Ethereum Cash 51% attacks presage the end for PoW chains that aren't Bitcoin
The Ethereum Classic blockchain has made headlines recently for all the wrong reasons. The Cloudbet blog explores what it means for the future of lesser, non-Bitcoin, Proof-of-Work blockchains.
Proof-of-Work (PoW) is the consensus mechanism that secures the Bitcoin blockchain, as well as many others. In PoW, miners direct computational power towards solving an arbitrary equation that unlocks the key to a given blockchain’s block rewards.
This wealth of computational power (which is now around 130 terahashes), all working towards the same incentivized aim, is what gives Bitcoin its security. In order to gain illicit control of the Bitcoin blockchain, an attacker would have to successfully launch a 51% attack.
Attacking blockchains that have lower hash power than Bitcoin or Ethereum, however, is relatively easy if you know what you’re doing and have the resources at your disposal. This is exactly what happened to Ethereum Classic (ETC) recently - on three occasions, no less. Following its third 51% attack in the space of a month, the question has to be asked as to whether Proof-of-Work is a viable long-term solution for smaller blockchains.
What is a 51% attack?
A 51% attack refers to the practice whereby a malicious actor gains full control of a blockchain by accruing a majority of the hash power. In the case of Bitcoin, the prospect of this occurring is incredibly slim. Computational power costs money, and the cost of gaining a majority of Bitcoin’s hash power is simply too great to make an attack likely (some estimate it would cost around $100 million per minute).
However, the same cannot be said of all blockchains.
The amount of hash power equates to security on any given blockchain
Most PoW blockchains have a fraction of the hash power that Bitcoin does, and 51% attacks can be launched on these chains at relatively little cost. As soon as someone has control of approximately 51% of the hash rate, they are free to reject, reorganize and double-spend transactions at will.
Websites even exist that estimate the cost of launching 51% attacks on most major blockchains. According to Crypto51.app, it would cost just $8,335 per hour to successfully launch a 51% attack on the Bitcoin SV (BSV) blockchain. An attack on Dash (DASH) is estimated to cost $2,769 per hour, while full control of Bitcoin Gold (BTG) could be gained for just $335 per hour.
An example of this practice in action was what happened several times to the Ethereum Classic (ECH) blockchain, which succumbed to three 51% attacks in the course of a month. During the worst of these attacks, the hacker was said to have spent $192,000 on Ethereum Classic hash power over two days. That works out at around $4,000 per hour, and resulted in the attacker making off with 807,260 ETC, or around $5.6 million, via double-spends.
The hacker made off with the equivalent of $56 million
Proof-of-Stake to replace Proof-of-Work
The Ethereum Classic debacle is an uncomfortable reminder of the uncomfortable reality that most PoW blockchains lack the hash power to take security for granted. Besides Bitcoin, very few PoW blockchains actually pose an adequate challenge to most would-be attackers.
Some blockchains have caught on to this fact, and are already in the process of swapping their PoW consensus mechanisms for Proof-of-Stake (PoS).
PoS is an alternative way of providing blockchain security, where instead of having miners contribute hash power, coin holders stake their funds on the blockchain. Just as PoW chains reward miners with newly minted coins in relation to the amount of hash power staked, PoS chains distribute block rewards based on the number of coins staked.
Similar to PoW, any attacker trying to gain malicious control of a PoS blockchain would have to accrue 51% of the coins that are staked on the chain at any one time. However, this presents a far more difficult challenge than simply spending a few thousand dollars to rent hash power from an online vendor.
Whereas most hash power is controlled by a relatively small handful of global mining pools, the token supply of a given cryptocurrency tends to be far more widely distributed. The likelihood that one individual could own as much as 51% of any cryptocurrency is slim at best.
You can read more about PoS, particularly as it relates to the Ethereum blockchain and ETH 2.0, in our earlier blog post.
The future of blockchain security
This is just one of the reasons why PoS will eventually replace PoW on a large scale in the cryptocurrency space. Bitcoin should be viewed as an outlier in this equation, since its first-mover advantage means it has accumulated more hash power than any other coin ever will. Bitcoin’s security is largely assured at this point, while most smaller PoW chains remain vulnerable and open to attack.
The widespread adoption of PoS will also bring several more benefits over PoW, such as a massively reduced carbon footprint. At the moment, Bitcoin’s annual carbon footprint is estimated to be the same as that of the nation of Azerbaijan.
PoS blockchains also allow the average coin holder to play a part in securing the network - and gain a portion of the block rewards in return. Many current PoS blockchains employ delegated staking, meaning a coin holder delegates their holdings to a network validator, which carries out the technical work of actually validating transactions on the blockchain. Ethereum 2.0, when it launches, will feature this same delegation feature (see link above).
In the meantime, any blockchain that doesn’t switch to PoS (or gain more hash power), runs the ever-present risk of befalling the same fate as Ethereum Classic. Regardless of how well the coin’s developers patch up the $5.6 million-sized hole the most recent attack left in its fence, the damage done to ETC’s image won’t be fixed so easily.
And certainly not without ditching Proof-of-Work entirely.