Etherium Classic Hack: Could Bitcoin Suffer a Similar 51% Attack?
Ethereum Classic double spending is thought to have involved more than £350,000 in cryptocurrency.
Open-source, public, blockchain-based distributed computing platform, Ethereum Classic (ETC), was hacked on the 5th of January using a rare 51% attack.
Such an action is an attack on a blockchain by a group of miners controlling more than 50% of the network’s mining hashrate, or computing power.
The attackers would be able to prevent new transactions from gaining confirmations, allowing them to halt payments between some or all users. They would also be able to reverse transactions that were completed while they were in control of the network, meaning they could double-spend coins.
With the ETC attack, a hacker was able to control about 60% of the mining power, creating a longer blockchain that enabled them to double spend.
The breach was spotted by digital currency exchange Coinbase 24 hours later – the exchange identified 12 instances of double-spending on the Ethereum Classic network.
This led to Coinbase, along with other indexes, temporarily suspended trading on Ethereum Classic, which is thought to be the world’s 18th-largest cryptocurrency.
The hacking of cryptocurrency wallets is not unheard of, but this attack was different because the attackers targeted the actual blockchain, rewriting what was thought to be the permanent ledger of transactions. Cryptocurrency developers had theorised that such attacks could be possible but it has only recently become a reality.
Nicholas Weaver, UC Berkeley ISCI professor, says the main factor is the speed at which cryptocurrency miners consume electricity. The more costly it is to mine a block, the pricier it is to outspend honest miners enough to gain control.
Weaver estimates that the Bitcoin network consumes roughly £235,000 of electricity per hour, while Ethereum Classic consumes about £3,900 per hour. Smaller cryptocurrencies, therefore, are at greater risk of a 51% attack.
Waver told The Verge: “Any coin not burning $100,000 (£235,000) per hour should probably be considered insecure in the face of attackers, and should not be supported by any exchange. That Coinbase supported a coin that has just $5,000 (£3,900) per hour of protection is negligence.”
But Nir Kabessa, president of Blockchain at Columbia University, believes the hack also shows that attacks on the larger cryptocurrencies are no longer out of reach.
He said: “Now that it’s clear it’s much cheaper to 51% attack supposed top tier projects than many might have assumed, how long until trading is halted among notable exchanges? ETC’s value was supposed to be in its absolute immutability. It certainly isn’t immutable anymore, which may compromise its mission and change the community’s definition of immutability.
“If and when Bitcoin is 51% attacked, the distributed ledger community at large should consider a deep re-evaluation of proof-of-work’s security profile. However, coordinating attacks on those larger, cornerstone networks would be orders of magnitude more difficult.”