Slashdot Mirror
Blockchain's Once-Feared 51% Attack Is Now Becoming Regular (telegra.ph)
Monacoin, bitcoin gold, zencash, verge and now, litecoin cash. At least five cryptocurrencies have recently been hit with an attack that used to be more theoretical than actual, all in the last month. From a report: In each case, attackers have been able to amass enough computing power to compromise these smaller networks, rearrange their transactions and abscond with millions of dollars in an effort that's perhaps the crypto equivalent of a bank heist. More surprising, though, may be that so-called 51% attacks are a well-known and dangerous cryptocurrency attack vector. While there have been some instances of such attacks working successfully in the past, they haven't exactly been all that common. They've been so rare, some technologists have gone as far as to argue miners on certain larger blockchains would never fall victim to one.
The age-old (in crypto time) argument? It's too costly and they wouldn't get all that much money out of it. But that doesn't seem to be the case anymore. NYU computer science researcher Joseph Bonneau released research last year featuring estimates of how much money it would cost to execute these attacks on top blockchains by simply renting power, rather than buying all the equipment. One conclusion he drew? These attacks were likely to increase. And, it turns out he was right. "Generally, the community thought this was a distant threat. I thought it was much less distant and have been trying to warn of the risk," he told CoinDesk, adding: "Even I didn't think it would start happening this soon."
The age-old (in crypto time) argument? It's too costly and they wouldn't get all that much money out of it. But that doesn't seem to be the case anymore. NYU computer science researcher Joseph Bonneau released research last year featuring estimates of how much money it would cost to execute these attacks on top blockchains by simply renting power, rather than buying all the equipment. One conclusion he drew? These attacks were likely to increase. And, it turns out he was right. "Generally, the community thought this was a distant threat. I thought it was much less distant and have been trying to warn of the risk," he told CoinDesk, adding: "Even I didn't think it would start happening this soon."
For every motherfucker out there with a computer, there's another motherfucker out there with a computer.
The strategy for hacking blockchain is no different from hacking anything else: Learn the theory then apply the theory.
It little behooves the best of us to comment on the rest of us.
That's not an attack vector, that's using the rules to your advantage. The designers expressly adopted a design rule that says that "51% of the current computing power dictates reality." The designer may not have intended for any one group to amass 51% of the current computing power, but intending that nothing "bad" will ever happen is not sufficient in engineering, contracts, law, or any other aspect of human endeavor that has evolved to survive contact with the real world.
A bunch of people who want to make money using blockchain technology are become quite ticked off that a group of other people who want to make money using blockchain technology are using that blockchain technology as expressly designed to take their money.
Thankfully the article seems to be focused on improving the designs rather than demands that governments intervene in these "government not welcome" currency projects.
The main potential gains from a 51% attack are (1) trashing of a blockchain, primarily reducing its credibility, or (2) double (triple?) spending.
Basic theory assumes that the financial advantage of playing nice and mining is greater than can be achieved from the above.
I would like to see the math on that. Because, in theory, I could get a loan of a bunch coin, rent enough computing power for a 51% attack with that coin, short the coin, double (triple?) spend the coin, and then buy the coin I need at a reduced price after the market responds to the shock. Bitcoin itself may be too big to attack in this manner at this moment in time, but...
I cannot speak to all blockchains, but the basic theory makes assumptions that hardware is a sticky and expensive thing, so the weight of many servers already dedicated to a blockchain will be too high a barrier to scale.
The new world may utterly crush those assumptions because: (1) there is a large and growing ecosystem of efficient blockchain mining machines that will happily and quickly work on another blockchain for the right fee, (2) that ecosystem is rapidly growing and well beyond the scope of any one blockchain, (3) the ability to simply rent one thousand servers for an hour is getting easier and easier, and cheaper and cheaper.