Is blockchain really secure by design? Now it seems that the answer to this question is not so sure.
Thousands of cryptocurrencies based on blockchain technology may not be as secure as people think, researchers have found.
Husam Abboud, a cryptocurrency researcher at Brazil's FECAP University, has demonstrated that it only costs $1.5 million to carry out an attack on Ethereum Classic, and that the attack is guaranteed to pay for itself. profit. You know, the current market value of Ethereum Classic is more than 2 billion U.S. dollars - and even more frightening is that,If you have $55 million, you can even destroy Ethereum Classic, bankrupt it and make $1 billion in profit.
The algorithms used by many so-called "forked coins" are actually the same as those of some larger blockchains. For example, the algorithm of Ethereum Classic is actually the same as that of Ethereum, so these "forked coins" are particularly vulnerable to attacks because They don't put much "effort (cost)" in keeping their funds safe. According to researcher Husam Abboud's analysis, any miner who can own 2.5% of Ethereum Nethas can switch to mining Ethereum Classic, and then control more than 51% of the Ethereum Classic network's computing power.
The crux of the matter is that this kind of attack doesn't cost miners much at all. For example, the cost of performing a so-called "51% attack" on Ethereum Classic is roughly the same as the return on Ethereum mined with 2.5% Nethash in a day - about 525 ETH (about $318,000).
When conducting research, Husam Abboud did not use the typical attack model of calculating the attack cost of 51%, but chose a "Rindex v2.0" model. He pointed out that mining equipment and electricity costs also need to be considered in the classic model, but with the "Rindex v2. The cost of computing power lease.
On the other hand, Husam Abboud used the same method to calculate that the cost of performing a "51% attack" on Bitcoin Cash was about 250 bitcoins (about $2 million) per day, while attacking Bitcoin The execution cost of Bitcoin Gold is only 26 bitcoins (about 200,000 US dollars). and,All of these attacks can be sustained until a fix is deployed by a cryptocurrency developer, or until the price continues to drop so low that the attack cannot continue.
Husam Abboud also pointed out that the Bitcoin creators designed the consensus protocol assuming that miners would not carry out such attacks because they felt that doing so would lead to a lower market price for the cryptocurrency, Then it was impossible to achieve profitability; but the problem is that nine years have passed, and the original intention of "Satoshi Nakamoto" seems to have deviated from the direction.
Husam Abboud suggested that the "Satoshi Nakamoto" hypothesis may be outdated, saying:
“We now have a lot of larger cryptocurrency exchanges, resulting in a huge increase in market liquidity, allowing investors to short sell with 2.2 to 100 times (trading margin) leverage. This makes trading easier every day , investors can even profit from falling prices because the market is more liquid.”
At this stage, the security of cryptocurrencies using "proof of work" is starting to attract people's attention. In the past two months, there have been at least five similar attacks on Verge, Electroneum, Bitcoin Gold, and Monacoin, among others.
Bitcoin core developers Jameson Lopp and Peter Todd pointed out long ago that,Because people are too "lazy" to simply clone a large blockchain and start issuing coins, the result is that these cryptocurrencies are vulnerable to attack.
However, according to industry experts, there are many ways to solve the "51% attack" problem of cryptocurrencies, such as sharing the security of the existing proof-of-work chain, upgrading to the proof-of-stake protocol, increasing the number of confirmations required for transactions, or upgrading Hash power.
There is no doubt that for a cryptocurrency with a market capitalization of billions of dollars, one should be willing to invest a few million dollars to improve its own security.
