QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$3 200 000 USD
AUGUST 2020
UNKNOWN
BITFINEX
DESCRIPTION OF EVENTS
"As a cryptocurrency exchange founded in 2012, Bitfinex has always been at the forefront of technological innovation in digital asset trading. The Bitfinex team has gained invaluable experience in blockchain technology while the platform has cemented its position as the go-to place for digital asset traders and institutions to trade."
"In addition to a suite of advanced trading features and charting tool, Bitfinex provides access to peer-to-peer (P2P) financing, an OTC market and margin trading for a wide selection of digital assets and derivatives trading. Bitfinex’s strategy focuses on delivering the best crypto trading experience for professional traders and liquidity providers around the world through the delivery of cutting-edge technology."
"Ethereum Classic is a decentralized computing platform that executes smart contracts. Applications are ran exactly as programmed without the possibility of censorship, downtime, or third-party interference. Ethereum Classic is a distributed network consisting of a blockchain ledger, native cryptocurrency (ETC) and robust ecosystem of on-chain applications and services." "Ethereum Classic is the product of a hard fork after the Ethereum network split in different ways following an infamous hack in 2016."
"“[Grayscale] holds a sizable percentage of the circulating supply in Ethereum Classic, which is locked up in the trust that will never be liquidated,” [Meltem Demirors, the chief strategy officer at CoinShares] said." "Grayscale started its ETC Trust in April 2017."
“It would be very difficult for us to comment or point to our operating a vehicle around a particular protocol as being influential to the prices,” Michael Sonneshein, managing director of Grayscale, said in a phone interview with CoinDesk, pointing out his company also has large positions in bitcoin and ether. Grayscale, like CoinDesk, is a unit of Digital Currency Group.
"The “honest[y]” of more than half of miners is a core requirement for the security of Bitcoin and any proof-of-work cryptocurrencies based on Bitcoin. Honest action, in this context, means following the behavior described in the Bitcoin white paper. This is sometimes described as a “security risk” or “attack vector,” but is more accurately described as a known limitation to the proof-of-work model."
"Failure to meet this requirement breaks several core guarantees of the Bitcoin protocol, including the irreversibility of transactions. Many other cryptocurrencies, such as Ethereum Classic, have also adopted proof-of-work mining."
"For the Ethereum Classic blockchain, 51% attacks have been a threat for a long time. Unlike Ethereum, from which it was hard forked, the Ethereum Classic network is committed to the Proof-of-Work (PoW) consensus algorithm, which is also used by [bi]tcoin. But for large networks like Bitcoin, a 51% attack is prohibitively expensive to do given the enormous amount of computational power required by PoW to successfully do it. Ethereum Classic’s hashrate is much smaller, making it far more vulnerable to 51% attacks."
"August 5, 2020 - Ethereum Classic 51% attacked. $3.2M double spent." "Ethereum Classic has suffered its second 51% attack in a week after 4,000 blocks were reorganized earlier today." "On Aug. 6, Etherchain.org tweeted that its affiliated mining pool Ethermine had disabled ETC pool payouts after more than 4,000 blocks had been reorganized in the latest attack on Ethereum Classic."
"This time attacker was trying to double-spend 465,444 ETC (approx $3.3 M). Based on our investigation, the attacker successfully double-spent 238,306 ETC ($1.68 M) through Bitfinex and another crypto service. In addition, the attacker also got 14.2K ETC as a block reward, which we are not included in our double-spent calculation."
"NiceHash, a hashpower broker, acknowledged its platform may have facilitated the recent 51% attacks, in a blog post on Sept. 1, but it also concluded that such attacks cannot be prevented or mitigated in a "truly decentralized proof-of-work solution." "The only thing one can do is make the price of an attack higher than the attacker reward," the post added."
"James Wo, founder of ETC Labs, the leading organization supporting the Ethereum Classic network, told CoinDesk via a spokesperson that his team has been trying to enhance the network’s security in the past year, including expanding the network’s core development team, and partnering with companies such as Chainlink, Swarm and Bloq."
"The company announced two new hires on Sept. 3 to ETC’s core development team. “These developments and partnerships are working to quickly propel the advancement of ETC and ensure a bright future for the network,” Wo said, who added that ETC’s price has held “strong” even with the recent 51% attacks."
"Ethereum Classic’s price has demonstrated strong resilience." "However, some warn that unless it improves its blockchain and makes it safer, additional attacks on Ethereum Classic could trigger a market sell-off and lead to a collapse of its digital asset." "The recent 51% attacks on the Ethereum Classic network also have not led to any additional questions or worries from Grayscale’s clients on this crypto asset, according to Grayscale’s Sonneshein."
The Ethereum Classic blockchain is vulnerable to 51% attacks due to the low hash power. Multiple victims including the exchange platform Bitfinex fell victim to the attack and lost $3.2m.
In the 51% attack, a single group or individual purchases or repurposes a massive amount of hashing power. This enables them to produce a blockchain history in which they didn't make an accepted payment, and feed that back to the network. As a result, they keep their funds, and whatever they received for their payment.
The 51% attack was successful since what happened was not realized, and the network made the decision to adopt the longest chain, as produced by the hacker. This resulted in a loss to any platforms or other victims, and it's unknown who was attacked or what the resolution was to any affected customers.
HOW COULD THIS HAVE BEEN PREVENTED?
The solution to mitigate 51% attacks is to increase block confirmation times and institute checkpoints, where all miners agree that transactions up to that point are valid. If a large reorganization occurs, it will be rejected by miners, and the attacker will simply lose the funds spent on the attack.
Attacks are relatively easy to spot because they result in massive chain reorganizations, which miners can easily decide to reject.
Platforms can protect themselves against 51% attacks by ensuring that they only deal with coins which use checkpoints, and have sufficient block confirmation requirements on deposits.
Ethereum Classic 51% Chain Attack July 31, 2020 - Bitquery (Sep 11)
https://blog.coinbase.com/coinbases-perspective-on-the-recent-ethereum-classic-etc-double-spend-incidents-1fd19ef215f3 (Sep 11)
ETC Chain Split Diagnosis - HackMD (Sep 11)
Crypto Investors Have Ignored Three Straight 51% Attacks on ETC (Sep 11)
Deep Chain Reorganization Detected on Ethereum Classic (ETC) (Feb 7)
Ethereum Classic (Sep 11)
Ethereum Classic Suffers 51% Attack Again: Delisting Risk Amplified – Security Bitcoin News (Sep 11)
Ethereum Classic Attack, 8 August: Catch me if you can - Bitquery (Sep 12)
Bitfinex | Cryptocurrency Exchange | Bitcoin Trading | Futures Trading | Margin Trading (Sep 15)
Bitfinex | About Us (Sep 15)
Bitfinex Pulse (Sep 29)