Feathercoin 51% Attack
Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
Feathercoin was a fork/split of litecoin. Back in 2013 it was one of the more popular coins, with faster transactions and resistance to ASIC mining hardware. However, the network was attacked by a sustained 51% attack where a large amount of computing power was set up and used to double spend transactions. As a result of the attack, the feathercoin network implemented a checkpoint system, where the blockchain state is periodically saved at specific points, which nodes then agree not to deviate from, even if a longer chain is received.
About Feathercoin
Feathercoin was founded by Peter Bushnell[9].
"Feathercoin is a crypto currency that made its first public appearance on the Bitcointalk forum on April 16th 2013. Its lead coder is Peter Bushnell, an IT officer at Brasenose College, Oxford University."
"Feathercoin started out as an upgraded version of Bitcoin, stemming from Litecoin and sharing the same decentralized cryptocurrency blockchain. Feathercoin is built on Bitcoin's open source software. In fact FTC was forked from Litecoin, so it's also safeguarded from the effects of ASIC mining. But even so, it does not compete with BTC or LTC, it complements them."
Feathercoin, a Litecoin derivative, shares its 2.5 minute block time and scrypt mining algorithm[10].
The Reality
The 51% attack is an attack scenario which was well known and contemplated all the way back to the bitcoin whitepaper. Many blockchain coins are susceptible to 51% attacks to varying degrees.
What Happened
Feathercoin suffered a significant 51% attack around June 8th, marked by a sudden increase in network hashrate, likely due to miners exploiting profitability changes[10].
| Date | Event | Description |
|---|---|---|
| June 8th, 2013 6:00:00 PM MDT | First 51% Attack | The 51% attack happens on the Feathercoin blockchain. "Starting at 7pm EST on June 8th, Feathercoin’s network speed increased from 300 MH/s to over 1,500 MH/s. The attacker then mined about 180 blocks in quick succession resulting in over 36,000 coins awarded (39.2 bitcoins at the current exchange rate)."[8] |
| June 10th, 2013 12:01:00 PM MDT | CoinDesk Article Published | CoinDesk publishes an article on the Feathercoin 51% attack[9]. They report the 51% attack has left Feathercoin's founder, Peter Bushnell, scrambling for solutions[9]. This attack involved a significant increase in the network's hash rate, reaching 1.5 Gigahashes/sec from the usual 0.2 Gigahashes/sec[9]. The attackers orphaned approximately 80 blocks, leading to the loss of around 16,000 coins meant for legitimate miners[9]. |
| June 10th, 2013 7:00:00 PM MDT | Second 51% Attack | "A second attack was started at 8pm EST on June 10th, where the attacker added 2,500 MH/s to the network."[8] |
| April 24th, 2019 3:50:47 AM MDT | Featured In CryptoSlate Top 5 List | The attack is featured in a list put together by CryptoSlate of the top 5 blockchain 51% attacks[10]. |
Technical Details
Feathercoin suffered a significant 51% attack around June 8th, marked by a sudden increase in network hashrate, likely due to miners exploiting profitability changes[10]. The community is grappling with further challenges, including a distributed denial of service (DDoS) attack on Feathercoin's main website and removal from coin tracking sites[9].
Dates Of Attacks
"Starting late in the day on June 8th, and then again on June 10th, Feathercoin succumbed to 51% attacks. While this does not directly affect bitcoin, there are several lessons that the bitcoin community can learn from this experience. There is a case to be made that alt-coins have a diversification advantage, as silver does to gold, but they also provide an interesting testing ground for both new technologies and human behavior."[8]
Hash Power Used
This attack involved a significant increase in the network's hash rate, reaching 1.5 Gigahashes/sec from the usual 0.2 Gigahashes/sec[9].
Orphaned Blockchain Blocks
This attack orphaned 80 blocks, reversing confirmed transactions and causing miners to waste effort on blocks which were ultimately replaced[10]. The attackers orphaned approximately 80 blocks, leading to the loss of around 16,000 coins meant for legitimate miners[9].
