How Ethereum Classic’s 51% attacks reveal risks to Bitcoin and Ethereum
ETC’s recent hacks may be an occupational hazard of ‘proof-of-work’ blockchains, including BTC and ETH. Is going ‘proof of stake’ the answer?
Ethereum Classic was besieged in August with three separate instances of 51% attacks that resulted in the disruption of over 10,000 blocks and millions of dollars in losses. "Increasing frustration is definitely the best way to describe it," said Terry Culver, CEO of ETC Labs, an incubator of projects on Ethereum Classic.
Although ETC Labs and other developers are working on ways to protect the blockchain network from further 51% attacks, security concerns regarding transactions have put in question the utility of blockchain networks based on proof of work (PoW), the consensus mechanism used in more cryptocurrencies than any other.
Today another large 51% attack occurred on the #ETC network which caused a reorganization of over 7000 blocks which corresponds to approximately 2 days of mining. All lost blocks will be removed from the immature balance and we will check all payouts for dropped txs.— Bitfly (@etherchain_org) August 29, 2020
"It's a vulnerability that all proof-of-work blockchains have, even Bitcoin and Ethereum," said Culver, in an interview with Forkast.News. "We think that they're secure because of the cost to attack those networks, but the truth is that cost is subjective."
The first of the recent wave of Ethereum Classic's 51% attacks occurred in early August, when an estimated US$5.6 million of ETC was double-spent — made possible because rented hashpower allowed the individuals to achieve majority control over the network.
"The cost to attack one of those networks for a state actor, or even a non-state actor, is trivial," Culver said. "And in fact, I think those attacks will come."
According to Benjamin J. A. Sauter, partner at New York-based international law firm Kobre & Kim, the attacks were not the result of a technical issue with the ETC blockchain, as reported by other publications, but rather the result of a person or group acting maliciously to commit fraud.
"What we want to do is send a message to them: that you're not going to get away with this, we're not going to take it sitting down, and we are going to try to figure out who you are," Sauter said.
Culver adds: "And what we are doing now and what we have to continue to do is find ways to make it more secure. For us, it's not a question of abandoning proof of work; it's a question of innovating so that we can prevent malicious activity and grow the kind of ecosystem we're trying to grow."
See related article: Are U.S. regulators finally warming to crypto and digital assets?
Watch Culver and Sauter's full interview with Forkast.News Editor-in-Chief Angie Lau explaining the repeated Ethereum Classic 51% hacks, what these breaches mean for larger PoW blockchains like Bitcoin and Ethereum, whether 'proof of stake' networks offer a superior alternative, and more.
- Could Ethereum Classic get 51%-hacked again? "Three attacks in one month will tell you that security is an issue on Ethereum Classic. And we believe and know that other blockchains get attacked more regularly, maybe with less visibility. It's a universal problem."
- The nature of proof-of-work blockchains: "We think that they're secure because of the cost to attack those networks, but the truth is that cost is subjective. The cost to attack one of those networks for a state actor, or even a non-state actor, is trivial."
- What allowed these attacks to happen: "So there's two problems here: one is gaining 51% of the hash power on the network, which allows you to create your own transactions. The other is exchanges, where if their security protocols are not strong enough, an attacker can deposit and withdraw funds very quickly, before the exchange can respond to it."
- Despite these losses, the industry still has strong desire for self-regulation: "By and large, I think the space doesn't want the government to become deeply involved in how the exchanges operate and try to remedy wrongs. I think the industry as a whole wants to be able to self-regulate and have an environment where the government doesn't need to be in the weeds."
- Is it time to move away from proof of work, toward proof of stake? "For us, it's not a question of abandoning proof of work; it's a question of innovating so that we can prevent malicious activity and grow the kind of ecosystem we're trying to grow."
Angie Lau: Welcome to Word on the Block, the series that takes a deeper dive into the blockchain and emerging technology stories that shape our world at the intersection of business, politics and economy. I'm Forkast.News Editor-in-Chief Angie Lau. Well, once upon a time, 'proof of work' was actually what made the blockchain world go round, as a consensus mechanism made popular by Satoshi Nakamoto's Bitcoin. Developers have been increasingly concerned about the 51% attack, the proof of work, the silver bullet.
