“Fear always springs from ignorance.” – Ralph Waldo Emerson
What is 51% attack?
The blockchain is the distributed financial ledger of transactions. The ledger is secured by consumed hash power in Proof-of-Work (PoW). When someone has >50% of the network hash power, he would be able to generate blocks to selectively confirm certain transactions or rewrite the recent transaction history. A typical attack looks like this:
1) Create a private blockchain starting from block number N and do not broadcast it to the network
2) on the public blockchain, exchange coins for goods or services (e.g. sell coins for BTC on an exchange)
3) wait for m blocks to be generated on the public blockchain to confirm the transaction
4) at block N+m, the provider of goods or services is happy about the m confirmations and delivers the product
5) by this time, the private blockchain has generated more than m blocks, therefore longer than the public blockchain
6) publish the private blockchain to the network which will immediately replace the public chain, effectively removing the record of the previous transaction for goods or services.
7) you have just obtained goods or services for free, a.k.a. a double spend.
What happened last night?
It appears that last night for a few hours, someone launched a double-spend attack on Cryptsy through Reddcoin network. He had superior hash power and was able to generate a private blockchain longer than the public chain. Specifically, he did the following:
1) Create a private blockchain starting from block number N and do not broadcast it to the network
2) on the public blockchain, sell 25m RDD for 1.5 BTC on exchange
3) wait for 6 block to be generated on the public blockchain to confirm the transaction. 6 appeared to be the chosen minimum number of confirmation on the exchange.
4) at block N+6, exchange confirms BTC balance as +1.5 and RDD balance as -25m
5) publish the longer private blockchain which contains absolutely zero transaction except coinbase (the one which gives 50k block reward), thus eliminating any record of selling 25M RDD
6) the sudden publishing of the private blockchain renders recent blocks on the public blockchain invalid, i.e. orphaned. The red flag was the sudden consecutive orphan blocks on legitimate RDD mining pools.
7) he just made 1.5 BTC for nothing. rinse + repeat.
What stopped it?
1) We immediately notified the exchanges to bump the minimum number of confirmations from 6 to 60. As a result, the double-spend attack can now only occur once every 60 minutes rather than 6 minutes previously.
2) /u/ReddAPI rented 1.5Gh/s hash power from cloud and pointed it to our trusted mining pool rddpool.com run by /u/devhen, which immediately deprived the attacker of the superiority in hash power. The attack was stopped because it was no longer feasible.
Can we defend against it?
Yes. It’s very important to understand a few things:
1) 51% attack is always possible in theory. All cryptocurrencies can suffer from 51% attack.
2) 51% attack doesn’t happen all the time because no one has the incentive to carry it out unless it’s profitable. The profits of launching an attack must be meaningfully larger than the cost in terms of obtaining the hash power, execution, risk of being caught.
3) Reddcoin network was chosen because it has attracted the largest buying orders relative to our network hash. An attack on dozens of other altcoins which had significantly lower network hash but even fewer buying orders would cause an immediate market crash. Ironically, Reddcoin was chosen because more and more people started to recognise the long-term value.
So how do we defend against it for the next 2 months before moving to Proof-of-Stake-Velocity that completely removes this attack in one stroke?
1) Exchanges have bumped minimum number of confirmations to at least 60, which renders attacks significantly more costly and slowly to execute. This does mean all deposit and withdrawal of RDD from exchanges will now take 1 hour but we believe it’s a very reasonable price to pay for security.
2) We have now allocated a portion of IPCO fund to defend our public blockchain. The Reddcoin core team and pool owners in several time zones have together started a 24×7 surveillance. Upon detecting any sign of 51% attack, a member will be able to immediately rent hash power from cloud to defend the network integrity.
3) We are working very hard to get PoSV out ASAP.
4) The exchange is reviewing their logs of transactions, user registration and IP addresses.
What about 51% attack under PoSV?
Under PoSV, hash power becomes irrelevant. To start a 51% attack, the attacker must accumulate > 50% of coin-age. He would have no choice but to buy a significant portion of RDDs in circulation, pumping up RDD price in the process. Once he has it, he will have very little incentive to carry out any attack which reduces the value of his own holdings. PoSV further limits how much coin-age he can accumulate by punishing excessive hoarding. As a result PoSV will enjoy several magnitude better security than PoW.
Any questions, please post below.
Regards
laudney