Ethereum Classic Stakeholders — Critical Security Release to Prevent 51% Attacks

Ethereum Classic Labs
Oct 1 · 3 min read

Ethereum Classic is implementing a 51% attack solution called “MESS” (ECIP-1100) (Modified Exponential Subjective Scoring). Participating core developers and community members have accepted MESS. It has been successfully activated on the Mordor Testnet and passed rigorous stress tests and simulated attacks. MESS will immediately help secure the ETC Network, protect mining rewards, and protect exchanges from possible double spends, so that they can enable deposits/withdrawals and reduce confirmation times.

How does MESS work?

It prevents attacks by making large block reorgs up to 31x more expensive, removing any profit motive. MESS does this by forcing large reorgs to have significantly greater difficulty and common ancestor time. More information can be found, here.

Implementation Schedule

  • MESS successfully completed “Messnet” testing for simulated attacks on 28 September 2020
  • The Mordor Testnet successfully activated MESS at block 238_000 on 28 September 2020
  • Ethereum Classic Mainnet activation is scheduled at block 11_380_000 (estimated for 10 October 2020). This will be included as a Core-Geth configuration default for ETC Mainnet from release v1.11.15 and beyond.

As a Miner, Exchange, or other ETC service provider, what do I need to do?

To ensure maximum network security, download the most recent version of node software:

After block 11_380_000, MESS will be activated by default for Ethereum Classic Mainnet and Mordor testnet. All you need to do is upgrade. It is also possible for node operators to activate MESS immediately in Core-geth v.1.11.15. To do so, use the command line flag: — ecbp1100=1 (or any past block number).

NOTE:

  • The MESS Security Feature does not require a hard fork. However, nodes that do not upgrade will not be protected from a 51% attack.
  • The MESS Security Feature is ONLY AVAILABLE in the Core-Geth client.

Support

Attention Besu, Multi-geth Parity-Ethereum, OpenEthereum, and Geth-Classic consumers

  • Hyperledger Besu/ Multi-geth do not have the MESS Security Feature. The Besu team is working to add the MESS security feature in the future.
  • Parity Ethereum, OpenEthereum, and Geth-Classic are deprecated clients. The development teams have stopped actively supporting updates. If you are currently running one of these clients, you will need to switch to Core-Geth to be protected by MESS and for continued development and support.

Learn More about MESS

Sign-up to ETC Signal 📡

ETC Signal is a newsletter for only important network events such as; hard-fork updates, security alerts, and must-know news that impacts Ethereum Classic consumers.

DISCLAIMER This is an emergent and evolving highly technical space. If you choose to implement the recommendations in this post and continue to participate, you should make sure you understand how it impacts you. You should understand that there are risks involved including but not limited to risks like unexpected bugs. By choosing to implement these recommendations, you alone assume the risks of the consequences. This post and recommendations are not a sale of any kind and do not create any warranties of any kind including but not limited to any relating to the Ethereum Classic network or the Ethereum Classic clients referred to herein.

etc_core

ETC Core

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store