Solutions for ETC 51% attack from Multichain
Ethereum Classic (ETC), developed from the community that insisted on the decentralization of blockchain and did not compromise to hard fork during the DAO attack in mid-2016, is an important ecology in blockchain field.
Due to the imbalance in the distribution of POW mining power between chains, ETC has suffered several 51% attack in its history, victims mainly centralized exchanges, resulting in about $5 million losses. Currently, under the background of ETH switching to POS from POW, there must be a large scale migration of original POW mining power, which may bring great risk of 51% attack to ETC.
Multichain, as the official cross-chain bridge in the cooperation with ETC, has analysed the security factors of the whole process, established the corresponding measures, and stick to the point that security guarantee of user assets is the first task.
(1) what is 51% attack?
Since bitcoin, the blockchain consensus mechanism is a probabilistic model that relies on the honesty and integrity of most miners, then reach consistency for the data on chain. In contrast, if more than 51% of miners agree with the wrong data, the data can be successfully minted under this model.
51% attack can be considered as fraud of the attacker against the victim. Specifically, after an attacker receives payment from a counterparty, he intensionally mints blocks on a forked chain (on which chain, not including the attacker’s transaction, but does including the victim’s payment). Depending on his POW mining power bigger than 51% of the whole network, will make the original normal lastest chain segment invalid, so that the forked chain into the main chain, resulting in the situation that the attacker’s original transaction not on chain, but victims’ payment transactions on chain, finally, attacker achieved the goal of profit fraud. A schematic of 51% attack is shown above.
(2) why is ETC vulnerable to 51% attack?
ETC has experienced three 51% attack in its history, most of them on centralized exchanges, with about $5 million losses, which were successfully carried out by the help of Nicehash.com platform to buy mining power, detailed information of the above three attack are as follows.
The technical background to 51% attack vulnerability of ETC is that both ETH and ETC using the same mining algorithm Dagger-hashimoto, and miners can select mining assets arbitrarily between either chains.
More importantly, mining power is distributed with a great imbalance between chains. As of Sep. 10th 2022, mining power on ETH is approximately 873.1Th/s, while that on ETC is only 50.7Th/s, a difference of nearly 16 times, which means that, only at most 1/16th of the ETH’s power switching to ETC, can carry out a successful 51% attack.
At the same time, the distribution of POW mining power of ETH is relatively centralized, most of which are controlled by a few top pools, which means that a single pool on their own decision can launch a 51% attack on ETC, and there are as many as five such pools having the ability right now, see the below chart for details.
In the background of ETH switching to POS from POW, POW mining power will have a large scale migration, on which there is more like a 51% attack opportunity, and can not but attract our attention.
(3) countermeasures for 51% attacks, MESS protocol
MESS protocol, called Modified Exponential Subjective Scoring, was originally proposed by Vitalik and improved by Luke Williams and Isaac Ardis, aiming to address the 51% attack that has happened several times.
MESS protocol is based on the principle of “Small Forks are beneficial, but Large Forks are suspicious”. MESS protocol increases the cost of 51% attack through a penalty mechanism that is proportional to the length of the forking chain, after that, the profit and cost of implementing an attack are not matched, so attackers back down.
The core of MESS protocol is the TD (total difficulty) penalty function, which has a curve shape as shown in the figure below, where the horizontal coordinate is the distance between the current block time and the common ancestor block time, that is, the length of the forking chain, the vertical coordinate is the TD penalty times, with a minimum value of 1 and a maximum value of 31. The forking chain mining power needs to satisfy the given penalty times before it can be accepted by the other nodes.
Thus, when nodes select between local chain and forked chain, they will pay more attention to local chain and choose forked chain carefully. For more information about the MESS protocol, can refer to the ECIP-1100 specification. After adopting the MESS protocol, the cost of 51% attack increases obviously, also, that increases proportional to the length of forking chain.
(4) views of ETC 51% attack from Multichain
Multichain, as the official cross-chain bridge in cooperation with ETC, sticks to the point that security guarantee of user assets is the first task. For the situation that ETC is vulnerable to 51% attack, the security team has studied, analyzed and researched it in detail, established the corresponding security model and countermeasures, which can be briefly summarized as, setting an arrival delay for ETC-related cross-chain transactions, and that delay is in the secure scope of the corresponding ETC TVL according to MESS protocol.
Different from the centralized exchange, the cross-chain bridge has the characteristics of high privacy, fast and efficiency, it does not need KYC (know your custom) for the end users, and the service objects are individual addresses, so it is difficult to ensure security through single transaction limit. Also, a cross-chain transaction contains the source chain transactions and target chain transaction, the whole transaction usually completed within 2–5 minutes, in such a short period, the attacker can easily spread the funds to different addresses, then send them across chain, and MESS protocol is difficult to play a role.
After careful analysis and research, the security team decided that for all the ETC-related cross-chain transactions, set an arrival delay and the length of that delay is in the secure scope of the corresponding ETC TVL, that is, to ensure the absolute security of funds, detailed delay information can refer to the following table.
Should point out that the setting of arrival delay for cross-chain transactions, will affect the cross-chain convenience from a certain degree. But relative to the security of user assets, we think this can be compromised, and considering the fact that the arrival delay is set for all users, that is, all users stand on the same starting line, the corresponding effect is acceptable.
(5) conclusion
Security for cross-bridge is a complex and challenging problem in current multi-chain world, which is closely related to every chain, every token and every community, and each security factor among above systems can easy transmitted to other parts, may leading to a overall security risk.
Multichain’s solution for ETC vulnerable to 51% attack, is based on the principle of the security of user assets first, and Multichain has been working on establishing a sound and strong security prevention mechanism, only after ensuring the security of user assets, the vision of building the ultimate router for multi-chain world can be achieved.
References
- ETC / 51, https://meowsbits.github.io/51-percent-docs/#section-what-a-51-percent-attack-is
- ecip-1100, https://github.com/ethereumclassic/ECIPs/blob/master/_specs/ecip-1100.md
- Cost of a 51% Attack for Different Cryptocurrencies, https://www.crypto51.app/
