short, this attack can achieve ‘double spend’ by controlling more than half of the network hash rate. So how do attackers hijack blockchain data when their hash rate exceeds 50%?
Usually, miners mine the blockchain and attackers spend their coins, which are recorded in blockchain data. At this point, the attacker secretly forging another blockchain data, and retransferring their coins from that address to other addresses. Using the hash rate, attackers can compute faster than the rest of the network and fake a longer blockchain.
Although both chains can claim to be correct, there is a longest working principle in the concept of blockchain design: ‘the longest chain is considered to be the main chain with the most work at any time.’
At this point, as long as the attackers published their block data online, the rest of the miners would agree to the attackers’ data and thus reach a consensus. The result is a ‘double spend’.
What was the ‘51% attack’ caused by?
ETC team member Donald McIntyre said they was unable to determine the cause of the 51% attack, but could confirm that the attack was not caused by an internal error, but by the downsizing of the network.
The Gate.io research institute said in the announcement that the essence of the 51% attack on ETC network is the decline of ETC market value and network hash rate, which makes it easy for attackers to rent hash rate to attack ETC.
How to effectively avoid 51% attacks?
Through the analysis of this attack, we know that it is due to the ETC underlying consensus mechanism (PoW). When the total power consumption is too small, the attacker owns 51% of the computing power. Due to its consistency, the fork will inevitably appear at the bottom and the whole chain will be controlled by the attackers.
Currently, blockchain adopts the strategy of increasing the cost of attackers by volume, but this method cannot completely avoid 51% attacks.
Trias uses the small-world network to build a trust network based on TEE trusted verification relationship among consensus nodes. The cost of “lying” by any node in the network requires more than 90% nodes in the whole network to cooperate with it in lying at the same time.
As a result, Trias can resist nearly 90 percent of malicious hash rate attacks.