Less-popular result of the Ethereum hard fork, Ethereum Classic, recently suffered a 51% attack which led to more than $200,000 being stolen from exchanges. Recent data from the cryptocurrency’s blockchain suggests that more similar attacks might be on the way.
Cryptocurrency data website Bitinfochains shows that over the last 24 hours, average transaction fees on the blockchain rose to $6.10, a number nearly 800 percent higher than $0.71, where the fees were merely a day earlier. Other data tracking websites noticed that the hashing power on the network nearly doubled, with ETC mining pool 2miners adding up to 3,054.29 GH/s of this added power.
Sources believe the spike in fees/hash rate could be related to an existing exploit with Ethereum gas tokens, one which allows gas token creation through exchanges for free. The news come merely hours after Gate.io reported that $100,000 worth of ETC that was hacked during the initial 51% attacks were returned.
Several sources reported that the “original Ethereum”, more commonly known as Ethereum Classic, suffered chain reorganization. This reorganization can be done by a malicious player who owns more than half of targeted network’s mining hash rate and is thus called a “51% attack”. By controlling more than half of the network’s mining power, the attacker is capable of “double spending” aka rolling back on-chain transactions. A 51% attack is one of the most feared concepts in modern cryptography as it removes an essential piece of a crypto network: its immutability. Reddit user turtleflax explains how the attack works:
“What a 51% attack does is remove 2 important properties from a blockchain, immutability and censorship resistance. This happens because consensus is achieved based on trusting the majority of hash rate. This works great in a decentralized system, but when 1 entity (attacker, hacked/malicious pool, nation state, etc.) acquires majority hash power then problems happen:
Miners package up transactions from the mempool into blocks so a majority hash rate miner can exclude specific transactions or all transactions (mining empty blocks). This is effectively censoring transactions on the network for the duration of the attack
When a miner includes a transaction in a block, it is said to be confirmed. If they have more hash rate than the rest of the network, they can spend coins and then spend them again elsewhere, a “double spend”.”
The problem was initially brought to light on January 7th by an entity called Ethereum Classic Consortium, which communicated that a security team Slow Mist detected transaction rollbacks on several ETC blocks. The ETC community dug deeper and discovered that a private mining pool (address: 0x3ccC8F7415e09BEAd930dc2B23617bD39ceD2C06) has been achieving more than 50% of the total network hash rate at certain times.
In order to prevent potential attacks, Ethereum Classic developers called on the exchanges and mine pools to increase the number of required confirmations on transactions to more than 400 until the issue is resolved. Several exchanges responded; Bitfly confirmed they’ll be increasing the confirmation threshold to the recommended numbers:
“We can confirm that there was a successful 51% attack on the Ethereum Classic (#ETC) network with multiple 100+ block reorganization. We recommend all services to closely monitored the chain and significantly increase required confirmations,” said the exchange.
Coinbase revealed that several instances of 100+ block reorganization and double spending did in fact appear on the ETC network. The total value of the double spends that Coinbase has observed thus far is currently sitting at 219,500 ETC (~$1.1M). At the same time, several mining pools are showing invalid block heights and experiencing orphaned blocks, which are clear signs that the Ethereum Classic blockchain has been tampered with. As of now, Ethereum Classic developers are reportedly working with Slow Mist and many others in the crypto community to find a way to resolve the issue.