## Friday, May 25, 2018

### Bitcoin Gold starts the era of 51% attacks

$18 million stolen, no one cares In November, I explained to the dear readers that the Bitcoin futures trading would stop the inflation of the bubble and reverse the direction of the price towards zero. On December 9th, 2017, the cryptocurrency holders were urged to sell their holdings within a day. Indeed, those who listened to me were lucky to choose their source of information. In mid December, the Bitcoin price was peaking at$19,900. It's currently close to $7,500. Virtually all of those who have shorted the Bitcoin futures have made a handsome profit – almost the same profit they could make by buying the cryptocurrencies before November 2017. Three weeks ago, the San Francisco Fed published a paper that claimed that the futures have indeed reversed the dynamics of the Bitcoin bubble. That's nice, Ladies and Gentlemen, but if you actually understood economics well, like I do, you would have predicted that – instead of rationalizing the events half a year later. Meanwhile, lots of events are finally taking place. The U.S. Department of Justice has started the investigation into the manipulation of cryptocurrency prices. It's very likely that some or most cryptoexchanges are spoofing – they are showing you supply and demand that is fake and won't be performed if you try – just in order to affect the people's behavior. Spoofing is illegal in the U.S. And some people have realized that they can steal (double spend) cryptocoins by the simple enough 51% attack. Exactly one week ago, someone stole 388,000 units of the Bitcoin Gold, the second most important fork of the Bitcoin (after Bitcoin Cash). At the current price around$46, that was worth some $18 million. The victims were some large exchanges – unless it was an inside job and you can never be sure. If you read an article on a top Bitcoin Gold website, you will learn the simple story. Between May 16th and May 19th, nine blocks were reversed by the attacker in total. The attacker sent these 388,000 coins to the exchanges – and got a compensation for that – and he simultaneously sent the same money to his other Bitcoin Gold addresses. Normally, you can only spend once because one of the payments was classified as the "first one" and the second one is blocked because "the money is no longer there". The exchanges were using a temporary version of the history where the payment to the exchanges was the first one and legit – and the payment by the hacker by himself would therefore be blocked. However, the attacker invalidated this last piece of the history and created a longer sequence of blocks in which the payment to himself was the first one and legit – and the payment to the exchanges was therefore invalid. You can watch the main fraudulent payee's address GTN...2Ft in real time. 12,239 BTG still seems to be there. The attacker seems capable of producing a block within 2 minutes or so. Because the blocks are normally discovered once in 10 minutes, he may have 5 times the power of the "kosher miners of BTG" i.e. some 83% of the total hashrate. Now, it is remarkably easy to perform such an attack against Bitcoin Gold or 1,600 other cryptocurrencies. Bitcoin Gold is currently the 27th largest cryptocurrency by capitalization – the capitalization is nearly$0.8 billion. But the hashpower working on the validation of the transactions is only 30 megahash per second right now. That's some nine orders of magnitude below that of the Bitcoin.

You need a bunch of computers to achieve that – and it's enough for you to borrow them. If you borrow such computers, e.g. a cluster at your university, you may easily rewrite the blocks, force the exchanges to pay the real money to you for your cryptocoins, and keep the cryptocoins, too. I am sure that even if you needed to borrow the CPU power, it would be vastly cheaper than $18 million. According to this website, the theoretical price of a 1-hour attack against Bitcoin Gold is below$3,000 and it's below $620,000 an hour even for the Bitcoin! Anyone who holds lots of these cryptocurrencies – except for the largest one – can use them so that he never runs out of them. You may have 388,000 Bitcoin Gold coins, you buy a villa for$18 million, and you still have 388,000 Bitcoin Gold coins afterwards. That's cute. Czech writer Charles Jaromír Erben wrote a famous fairy-tale Dear Mug, Do Cook, whatever is the English name or the translation. ;-) A poor widow helped an even older beggar near the pond and was given a cool mug. The mug was controlled by voice recognition, "Mug, Do Cook" starts the process. And the mug never runs out of mash. She forgot to say "Mug, Do Stop" so the farmers had to bite through the mug while returning to the village. Cryptocurrencies are just like this magical mug.

For larger currencies, some minor mining pools may do the same. For example, Slushpool, the 3rd-5th largest Bitcoin mining pool which resides in Czechia, could easily switch to Bitcoin Cash and become a majority miner, one capable of reversing the blocks just like the Bitcoin Gold attacker. The Chinese government can do the same to the Bitcoin itself if it orders the China-based bosses of the largest Bitcoin mining pools to do something similar to what the Bitcoin Gold attacker did.

There is really no "solution" here. The whole point of the cryptocurrencies is that the validation is decided by the algorithms and miners automatically. So the 51% attack "shouldn't happen" and when it does happen, it's a problem for the humans that is considered "a kosher successful transfer [legal theft] by the blockchain rules of the game" – or it must be fixed by the humans and their old-fashioned laws, courts, and methods to deal with thefts.

Most cryptocurrencies' total hashrate is so small that individual thieves may easily do what has happened to Bitcoin Gold – it's remarkable that it's not happening much more frequently. (Well, it seems that the transactions were stopped at Bitcoin Gold, see the explorer, so all the "lively trade" of BTG at the cryptoexchanges is bogus because no actual coins may be moved according to the blockchain algorithms.) And several largest cryptocurrencies have such a huge hashrate that the mining wastes as much electricity as Ireland usefully consumes.

Because there are several public blockchains, the smaller ones may be instantly 51% attacked by those who have enough mining power to be big players in the bigger currencies. And if and when the 51% attacks will spread towards the top 5 cryptocurrencies, and it is totally possible, not even the top 3 cryptocurrencies' holders should think that they're safe.

One may also increase the "required number of confirmations", but then the cryptocurrency becomes really slow as a payment method.

So far, the victims were the cryptoexchanges and they say that "no one else should be afraid of anything". It's debatable. There is nothing special about the cryptoexchanges. The Bitcoin Gold sales could have taken place between several multimillionaires or a criminal multimillionaire and many small holders, too. It's pretty shocking that even after the successful 51% attack – when 1.5 times the daily volume ($12 million) was stolen – there is no panic selling of the Bitcoin Gold. (Well, maybe you can't really sell it now, or the listed price is not reflecting the actual market now.) The people owning Bitcoin Gold share stubbornness that most of us surely classify as collective stupidity. In recent two months, such 51%-style attacks occurred against Verge, Electroneum, Bitcoin Gold, and Monacoin. The article I just linked to says that "You can successfully hack a$2B cryptocurrency network with only \$1.5M". Not bad. More precisely, it is very bad!

The people who have economic thinking realize that the "investment" into the cryptocurrencies is a classic example of a bubble or a Ponzi scheme attracting morons. But there's a lot of the politically correct worshiping of the blockchain idea even among these critics of the Bitcoin bubble. But the blockchain is an extremely lame technology to be used in the real world. It's forcing all nodes to remember a huge amount of worthless data (the Ethereum blockchain is over a terabyte now), leads to a huge waste of electricity, and whenever it doesn't, the network is at risk of being 51% attacked. Whenever that happens, people have to use the old-fashioned definitions of a "thief", anyway, so the added value of the blockchain – the idea that the blockchain algorithms should be trusted – is eliminated, anyway.

If someone is remembering "who owns what" – like commercial banks and land registries do – the humans inside simply have to have the responsibility for the integrity of the data. You can't "decentralize" the responsibility, and if someone offers you a solution where no one has this responsibility anymore, it's a solution where you can't really sue anyone when you're robbed – and this blog post is about a story proving that you can easily be robbed.