Close Menu

    51% attack with rented mining power, which blockchains are at risk?

    0
    By on News

    The liquidity of the rental capacity market for mining cryptocurrency is growing, and at the same time more and more distinct outlines acquire attacks of 51% using leased hashing capacity.

    In order to remain decentralized, cryptocurrency based on PoW consensus should not allow one side to control most of the total hashing power.

    As the global pool of hashing capacity becomes increasingly liquid, cryptocurrency will have to pass an important test. They must be able to withstand an attack carried out using leased power for their particular algorithm. Otherwise, arbitrageurs may find financially attractive such a method of executing an attack 51% .

    However, there are several obstacles for the 51% attack :

    • Specialized miners. Many devices are optimized for a specific hashing algorithm and switching to another, for example, from SHA-256 to X11, is impossible.
    • Illiquid mining market – most of the global hashing capacity cannot be leased. Therefore, to create significant capacity requires a large preliminary investment. The preliminary cost of the attack is almost always not worth it.
    • Price selection. Cryptocurrencies usually work in such a way as to give preference to bona fide members of the network, giving them stable rewards for actions for the benefit of the whole blockchain. Any attack should outweigh the risk of failure, including loss of mining rewards, loss of reputation, and network damage. Miners tuned to long-term work will not want to deprive themselves of their future earnings by attacking the network, undermining market confidence and causing the price to fall.

    But times are changing. The mining market is becoming more liquid.

    Increased liquidity of the mining rented capacity market

    The market for computer storage devices was once illiquid, but now the situation is completely opposite. The same thing happens with hashing power .

    This is influenced by two main forces :

    1. A long-term increase in cryptocurrency prices will encourage miners to invest in hashing capacity until any additional gain equals value. In other words, if prices continue to grow, then global hashing capacity will increase.
    2. The total percentage of hashing capacity for renting will increase because buyers and sellers benefit from being able to rent and lease accordingly. Separation of functions leads to a higher degree of specialization and increased operational efficiency. That is why equipment manufacturers sell their mining devices and themselves are engaged in mining to a lesser extent. If tenants focus all their time on finding opportunities with the highest return on investment, they are likely to be most successful in terms of generating profit per unit hash capacity. Conversely, lenders can reduce the risk to their business because their rental income is implicitly diversified across the entire hashing algorithm. In this world, lenders can simply focus on leasing relationships, asset utilization and maintenance.

    How much is the rental power needed to attack a specific cryptocurrency?

    The Crypto51 portal calculated how much it would cost to rent enough hashing capacity to attack a specific network for an hour. NiceHash does not have enough hashing power for most large blockchains , so sometimes this figure is theoretically more than 100%. The hashraits are from Mine the Coin, the prices of coins from CoinMarketCap, and the cost of rent from NiceHash.

    A few nuances :

    • The costs indicated for the attack do not include the money you earn in the form of rewards for the unit, so in many cases the costs will be significantly lower.
    • Crypto51 indicates the spot price of those coins that are available on NiceHash. In real life, the more power you rent, the more expensive it will be because of the shift in the balance of supply and demand.

    Coins vulnerable to attack with leased power

    ETP ranks 91 in CoinMarketCap. You can rent up to 21 times the network hash capacity. The cost of the attack is only $ 162 per hour. ETP / BTC and ETP / USD pairs are available on Bitfinex.

    Coins that are not currently vulnerable to attack

    Currently, these coins are out of reach, as the total rental capacity available on NiceHash is not enough to fully attack their networks.

    But let's imagine the likely circumstance that NiceHash can increase the power available for rent by 2 times. Now such coins as ETC (at 18th place in the CMC rating) and BCN (40th place) are 51% easily accessible to attack.

    A five-fold increase in rental capacity threatens such coins as DASH (15th place) and BTG (28th place).

    So if attacks of 51% are possible? How do cybercriminals make money? Fortunately, it is impossible to create a transaction for a cryptocurrency wallet to which you do not have a private key. But by controlling most of the hashing power, you can perform a “double spend attack” by temporarily canceling certain transactions in the registry.

    Double Spend Attack Mechanics

    When the miner finds a new block, he must broadcast it to all the other miners so that they can check it and add the blockchain to their copies. However, unclean miners can secretly create their own blockchain, publishing it when they reach a longer chain than the public one.

    To do double waste, attackers will spend their coins in the true blockchain, but will not add these transactions to their own network. If a corrupt miner can create a longer chain faster than all the other miners in the main network, he can broadcast it to the rest of the network.

    Since the protocol supports the longest block chain, a blockchain published by an intruder can become a de facto true blockchain. The transaction history for the attacker's previous expenses will be deleted.

    Note: if the miner controls 51% or more of the hashing power, this does not mean that he will always have a longer chain. In the long run, it is likely to have a longer chain, but in order to guarantee this in the short term, the attacker will have to control a larger share, for example, 80% of the network hash capacity.

    Options for getting the benefits of the attack 51%

    In order for an attack of double spending to justify itself, it is necessary to find a way to actually extract value from spent coins, otherwise the attack has no economic sense. The most likely place in which an attacker spends his coins is cryptocurrency exchanges , because they are the largest operators of various cryptocurrency tokens.

    Here's what the attack will look like :

    • Choosing a network that looks profitable;
    • The accumulation of a significant number of coins of this network;
    • Renting hashing power through NiceHash and developing your own blockchain branch;
    • Exchange of these coins on the exchange for another liquid cryptocurrency, for example, BTC;
    • BTC withdrawal to another wallet;
    • Broadcast your own longer chain to the network;
    • The return of the original coins after the destruction of the original branch of the blockchain;

    • If possible, the repetition of all actions on another exchange.

    Of course, the exchanges do not like to be deceived. If such attacks become really dangerous for them, they are more likely to react with an increase in the level of security: an increase in the time required for entering and withdrawing large amounts of coins and verifying accounts.

    Another way that exchanges can answer is to start sifting cryptocurrencies that are easily compromised. However, coin delisting also means a reduction in trade and income. In general, for the community, this development is rather positive, because altcoins, which are used exclusively for speculation, do not carry practical value.

    In the end, both are likely to happen. The more difficult it becomes to successfully carry out the attack of double spending, the less money an attacker can afford to spend. In the long run, the balance of these two forces will converge on a certain market equilibrium.

    Altcoins can find new ways to deal with this threat :

    • The use of more complex algorithms for which few miners are suitable. This is the best temporary solution. Fewer miners for the algorithm means that the leased hashing capacity is more difficult to increase.
    • New projects can ensure their security through blockchains of larger networks.

    High market capitalization and low-cost cryptocurrencies are especially vulnerable. Will the market respond accordingly – by reducing the cost of coins with a low level of security? And vice versa, will the market value cryptocurrencies with gigantic mining powers? Most likely, we will know the answers to these questions soon enough, but for now it remains to exercise due diligence in choosing assets for investment and not to chase a quick profit.

    Earlier this month, Charlie Lee said that “all decentralized cryptocurrencies are under attack by 51%,” and a few days before this, information appeared that the Ethereum Classic network was attacked by 51%. In addition, last fall, the “white hacker” began to conduct 51% test attacks on cryptocurrency.

    Publication date 26.02.2019
    Share this material on social networks and leave your opinion in the comments below.

    Share.

    Related Posts