Really in the early days, it was theoretical, a hypothetical. Well, in the span of just a couple of months, an attacker has gained more than 50% control of the network's hash rate, and it has prevented other miners from completing blocks. We've seen not one, not two, but three attacks — 51% attacks — on one network, and it's Ethereum Classic. And so the question is, is this the end of proof of work? What is happening with Ethereum Classic?
Joining us right now are the two guys who can address this directly. We welcome to the show right now Terry Culver. He is CEO of ETC Labs, and joining alongside him is his partner in chasing down these attackers, Kobre & Kim partner Ben Sauter, one of the leading cyber/blockchain/crypto lawyers/legal minds in this space. So Ben, Terry, welcome to the show. So I've got to ask you, what was your reaction to the first attack, the second attack, and then the increasing frustration, no doubt, on the heels of the third attack that just happened recently?
Terry Culver: Increasing frustration is definitely the best way to describe it. Proof of work isn't going anywhere; it's only, I think, getting stronger in some blockchains. The issue is there's no easy way to solve it. So you have attackers who are exploiting something that will take some time.
Lau: How did you address it, the first attack? This is a critical attack in that this is the underlying vulnerability of Ethereum Classic that now we're seeing is being exploited. How are you addressing it specifically?
Culver: Well, it's a vulnerability that all proof-of-work blockchains have, even Bitcoin and Ethereum. You know, we think that they're secure because of the cost to attack those networks, but the truth is that cost is subjective. The cost to attack one of those networks for a state actor, or even a non-state actor, is trivial. And in fact, I think those attacks will come. So this is actually a shared problem is the way we see it.
We happen to have been the victim recently, but it's something that I think everybody in the blockchain world needs to be thinking long and hard about. What we've done is a series of defensive mining measures to both try to alert ourselves to impending attacks and deploy hash power to prevent them. That's a very difficult thing to do just because of the nature of mining, but we're doing it anyway. We're working very closely with exchanges to tell them to increase their confirmation times.
So there's two problems here: one is gaining 51% of the hash power on the network, which allows you to create your own transactions. The other is exchanges, where if their security protocols are not strong enough, an attacker can deposit and withdraw funds very quickly, before the exchange can respond to it. So we have to deal with the technical issues on the blockchain and we have to work closely with exchanges to prevent the attackers from double spending.
Lau: It's the multi-prong, you have so many fires on many fronts and no doubt it must be enormously difficult, but the one thing is the technical ability to address the attacks. So defensive mining... you note that you've got to increase the hash rate. How do you do that, especially when you also have a challenge where you are seeing declining hash power at ETC? Terry?
Culver: Yeah, it's a difficult thing, so the question is, why is the hash rate lower than it usually is? And part of the reason is the growth of other proof of work blockchains that share the same mining algorithm. So it's more profitable for miners to mine Ethereum, for example, than it is to mine Ethereum Classic, which makes Ethereum Classic more vulnerable.
And so what we do in the near term is, we're working on several solutions, the first of which should be deployed really very soon, which would limit and prevent attacks on the blockchain regardless of the hash rate. How you solve the core problem of low hash rate is something you have to do over time. Hash rate is a reflection of the miners' opinion about the future potential of that chain, and it's a reflection of their profitability at present.
So we either have to make it more profitable for miners to mine ETC now, and that would require changing monetary policy, and I think something the community is loath to do, or if we can secure the chain, we can take time to build the ecosystem to a point where miners see that the token will increase in price over time.
Lau: And that's not an immediate thing, I get it, but that's certainly part of the strategy. Terry, thanks for sharing it with us. Ben, you've been in the space for a while now, and as you take a look at these bad actors, when you observe the number of attacks that ETC has experienced, what's your perspective as to what the motivation is? What is the intent? What's the agenda? What are your thoughts there as you put on your police hat?
Ben Sauter: Yeah, I think in this particular instance, there's really no question that there was malicious intent, I think, aimed at a few people there. The exchanges were themselves direct financial victims, because the way these attacks work is, once you have control over the blockchain, you're able to effectively send fictitious transactions to the exchange and turn it around and pull out other currencies. Then when the attack ends, those initial transactions to the exchanges aren't recognized, so that the exchanges are actually out of money. And that was a deliberate part of this scheme.
It's not a technical issue with the ETC blockchain, it is the result of somebody, or some group of people, who is/are trying to commit fraud. The exchanges are one victim of that; it may be that someone is deliberately taking aim at ETC and the entrepreneurial efforts that they're trying to promote as well. So that's just part of what we're trying to get to. But in terms of the mindset, it really is somebody who has a bad purpose and is trying to wreak havoc in a few different ways, and our goal is to not let that happen.
