Ethereum Classic Double Spend Attack?

Yesterday, I warned that double spend attacks were cheap and particularly likely for smaller coins using standard hash algorithms. Coincidentally (?) later that day there was this:

It’s not entirely clear whether that is true or if there is an alternative explanation. Coinbase, however, says that approximately $500,000 was double spent. You can find a good discussion on Hacker News.  You can also find an interesting calculation of the cost of renting enough hashing power to 51% dominate various networks here. It’s cheap. The costs given are underestimates in one respect since they don’t include block rewards but overestimates in another as renting may not always be possible.

Here’s some back of the envelope calculations on the cost of the ETC attack. If I am reading the blockchain stats correctly, ETC has a block time of about 15 seconds and the chain was reorganized almost to a depth of 100 blocks or 1500 seconds, i.e. 25 minutes. The cost of dominating the ETC hasing power for an hour is around $5000. Thus, this attack could have been very profitable, even adding in substantial setup costs. Feel free to write in the comments if these numbers look wrong.

As I mentioned yesterday, it’s not surprising that this is happening now because with massive falls in prices in most cryptocurrencies there is an excess supply of computation. Expect more stress testing this year.

Hat tip: The excellent Jake Seliger.

Comments

Tabarrok should be commended for his heresy. He must know that religionists are unforgiving of heretics.

And a decreasing supply of miners as they exit the business. Fewer miners make it easier to get those magic numbers over 50%. The solution is to look at the number, like Tyler does, but look real time. Your robotic trade does that best, tell it the trade, it can watch, in real time, what is happening o the queue by watching the consent ratio. When that ratio is close to and under 50% a lot, then the system is overloaded, queue jammed, hold off. The key to fintech is price the queues. The better the queues are managed, the more sustainable the trading pit.

I should mention,the recall within timeout function was put into bitcoin by the original,he figured on this and similar problems. There are recipients out there who are falsely told some tales, and instead they need to go through a broker that verifies a ledger entry on your behalf within some time period,or it is cancelled. The broker is a bot, coinbase better have them, or cover the cost.. Fintech needs the timeout queue, instead of an obscure miner congestion problem. Price the timeout queue to stability, everyone knows the insurance cost and tat drives the system toward honesty, always.

Itis mysubject,let me rant about this. Measuring the outof boundersdefinesthe tail of congestion, it defines the minimum inventory capacity you need to sty within bounded error. That timeout queue, the congestion queue make a fee for miners for one reason, it keeps the optimally congested congested and the arb moments for fraud are gone, zippo. A universal principle of finance for yeas, watch the jamming up. Queue is stability is fundamental to the options pricing theories. Miners need to advertise, will block fraudulent transfers, after the transaction,for an increasing fee based on demand up to a time limit. Sell the service.

Word salad

example of deep-learning writing model trained on blockchain white papers?

The real test is going to be if the attackers can actually cash out. will they be able to break even?

Is this result transposable to other situations? If you are a senior executive in a company and the value of your shares are plummetting, are you going to hack the vulnerability of the company for short term profit?

Um, yes, conditional on the (dubious) belief that no one will forcefully object.

Ethereum Classic is a has-been that nobody uses.

How feasible is an attack like this on a serious crypto like BTC, ETH, LTC?

LOL. Serious coins? ETH went from $800 to $80. LTC went from $350 or whatever to $25 or whatever. If that's serious I don't care for serious.

A back of the envelope sanity check:

$5000 / hour to take control of Ethereum means that miners are spending approximately 43.8 million dollars a year. Assuming that they are making money, seigniorage should be at least this amount to make mining profitable, but not much more otherwise the profit opportunity would attract additional miners.

Is it the case?

There are 10 million new ETH issued every year, which at the current exchange rate of roughly $150 are worth $1.5 billion. This is much, much higher than the mining costs of $43.8 million. I don't understand why miners would be so dumb as to underinvest massively. Either my calculation or something else is wrong...

The attach was on Ethereum Classic not Ethereum (confusing, I know). I think ETC issues at same rate as Ethereum but price is $5 in which case your numbers, miners spend $43.8 million to mine total value of $50 million line up almost exactly.

ETC != ETH
Ethereum Classic != Ethereum

This is yet a another reason why blockchains don't really meet anyone's needs. If you trust a company enough to not cheat in the most obvious of ways, you don't need a blockchain, as there are many computationally smart write-only log technologies that beat blockchains by orders of magnitude in throughput per watt. If you don't trust anyone, then you need attacks on the blockchain to be incredibly expensive, and you can only do that with a very small number of very popular chains.

It's a dead end, nonsensical technology, which just happens to be aesthetically pleasing to libertarians. Alex, stop advising blockchain companies, and start using your soapbox for good.

I find it interesting that news of this attack has had no real impact on the price of ethereum today

Can anyone explain why the price of ETC is not at zero given this vulnerability?

Re: crypto51.app -- that uses a specific methodology that doesn't account for a lot coordination costs (again Bitcoin is the exception that proves the rule with respect to how cryptocurrencies are trying to compete). Also regardless of how cheap this, attackers will find it very difficult to cash out as long as exchanges are being smart (which they will be with that kind of money on the line).

Re: falling prices -- this is true and the cheap hardware is undeniable. But with Bitcoin the constant innovation in ASICs results in a turn around in using mining equipment of being viable for ~6 weeks before they are more or less bricks. The fact is also that with so many other chains to attack, why not attack them first before getting to Bitcoin! (which will in turn only make Bitcoin appear safer relative to those coins!)

Re: envelope calculation- the only cost that matters is energy and hashrate. Block time has nothing to do with it. That is just another one of the many ways cryptocurrencies claim to differentiate when it is really just a red herring.

Comments for this post are closed