Buterin Thinks He Knows How to Stop ‘51% Attacks’
Buterin proposed prevention for 51% Attacks
This summer ZenCash cryptocurrency has suffered from the attack that led to the loss of $500 000, which is 13 234 in ZEN. The type of hacker attack that was performed is known as a “51% attack” during which the hacker or some hacking team takes over 51% of the blockchain nodes and becomes able to steal cash from the system.
To understand the gist of the 51% attack, we need to clarify the way the criminals steal the money. Firstly, many think that attackers steal cash from specific clients’ wallets. However, it’s not the way; 51% attack does not allow criminals to hack users’ wallets, so they steal cash from the exchanges. Secondly, some imply that attackers hack blockchain by creating money from nothing - this is untrue, too.
The hacker’s algorithm is rather consecutive and includes some work to put in. At the first stage, the hacker collects coins by mining, buying, and stealing them. Having collected enough, the criminal embraces a bigger part of hash network. After that, the hacker initiates the attack. To do this, he starts mining secretly on his own node. When the criminal finds the right hash, he packages it on his node and releases into the network. All other nodes approve the hash and record it into its blockchain. On this stage, the hacker works as a usual miner.
Then, the attacker continues mining locally on his node, but now sends the found blocks into the network. Thus, one version of blockchain exists in the scammer’s private network, and the other is running on other nodes of the public network. Eventually, the hacker creates a transaction in which he sends all his coins to a given exchange. This transaction gets into a public network, all nodes assume that the system works correctly, and the transaction is completed successfully. The exchange notices that it has received the deposit and then sends funds to the attacker. The scammer can exchange this balance into other cryptocurrencies on the exchange, withdraw them or else; the point here is to do it as quickly as possible.
After the funds are withdrawn from the exchange, the criminal publishes his open version of blockchain without sending the transaction to the exchange, and this version is taken as correct by the network due to having a longer chain. It comes as if there were no payments to the exchange, and the scammer possesses double amount of the money. This is what 51% attack is and ZenCash has experienced it recently.
This attack may happen to any company; however, in many cases it is economically unprofitable. It is more likely that the attacker will spend more money than he can earn without the help of any favorable circumstances. For example, it is impossible to apply 51% attack to Bitcoin network since the hacker will have to spend billions of dollars. It is a lot of money and the profit will be too small if any at all. A possible reason why the hackers selected ZenCash was its low hashrate and high currency rate. That is why the criminal earned way more money then he spent.
Since the exchanges are the main targets of the attackers working by 51% attack scheme, they are the first ones who need to worry about these attacks and introduce more security into their platforms. Some exchanges’ rules may seem ridiculous as they don’t utilize even simple security measures. Even more, some exchanges apply the same rules to transactions of $10 and $500,000. At the same time, both of these amounts are very little for large exchanges, and this is probably the main reason why they have not considered any stronger security measures earlier.
While ZenCash has asked its partners to increase the number of confirmations for the transactions, the coziness of users drastically decreased since they now have to pass through tons of confirmation procedures and wait for 4-6 hours for the completion. ZenCash, however, thinks that it will prevent future attacks. Moreover, the company changed the rules of the network and disabled private mining. Finally, ZenCash plans to introduce secured nodes that will be approving chains.
Vitalik Buterin commented on the situation and proposed an alternative to secure blockchain networks from possible 51% attacks. Ethereum co-founder suggests creating independent nodes for the system to track the consensus, which would increase the resistance to almost 100%. In other words, for a successful attack, the scammer will have to take over 99% of blockchain nodes instead of 51%. This would make any hacking attempts economically unprofitable completely. However, this method has not been utilized in practice.
This type of system could be very useful for ZenCash and other companies that would want to secure their networks. Although the independent nodes need to be verified and trusted, too. This puts some more constraints on the implementation of the proposed idea.
You May Like
20 Random ICO