Terry mentioned the centrality of the exchanges from a technical perspective, but on the legal side, they're very important as well in terms of trying to find a private solution to this problem. So on the legal side we have a few different options and some of them are private-focused, where we try to resolve problems as between actors, and some of them involve going to the government.
By and large, I think the space doesn't want the government to become deeply involved in how the exchanges operate and try to remedy wrongs. I think the industry as a whole wants to be able to self-regulate and have an environment where the government doesn't need to be in the weeds. But as long as there's not an effective private resolution, it's how problems are going to be solved.
So what we're trying to do is actually work both the private side and the public side. But on the private side, the exchanges are really the linchpin of it because they should be keeping your customer information, and they're right at the intersection of where this fraud is happening and may well know, or should know, we think, who's responsible. So if they get together and help us help them and help the industry, they may well have the keys to hold the wrongdoers accountable.
What we want to do is send a message to them: that you're not going to get away with this, we're not going to take it sitting down, and we are going to try to figure out who you are. And we have sort of that private way and then like I said, there's also ways for us to work with governments around the world to try to get that information too.
Lau: But you're right, it's totally a delicate balancing act. Philosophically, how much do you want the government to police, compared and contrasted to the private industry's ability to go after these actors? Now, you point to exchanges. What role do you think exchanges need to play? And I'm hearing you, but what are the things that they're not doing that they should be doing in your view?
Sauter: So one of the things we would like, and this isn't specific, but this is a general sort of response to my experiences — when something like this happens and we approach exchanges, we actually get a range of different responses, but one common response is, "we're not interested in providing specific details of the transaction or who was involved, and we might respond if a government reaches out to us."
So then what they're trying to do is give you the runaround, make it more difficult, and make you go try to talk with under-resourced governments to send them a subpoena. So one of the things I think the industry really should do to remove a major headwind on the space at large, which is people not wanting to adopt and use cryptocurrency because they don't think, in some cases justifiably, that there's going to be a remedy in the event something goes wrong — it might be a fraud, it might be just something run-of-the-mill going wrong — but a lot of people think they don't have anywhere to turn if that happens.
And until exchanges try to help people resolve these problems, there's just a large segment of the market who's not going to enter. I think exchanges and the industry as a whole need to find a way to set up a private dispute resolution framework and it may be giving private lawyers information, it may be having an arbitration that the people can use, there are many different ways, but by and large, it's very hard to get this information out of exchanges, and I think it's a real disservice to the industry.
Lau: Who's giving you cooperation right now, anybody? Obviously it sounds like it would be good for the entire industry to work in concert against bad actors, but how do you overcome this current obstacle of not getting the kind of cooperation from exchanges that you need to do your job?
Sauter: So, like I said, they all have their own different interests. The exchanges who've been victims of this particular attack have been relatively cooperative, because they were actual victims of the attack. They have published some information about it and have identified accounts and transactions that were issues. So they have been relatively forthcoming. We'd like more and we're continuing to speak and work with them. In particular, with a 51% attack where an exchange is a victim, they may be more incentivized to help with this than they are in some other cases.
Lau: So Terry, a lot of people are wondering, well, what does this say about proof of work? Is this something that doesn't work anymore, and should there be a transition to proof of stake, or something else?
Culver: Yeah, I think one reason some people in the blockchain ecosystem have adopted proof of stake is in part because of the security concerns related to proof of work. In a way, it's endemic. In other words, the attacker used the system in exactly the way it was designed. So the rules of the system are that if you gain 51% of the hash rate, well, then you can write transactions.
On the one hand, it's instrumental to building a truly permissionless network, which is a core principle that we stick by. On the other hand, it jeopardizes the entire system. So you have to try to balance those two things. Our view is that even with those security risks, proof of work is still a valuable and important mechanism for building a decentralized, censorship-resistant network.
And what we are doing now and what we have to continue to do is find ways to make it more secure. For us, it's not a question of abandoning proof of work; it's a question of innovating so that we can prevent malicious activity and grow the kind of ecosystem we're trying to grow.
Lau: And so how do you hope to put this behind you? Do you anticipate more attacks?
