On May 18, 2018, the cryptocurrency industry went into a panic. A post from Edward Iskra, Bitcoin Gold communications director, alerted the market of an imminent 51 percent attack on Bitcoin Gold. The attack was from an unidentified hacker who was using hash power to mount 51 percent attacks. The wording of Mental Nomad’s post was this clear:
“An unknown party with access to very large amounts of hash power is trying to use ‘51% percent attacks’ to perform ‘double spend’ attacks to steal money from Exchanges. We have been advising all exchanges to increase confirmations and carefully review large deposits.”
A 51 percent attack is a situation in which an owner of massive computing resources can take over and alter a blockchain. The attack can allow hackers to thwart new transactions from obtaining confirmations, thereby allowing them to stop payments among users. Additionally, hackers can also reverse transactions and, as a result, create room for the double spending of coins. Such a situation provides hackers with control over cryptocurrency and has the potential of undermining the entire cryptocurrency ecosystem.
Bitcoin Gold Attack? Who Is Safe Then?
Until recently, a 51 percent attack on Bitcoin Gold was unfathomable. However, the attack, which occurs when a hacker gets control of more than half of the systems on a cryptos network and changes transactions on the blockchain, is becoming a harsh reality. The latest assault on Bitcoin Gold is a clear testament to the resolve of the hackers. This week’s hack involving the $740 million Bitcoin spin-off Bitcoin Gold is not the first 51 percent attack within the cryptocurrency industry.
Three 51 Percent Attacks in Two Months
Privacy-focused Verge has suffered three 51 percent attacks that have left pundits and optimists pondering on the security of cryptocurrency investments and transactions. In April, Verge cryptocurrency experienced a 51 percent attack, which resulted in the loss of roughly 250,000 XVG. The response from Verge was a hard fork. Nonetheless, the hackers managed to capitalize on the earlier loopholes to mount another 51 percent attack, which resulted in the loss of 35 million XVG tokens worth over $1.7 million. And the drama did not end there. On May 29, 2018, the latest attack left everyone dumbfounded.
Power of Hash Power and Ease of Double Spend
The Bitcoin Gold and Verge hacks confirm that a 51 percent hack is not just a theoretical concern, as had earlier been perceived, but an existential threat to cryptocurrencies. The advantageous level of computer power facilitates the manipulation of the blockchain ledger, which records the transactions and the spending of the same digital coins repeatedly — double spend.
Large amounts of hash power and double spend took place in the Bitcoin Gold hack. The Bitcoinist website reveals that the digital wallet records show that the hackers attempted several fraudulent deposits in which no money entered the recipient exchange:
“The attacker sends a particular number of BTG tokens to an exchange, trades them for another coin and makes a withdrawal. The hacker then returns those same coins in his/her wallet, hence the double-spending problem. Thus, the attacker can spend and hold the same coins at the same time. Looking at the image above, if all 76 transactions were indeed part of the hack, then the hacker has stolen about $18 million based on the current BTG price.”
But Iskra suggests that it would be expensive for hackers to sustain such an attack for extended periods. Writing on the Bitcoin Gold forum, he averred:
“The cost of mounting an ongoing attack is high. Because the cost is high, the attacker can only profit if they can quickly get something of high value from a fake deposit. A party like an Exchange may accept large deposits automatically, allow the user to trade into a different coin quickly, and then withdraw automatically. This is why they are targeting Exchanges.”
This view flies in the face of the one shared by Hussam Abboud, the managing partner of PDB Capital. In a blog post, Abboud shudders that 51% attacks are increasingly becoming likely since most networks share the same hashing algorithm. Notably, Bitcoin Cash (BCC) and Ethereum Classic (ETC) have hard forked from large networks. Abboud further asserts in a blog in Medium:
“The traditional methodology of calculating the cost of a 51% attack…might be completely off for networks with a total hash rate significantly smaller than others that use the same hashing algorithm.”
Admittedly, sharing the same hash rate provides the flexibility required in switching between the various cryptocurrencies. But it also implies that miners with greater hash rates could raid the smaller networks and mount a 51 percent attack.
The latest attack on Bitcoin Gold has backed-up the views held by Bitcoin and cryptocurrency pessimists. Notably, Robert Shiller, a Nobel Prize winning economist and Yale professor, said on television that Bitcoin is not likely to last for the next one hundred years. He posited at the CNBC interview:
“Bitcoin won’t look anything like it is today. It will have a different name if it exists.”
He further asserted:
“There will have been many hard forks changing it and changing it. And, it’ll be a matter of dispute whether it exists or not.”
After the Bitcoin Gold incident, the developers of Bitcoin Gold acknowledged the inherent risks in a blog post. The post laid down the measures to be put in place to avert the cryptocurrency from future attacks. The article read:
“The recent 51% attack exposes the weakness of cryptos. Theoretically, 51% attack is unavoidable without the compromise of decentralization. The only way to secure the blockchain is to decentralize the hash rate distribution and raise the PoW dominance of the coin.”
Indeed, the 51 percent attack incident on Bitcoin Gold is a crisis scenario that can happen to any other cryptocurrency. Admittedly, the threat has been existential for years. While the chances of the risk dissipating appeared real with most people joining the cryptocurrency bandwagon, thereby making it difficult to control more than half of a network, the growth of mining conglomerates has birthed centralization.
For now, it is not clear if there could be imminent attacks on Bitcoin itself. But for the smaller networks, there is a reason to start worrying about the level decentralization within the industry.