Feathercoin, a Scrypt-based cryptocurrency derived from Litecoin, recently experienced a severe 51% attack, leaving its founder, Peter Bushnell, scrambling for solutions[9].
This assault differed from previous incidents, continuing despite market conditions, which typically halt attacks when prices drop[9].
Concurrent DDoS Attack
Concurrently, the Feathercoin website endured a DDoS attack[10]. The community is grappling with further challenges, including a distributed denial of service (DDoS) attack on Feathercoin's main website and removal from coin tracking sites[9].
Total Amount Lost
The total amount lost is unknown.
The attackers orphaned approximately 80 blocks, taking 16,000 coins which would otherwise go to non-attacking miners[9].
Immediate Reactions
"Feathercoin has the distinction of being one of the first digital currencies to get hit with a 51 percent attack as on June 2013, the Feathercoin network suffered multiple devastating 51-percent attacks." "The Jun. 8th attack on the Feathercoin network started with a marked increase in the network’s hashrate. It was suspected that the additional mining power came from miners on scrypt-based pools. According to the founder of Feathercoin, the miners were looking to benefit from the increased profitability on mining Feathercoin due to a change in difficulty."
"The attack was marked by a dramatic increase in the hash rate on the Feathercoin network, said Bushnell. The network was operating at a sustained 0.2 Gigahashes/sec prior to the attack. It jumped to 1.5 Gigahashes/sec, he said. That hashing power could have been redirected from any existing Scrypt-based pool, including a Litecoin pool."
"A total of 80 blocks were orphaned in the initial attack. Orphaned blocks are valid blocks on a network that are later replaced because a longer chain with greater proof-of-work takes precedence. This means confirmed FTC transactions were reversed in the attack. Some miners also ended up wasting effort on mining blocks that were eventually replaced on the chain."
"The problem was compounded when the official Feathercoin website suffered a distributed denial of service (DDoS) attack around the same time."
This attack orphaned 80 blocks, reversing confirmed transactions and causing miners to waste effort on blocks which were ultimately replaced[10]. Bushnell suspects the attackers are linked to prior incidents and fears prolonged targeting due to Feathercoin's resilience[9].
Claims Of Mining Proceeds
Despite the attacker legitimately renting hash power and mining blocks of Feathercoin, due to the fact this mining was part of an attack, the Feathercoin founder called for the mining reward proceeds themselves to be returned[9].
“About 16,000 coins went to the attackers in this attack,” he said. “This is the proceeds of mining those blocks which orphaned ours. Those coins should have been in our miners’ pockets.”
Ultimate Outcome
Exchanges responded by heightening confirmation requirements, and Feathercoin implemented advanced checkpointing (ACP) to prevent future attacks[10]. Despite these setbacks, Bushnell remains confident in Feathercoin's resilience and community support amid ongoing threats[9].
Increased Confirmation Requirements
"According to Tradeblock, exchanges had to increase Feathercoin confirmation requirements to ensure that only valid transactions on the right chain were processed."
Advanced Checkpointing Feature
"The advanced checkpointing (ACP) feature was also introduced by the Feathercoin team to prevent future 51% attacks. However, the attack still devastated confidence in FTC and it has since fallen into obscurity."
"Feathercoin has announced advanced checkpointing in its block chain to protect against 51% attacks. The advanced checkpointing (ACP) feature will remove the need for changes to client software by publishing a feed of checkpoints, via a central node."
"I am trying to make a safe environment for miners and merchants. We had some large scale attacks when our hash power was much less than we see now. During that time, miners had a large number of blocks orphaned. Some lost days worth of mining," said Feathercoin founder, Peter Bushnell. "This is unacceptable and considering the scale of these attacks I think it is absolutely important to make sure that the attackers are not able to take control of the network like this again."
"What we would have to do is find trusted nodes. It would make sense that this belongs to the miners. So all the major pools should be nodes as this is where the miners are. Currently the difficulty is too high to solo mine, the only person solo mining are the attackers. These are future plans but right now there is only one node checkpointing and I am the only person with access to the node."
