After Second Double Spend Attack, Ethereum Classic's Future Is in Question
Two reorgs in one week puts Ethereum Classic in hot water.
- Etherfly notified the public that a malicious entity gained 51% control over the blockchain and changed the contents of over 3,800 blocks twice since August 1.
- The first attack resulted in a direct double spend, with the attacker recording a gross ROI of 27x.
- The Ethereum Classic community must band together to fix the situation or risk a permanently erosion of trust in the blockchain.
Share this article
A second reorg attack hit the Ethereum Classic blockchain in the last week. After two consecutive blows to the blockchain’s immutability, the community needs to rally to find a viable solution to restore trust in the blockchain.
Ethereum Classic’s Low Hashrate PoW Networks
Today, the Ethereum Classic chain suffered from its second blockchain reorg in five days. The order and contents of over 4,000 blocks were shuffled around.
On Aug. 1, Ethereum miner Bitfly tweeted that Ethereum Classic was experiencing longer block times than usual because nodes stopped syncing. A short while later, Bitfly stated that the blockchain was experiencing a 51% attack, and 3,693 blocks were reorganized.
Bitquery, a blockchain data firm, told Coindesk that an attacker double-spent $5.6 million worth of ETC from the Aug. 1 attack. To pull this off, the attacker spent $204,000 to rent enough hash power to have 51% of the network – an ROI of 27x.
When a blockchain is hit by a reorg attack, it allows a hacker to remove transactions previously confirmed transactions, changing the state of the blockchain. This enables double-spend attacks as a malicious entity can spend coins at one place, reorg the blockchain to remove those transactions, and have their coins back in their address.
Standard protocol is for exchanges to disable withdrawals and deposits to ensure bad actors cannot make off with their loot.
But Bitquery says that the attacker was able to cash out through OKEx by planning in advance. The attacker sent funds to OKEx, cashed out, and then reorganized the blockchain to erased the transaction where they sent ETC to OKEx. Hence, the attacker was able to cash out their original stack but also wound up with their tokens again by deleting the transaction.
Ethereum Classic is the original chain from which Ethereum was forked in the aftermath of the DAO hack. The core difference between Ethereum and Ethereum Classic is immutability, as supporters of the original variant didn’t want to fork away from the mistakes.
However, most financial and intellectual resources followed Ethereum.
Vitalik Buterin, a co-founder of Ethereum, suggests Ethereum Classic should move to Proof of Stake to reduce the probability of double-spend attacks. The community, however, has been strongly opposed to this and wants to remain on Proof of Work.
ETC should just switch to proof of stake. Even given its risk-averse culture, at this point making the jump seems lower-risk than not making it.
— vitalik.eth (@VitalikButerin) August 6, 2020
The reorg incidents mean Ethereum Classic is no longer immutable because data on the blockchain has been changed forever. The next few weeks will be pivotal in determining how the Ethereum Classic community moves forward.