Source: Bits Online, originally published on .
The Vertcoin blockchain was hit with a burst of 16 orphaned blocks on October 12th, with the spike apparently resulting from a deliberate chain reorganization. If true, the episode would serve as another reminder that many smaller cryptocurrency projects are particularly vulnerable to 51 percent attacks for now.
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
Acute Flurry of Orphans Suggests a Reorg
Yesterday, the Vertcoin blockchain experienced an unusual spike in orphaned blocks on the day, suggesting a cheap 51 percent attack had occurred.
Orphaned blocks can happen naturally when miners discover a block simultaneously, thereafter setting off a zero-sum competition for that block’s fees.
But, beyond double-spend attacks, chain reorganizations — or chain reorgs — are also a hallmark of 51 percent attacks, wherein a malicious agent or group takes over a majority percent of a blockchain network’s collective hashrate in order to exert its will freely upon it for financial gain.
Specifically, a malicious chain reorg occurs when a 51 percent attacker enforces their own “difficultywise-longest well-formed blockchain,” as Bitcoin Wiki puts it, that accordingly “excludes one or more blocks that [a] client previously thought were part of the […] blockchain. These excluded blocks become orphans.”
And the deeper the reorg, the deeper the possible damage, insofar as a wider scope would mean more long-since confirmed transactions being jeopardized in favor of the transactions composed in the attacker’s desired blocks.
As for the Vertcoin spike at hand, it consisted of 16 orphans, with 15 exclusions in a row having happened between block height 1015238 and 1015253. That scope is shy of catastrophic, of course, but that’s saying nothing of the potential for future, deeper reorganizations — not even just in Vertcoin, but in smaller cryptocurrency projects in general.
Ease of Attack Doesn’t Bode Well
When it comes to network security in the cryptoverse, Bitcoin is the obvious bellwether, as it has the most miners actively securing it. That dynamic makes it incredibly expensive and resource-intensive to perform a 51 percent attack against BTC.
Smaller cryptocurrencies like Vertcoin who don’t enjoy similarly robust networks are low-hanging fruit to attackers who are willing to spend in order to temporarily commandeer a cryptocurrency.
As Lightning Labs Infrastructure Lead Alex Bosworth noted on Twitter earlier, it would only cost a few hundred dollars under present conditions to launch a 51 percent attack against Vertcoin for an hour.
It’s really risky to build anything decentralized on top of a centralized or weak consensus system. You expose yourself to theft or censorship. Vertcoin just had a 16 block reorg. https://t.co/C8K6OBO1kn Estimated cost of an attack for an hour reorg? $400 https://t.co/pyKmDyuiQF
— Alex Bosworth ☇ (@alexbosworth) October 13, 2018
For that figure, Bosworth cited crypto51, a website Bitsonline profiled back in May that allows users to track how easy it would be to try and commandeer various blockchain networks based on real-time conditions. By press time, Vertcoin’s 1h Attack Cost per crypto51 had risen up to $567 USD, but even still, that sum poses no serious obstacle.
The simplest way to improve security for smaller Proof-of-work projects is to boost the amount of mining being performed. But there are alternatives too. For example, former Bitcoin developer Gavin Andresen previously outlined an alert system that would’ve prevented Bitcoin clients from automatically accepting “long, surprise forks.”
Therein, Andresen wrote:
“A very deep chain re-organization (hundreds of blocks deep) would be a catastrophic events for Bitcoin– causing, at the very least, huge problems for exchanges that would have to deal with deeply confirmed transactions that were suddenly invalid. Refusing to automatically re-organize onto a chain more than a few blocks deep would prevent that catastrophe.”
What’s right or unused for one project may not be right for another. But such an alert system might be something worth taking a look at for smaller projects that are concerned they can’t make hashrate materialize quickly enough in the interim.
What’s your take? How should the Vertcoin community approach this reorg incident? Let us know in the comments section below.
Images via cryptoID, Pixabay