Impacts To Feathercoin Reputation
Despite once being a prominent cryptocurrency, Feathercoin now ranks 461st on CoinMarketCap and receives minimal attention[10]. Despite measures taken to increase security, confidence in FTC plummeted, relegating it to obscurity in the cryptocurrency landscape.
"As a result, Feathercoin still carries along its legacy of being a less secure coin. and Even with the later introduced ACP, this remains a serious issue for Feathercoin, and confirmations should be generally considered much less secure than a comparable number of confirmations on Bitcoin or Litecoin networks."
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
Ongoing Developments
“I figured the market would react negatively to all this news but the buy support has stayed strong,” Bushnell said. “It shows that there is a lot of confidence in Feathercoin. We will get through these attacks I have no doubt about that.”
The future of Feathercoin and the potential for any significant rebound remain uncertain.
Individual Prevention Policies
Individuals generally wouldn't be the target of a 51% attack, as they tend to be less lucrative and reliable targets when compared with exchanges or service providers. Individuals can nonetheless protect themselves by using blockchains that are more 51% attack resistant and/or requiring a longer period of time before funds are considered to be settled. One always needs to be cautious when dealing with large sums of money.
This case does not appear to have resulted in a loss to any individual.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Platforms can improve their security against 51% attacks by increasing the number of block confirmations which are required for a deposit. Research should be done into which chains are more susceptible to 51% attacks based on history and known research into the area. For those chains, more confirmations must be required before those funds can result in a withdrawal. Cases where a large amount of funds have been deposited from a high-risk chain should be especially flagged and monitored, and withdrawals or high volume market trading can be delayed.
All aspects of any platform should undergo a regular validation/inspection by experts. This validation should include a security audit of any smart contracts, reporting any risks to the backing (of any customer assets, ensuring treasuries or minting functions are properly secured under the control of a multi-signature wallet, and finding any inadequacies in the level of training or integrity of the team. The recommended interval is twice prior to launch or significant system upgrade, once after 3 months, and every 6 months thereafter. It is recommended that the third party performing the inspection not be repeated within a 14 month period.
Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
In general, blockchain-level exploits can be resolved by reverting the blockchain to a prior state, which restores all funds to their prior ownership and limits potential losses to those who are transacting between the time of the exploit and the time of the revert. Effort should be undertaken by node operators to switch to a branch that eliminates the exploit as soon as possible to minimize losses. Any remaining losses would be resolved through the industry insurance fund.
All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.
Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ Feathercoin secures its block chain with advanced check pointing - CoinDesk (Accessed Nov 9, 2021)
- ↑ Feathercoin (FTC) Emerges as Arbitrage Powerhouse Within Cryptocommodity Marketplace, Claim BitcoinIntel Analysts - PRWeb (Nov 9, 2021)
- ↑ Feathercoin out to prove it’s no lightweight - SwissInfo (Accessed Nov 9, 2021)
- ↑ Feathercoin (FTC) - DYOR Crypto Wiki - Fandom (Nov 9, 2021)
- ↑ Feathercoin Keeps Moving Along - Finance Magnates (Accessed Nov 9, 2021)
- ↑ Bitcoin's successors: from Litecoin to Freicoin and onwards - The Guardian (Nov 9, 2021)
- ↑ Moneyness: Why did Dogecoin take off but Feathercoin didn't? - John Paul Koning (Accessed Nov 9, 2021)
- ↑ 8.0 8.1 8.2 8.3 The 51% Attack – What Bitcoin Can Learn From Alt-coin Experiments - TradeBlock Archive June 18th, 2020 9:54:31 PM MDT (Accessed Jun 19, 2024)
- ↑ 9.00 9.01 9.02 9.03 9.04 9.05 9.06 9.07 9.08 9.09 9.10 9.11 9.12 9.13 9.14 Feathercoin hit by massive attack - CoinDesk (Accessed Nov 9, 2021)
- ↑ 10.0 10.1 10.2 10.3 10.4 10.5 10.6 10.7 10.8 Five most prolific 51% attacks in crypto: Verge, Ethereum Classic, Bitcoin Gold, Feathercoin, Vertcoin - CryptoSlate (Accessed Sep 29, 2021)