Ethereum Classic ETC chain hacked – 51% double spending attack steals $1.1m

Hackers are back with a double spend attack. This time it’s on the ETC Ethereum Classic blockchain. Coinbase found 15 “deep chain reorganizations” 12 of which were actual double spend attacks. With over $1.1million or 219 500 ETC exploited, Coinbase who found the hack, immediately suspended their interaction with the Ethereum Classic blockchain. Sends and receives of ETC remain suspended at Coinbase in order to protect customer funds while this instability on their blockchain remains. Buy and sell features are still operational however.  

Is Proof-of-work crumbling? 

Fortunately Mark Nesbitt and the engineers at Coinbase were quick to discover this attack. They were also circumspect and did not cause too much of an alarm, but rather first attended to the problem before releasing an announcement on their website and in a Medium blog article. So no money or cryptocurrency was actually stolen from anyone. However, the double spend of $1.1million and the 51% hack of the ETC blockchain does raise the major question of “Proof of Work” as a valid smart contract for crypto.  

Satoshi’s original logic 

In the original Bitcoin white paper released by Satoshi Nakamoto in 2009 – just 10 years ago this week – the entire logic is built upon proof-of-work. But now this appears to be vulnerable.  

“If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains.”   - Bitcoin: A peer to peer electronic cash system  - by Satoshi Nakamoto 

Is proof-of-stake the new way? 

Here the honesty of more than 50% of the miners is a fundamental requirement for the PoW system to remain secure for Bitcoin and all the many other coins using the same system. This is a known limitation in the entire Bitcoin model – the first and most obvious attack vector. This failure on the ETC blockchain caused by bad actors or criminal miners, clearly shows the vulnerabilities of this system. It breaks the guarantees of the Bitcoin protocol. And perhaps this is why coins like Ethereum are on the verge of moving from PoW to PoS (proof-of-stake). The timing is very interesting.  

Honest miners 

Traditionally miners add transactions to the blockchain by producing blocks or bundles of transactions and adding them to the longest chain. However, if a single miner has more resources than the rest of the network combined, s/he could pick at random a previous block and use it to extend an alternative chain of block history, and even outpace the original produced by the rest of the network. This is known as “chain reorganization” (reorg) and comprises of the “depth” – number of blocks replaced, and the “length” – number of new blocks in the replacement.  

Bad actors 

Such inconveniences could lead to a reordering and delay of some transactions, but even worse, a wealthy miner could use the opportunity to spend their coin twice, sending it to two different addresses, knowing one will become invalidated. And that is what has happened here on the ETC chain in 12 different transactions so far. It is a breach and a cause for concern. Only thanks to the engineers has it been nipped in the bud, but the blockchain is still vulnerable at ETC now.  

Safety first 

It seems that PoS is the way to go in the long run. Bitcoin is the original PoW and nobody has ever hacked it, but questions are arising as others do get hacked and double spends occur, leaving orphan blocks in their wake. Security is practically the most important criteria for all concerned in the cryptocurrency industry, and Coinbase has done well to protect their customers and themselves during this incident. Only Gate.io exchange seemed to be affected by this recent malicious action.   

Tribal loyalties transcend logic 

And ETC is not the first PoW coin to be attacked in this way. Already Bitcoin Gold, Monacoin, Verge and Bitcoin Private have all been hacked and are vulnerable. But still their prices remain stable. Even ETC lost very little in price after this double spend incident. You would think the price would tank after the FUD of a hack like this, but it seems the tribal loyalties that permeate the crypto market are keeping the fans loyal to their brands, with ETC only down around 3% after this recent incident. 

https://blog.coinbase.com/ethereum-classic-etc-is-currently-being-51-attacked-33be13ce32de  https://www.ccn.com/ethereum-classic-losses-top-1-million-after-51-attack-coinbase-research  

pic: https://coinswitch.co/news/ethereum-classic-51-percent-attack-read-latest-updates-on-etc-attack