51% Attack on Vertcoin

A 51% attack is an attack on a blockchain by a group of miners who control more than 50% of the network’s mining hash rate, the purpose is not always to double spend cryptos but to bring a crypto or blockchain into disrepute by interfering its integrity. Its easier to perform when you have majority of mining power, so it’s called “Majority Attack” or a “51% Attack”.

Carrying out a 51% attack, a miner will be able to

· Double spend his coins or prevent transactions from being confirmed.

A miner with a 51% attack cannot to do the following:

· Reverse confirmed transactions or create false transactions (that never occurred).

· Steal funds from a certain address or create new coins.

Vertcoin (VTC) is an open-source cryptocurrency created in early 2014 that aims on decentralization, it uses an ASIC resistant proof-of-work mechanism to issue new coins and encourage miners to secure the network and validate transactions. The blockchain for Vertcoin is maintained by a decentralised coalition of individuals who mine using modern graphics cards collectively.

Circumstances of the incident

The Vertcoin (VTC) blockchain was 51% attacked two times one on October 2018 and other On Sunday, 1 December 2019 15:19:47 GMT where 603 blocks were removed from the VTC main chain and replaced by 553 attacker blocks, where 600 blocks is the current confirmation requirement for VTC on Bittrex — from the project’s lead maintainer, James Lovejoy.

During the attack, Bittrex, Vertcoin’s most trafficked exchange by real volume, disabled all the withdrawals on the platform as soon as it became sure that the attack was in progress. During which Vertcoin ranked 194th by market capitalization and boasts a market cap of $12.5 million. Vertcoin is a Bitcoin clone that claims to be ASIC-resistant thanks to hardforks that update the mining algorithm on a regular basis.

The technical details of the issue

Typically, new coins in a network are created by mining computers that compete against one another to find valid hashes by combining multiple hashing algorithms. Each node or computer aims to be the first to discover a new block. Once a miner finds the correct hashing combination, the freshly mined block is added to the blockchain and approved as authentic by the network. So, the attacker, or the person willing to attack the network needs enough hash power to effectively mine blocks on a copy of the network’s chain that runs in parallel with the original.

So, what exactly happened here is the attackers replaced 553 blocks in the blockchain, which resulted in allowing them to reacquire cryptocurrency and double spend them. It allowed them to replace transactions that have been mined in to the blockchain. The attackers were able to prevent new transactions from gaining confirmations and allowed them to halt payments between users.

The mentioned transactions here were invalidated by a single transaction on the attacker’s fork(77864705e247a9df8a427598b874afffc57469f5a79e06215b3d08e3d8c8df61) that had sent 11000 VTC to the (VqqBJ8BLW2q4dpiBTbCSC4PN3DHSKbFUCK) and 24.93491439 VTC to the (3KFkRwvBbZtgBMpm8rPgc5Y545PiesMrdk). This transaction double-spent the coinbase outputs from the attacker’s blocks as well as sweeping the coinbase outputs from the attacker’s blocks. The attacker’s mining address is VmoGb9SRaeTeVYGeoZxWAq71FHSCyPAPbm.

There is high evidence that this attack was carried out using Nicehash’s rented hashrate. The attack was initially discovered by examining the work being sent from Nicehash’s stratum servers, that were sending work for non-public blocks. This is the link of Nicehash miner’s mining software console output displaying the work given for VTC block 1253804 when at the time the public block height of VTC was 1253800.

What the impact of the issue is

During the attacks the miner took more than 50% of the network’s hashpower, allowing them to reorg blocks and double spend coins. The 300-block reorg on Vertcoin’s 1st attack costed more than $100,000 from double spends.

The attacker owns each of the double-spent outputs, and it is unknown to whom the coins were initially transferred before being swept to an attacker address following the reorg. It is estimated that the attacker paid between 0.5–1 BTC to perform the attack based on market price during the attack’s preparation and the difficulty of the blocks the attacker produced. The total value of block rewards earned by the attack is 13825 VTC (0.444 BTC). The reason for the attack is unknown, given that it was unlikely to be profitable based merely on block rewards. Given that the reorg was only 600 blocks deep (Bittrex’s VTC confirmation requirement).

How the issue was addressed.

After being vulnerable to a 51% attack for the 1st time, Vertcoin upgraded its proof-of-work algorithm to Lyra2REv3. The community decided to rebuild in order to address 51% attack vulnerabilities on which they had been worked for nearly two years. During this time, the developers worked persistently to devise, create, test, and deploy an entirely new mining algorithm that would fully disincentivize the use of ASIC hardware on the Vertcoin network, with the support of the core community.

How the issue could have been prevented

To eliminate the risk of a 51% attack, the blockchain can use Proof of Stake (PoS), which is a more secure consensus than PoW. Most affluent users, who are unlikely to carry out the attack, control the PoS incentives. Blockchains, on the other hand, have evolved away from this structure in favour of more decentralised alternatives like Delegated-Proof-of-Stake (DPoS).

According to Mark Nesbitt, a security engineer at Coinbase who identified the attack, stated that the necessity for ‘honesty’ in proof of work remains the key vulnerability to attacks of this kind. Meaning the honesty of more than half of miners is a core requirement for the security of [BTC] and any proof of work cryptocurrencies based on [BTC]. Honest action, in this context, means following the behavior described in its white paper. This is expressed as “security risk” or “attack vector,” but is precisely described as known limitation to the proof of work model.” “Failure to meet this requirement breaks various fundamental guarantees of the Bitcoin protocol including the irreversibility of transactions,”.

Broader lessons we can learn from it.

According to my understanding, a 51 percent attack on a coin’s blockchain for an hour on a coin with a market cap of $500 billion would cost $1,2 million, whereas a 51 percent attack on Litecoin’s blockchain for an hour would cost only $17,712. So, even though Bitcoin is under a 51% attack, the manipulation is unprofitable and makes no sense from a technical or financial standpoint.

Furthermore, while controlling 51% of a blockchain’s hashrate allows for the double-spend of millions of dollars in cryptocurrency, the resources required to carry out such an attack are not inexpensive, making 51% attacks more common on smaller blockchains.