The prospect of 51% attacks on Proof of Work cryptocurrencies is on the rise, and a threat for which the cryptocurrency community is woefully unprepared.
“The traditional methodology of calculating the cost of a 51% attack…might be completely off for networks with a total hashrate significantly smaller than others that use the same hashing algorithm”, said Hussam Abboud, the managing partner of PDB Capital – a crypto orientated VC firm based in Brazil’s Sao Paulo.
According to his blog post published on Medium, Abboud argues that 51% attacks are far more likely because many networks now share the same hashing algorithm, especially cryptocurrencies like Ethereum Classic (ETC) and Bitcoin Cash (BCC), that have hard-forked from larger networks.
Although this gives flexibility in switching between different cryptos, it also means that miners with larger net hash rates could easily move into smaller networks and successfully stage a 51% attack.
“Miners are free to shift their hash rate to somewhere else in 20 minutes”, Abboud told Crypto Briefing, who also said that the danger could well come from mining pools, which have many miners that have high concentrations of hashing power.
“Inside pools, such as BTC.com and Antpool, are many miners with a large number of rigs, but they aren’t married to the pool, and those with a sizeable hash rate could easily spin-off to another network”, said Abboud.
51% attacks could only be a ‘matter of time’.
Cryptocurrency mining has become big business with the rapid growth of mining pools where miners join together to combine their hashing power and mine more blocks, sharing in the reward.
Many of the large cryptocurrencies, such as Bitcoin and Ethereum, already have a large number of pools that take up the majority of the network’s hashrate.
According to data collected from the software development platform, Blockchain, Antpool, Slush, BTC.com currently take up just under 52% of the hashing power for the Bitcoin network.
For a long time, the PoW consensus has long been defended as a workable model because the high upfront costs of buying and running the required number of mining rigs needed to stage a 51% would be prohibitively expensive.
Even if a miner was able to accrue such a high percentage of hashing power, the collapse in the network’s value following a consensus attack as investors hurriedly sold their coins would provide little incentive: known as the Nakamoto consensus.
However according to Abboud, the increasing sophistication of the sector and variety of products now on offer means that it is now possible to profit from a coin’s decline, highlighting that there are now prediction markets like Augur and Gnosis, as well as exchanges such as Poloniex, Kraken and GDAX that enable users to effectively short coins.
“Its just a matter of time before an investor gets in touch with a sizeable miner and rents their hashrate so as to stage an attack”, says Abboud.
On the Verge.
Last week, the privacy coin Verge (XVG) experienced a 51% attack against its network, with a mining party invalidating legitimate blocks and using fake timestamps to trick the network and enabling the attacker to successfully mine an estimated 35m XVG tokens in the space of a few hours.
Since then, the price of XVG has taken a hit, with approximately $100m being wiped from its market cap by Tuesday. Verge experienced a 51% attack back in April and since then the network has lost over half of its value: there are reports – still unconfirmed – that Verge was attacked yet again in the last couple of days.
Although Abboud says there is a threat from parties within mining pools, he doesn’t see the threat coming from the big names themselves.
“I personally believe that big well-known mining pools will have difficulty doing this type of attack on smaller networks, despite the fact that they have the ability, as they may not wish to risk their reputation”, says Abboud.
“However all networks have private mining pools: you can see their address and hashrate but they aren’t open to the public like traditional ones. These miners don’t have a reputation to worry about, as they can attack anonymously”.
Although there has been a rise in the number of new coins that utilize a Proof-of-Stake (PoS) consensus model, which doesn’t require mining, the market share for PoW coins is still well over half the value of the entire market.
Bitcoin uses the SHA-256 hashing algorithm, which is also shared by Bitcoin Cash, a coin currently with a $17bn market value, according to CoinMarketCap. Similarly, Ethereum’s Ethash is also used by Ethereum Classic, currently valued at $1.5bn.
Mining has come against intense scrutiny, it is rapidly becoming a centralized and an environmentally costly operation. However, if its effectiveness to securely confirm transactions is fundamentally questioned, then the era of ASIC rigs and overheated converted guestrooms may rapidly be coming to an end.
Like all technology, it doesn’t take long for something to surpass it. The telephone replaced the (original) telegram; wired-connections were surpassed by broadband; horses finally lost the race to automobiles.
As investors begin to worry about the potential security risk associated with PoW cryptocurrencies, so will they start fleeing to safer alternatives. In the end, Proof-of-Work may prove to be unworkable.
Disclaimer: This author holds BTC and ETH which are mentioned in this article.