Culver: I don't, but you never know. Actually, we don't put it behind us. We embrace this head-on. Look, three attacks in one month will tell you that security is an issue on Ethereum Classic. And we believe and know that other blockchains get attacked more regularly, maybe with less visibility; it's a universal problem.
So we are taking this opportunity to really lead the way in how to build secure proof of work blockchains, even with low hash rates. So if at the end of this we emerge with solutions that could benefit Ethereum Classic and other chains, then so much the better.
Sauter: But at the same time, while the technical possibility and proof of work may make this possible, it doesn't make it OK. And we are also trying to send a message that just because it's possible, doesn't mean you can't do it with malicious intent to defraud exchanges and defraud other people who rely on these blockchains. These are two entirely different questions.
Lau: What's going to happen if you identify the malicious attackers? Are you going to be pursuing this in court as a private matter, or will authorities — the Justice Department, police — will they be involved as well?
Sauter: All of those options are on the table and we are actively pursuing them.
Lau: And do you know where they came from, which continent it came from?
Sauter: We do have some information. Because the investigation is ongoing, we would like to not disclose that at this time, but we have been successful so far in gathering some information and we have other information that we hope to get soon.
Lau: All right, so you're going after the attackers. On one hand, we're hearing about the strategies to essentially fix the vulnerabilities, to make it more secure. What we'd love to hear as well, Terry, from your view, is where do you go from here? In the next year or two, what can we expect from Ethereum Classic, ETC Labs? As you've noted, low hash rates are also indicative of people's confidence of growth. So if you are going to address concerns about growth, where are you leading the company in the next year or two?
Culver: It's really about community building. You know, making a case for, what utility does this blockchain have? In our view, we think that there's a very significant role that an Ethereum-based proof-of-work blockchain has to play, particularly around financial inclusion and particularly in emerging markets.
A lot of blockchains are trying to displace existing and legacy systems in mature markets, and that's important and worthwhile, but our particular view is that blockchain actually could be most useful where people need it most — where you have huge percentages of the population outside of the formal economy, outside of the financial system, with growing populations, growing urbanization. To me, this is where blockchain can play a role, and that's where we see Ethereum Classic playing a role.
Lau: But why proof of work, why not proof of stake? What is different about proof of work?
Culver: So proof of work, first of all, we know it works, even with its security flaws. And we think it's truly decentralized. You have tradeoffs, no matter which system you choose. In our view, proof of stake gives you perhaps a more secure system, but a more centralized system. So while you may not suffer 51% attacks, you could have a network dominated by whales, who actually create a truly permissioned network. Our view is, we would rather take the risk and maintain a truly decentralized network, than convert to something that might lead to a centralized one.
Lau: I hear the vision very clearly, and your pedigree as a former UN policy advisor in Africa, Asia and Latin America really speaks to that. We are seeing a lot of the unbanked and underserved in many of those regions. Where do you envision, what's your goal to serve, obviously the underbanked, and ETC Labs' role in decentralized finance?
Culver: I think our role now, in this current phase, is to have a network that's secure, that people can have confidence it works. And the other is to really help cultivate and grow projects and enterprises in those markets that can use blockchain in fruitful ways, whether it's around health care, whether it's around payment systems, whether it's around sustainable farming... and we're doing all of that.
As a second phase, I think it's a matter of making the technology more accessible so that people understand that it's a form of peer-to-peer payments. Now, peer-to-peer payments exist in emerging markets, in the informal economy, millions of times a day. So this is simply taking what exists informally and using the blockchain as a way to reduce reliance on trust, reduce counterparty risk, and give access to more people.
Lau: There's no doubt that there is an integral and important role on even how technology, the architecture, the infrastructure so critical to true decentralization... the vulnerabilities can either be security or the vulnerabilities can be centralization.
So you've made a choice, it's clear, and no doubt it's enormously frustrating, as we started this conversation with, but Ben, I know that you'll be doing your job as you start nailing down who these malicious attackers are, so absolutely keep us briefed on that, and we'll share it with everyone. Terry, I want to thank you. Ben, I want to thank you, for joining us on Word on the Block. It was a pleasure to speak with you both today.
Sauter: My pleasure. Thank you.
Culver: Thanks so much, great talking to you.
Lau: And thank you, everyone, for joining us on this latest episode of Word on the Block. I'm Forkast.News Editor-in-Chief Angie Lau. Until the next time.