Attack of the 51%: how does the practice that puts in doubt the security of the blockchain
After the euphoria of the first experiments and the promise to revolutionize the digital life, blockchain technology has been challenged by new problems. Especially regarding system security, which, based on multiple checks on a series of computers and protocols recorded in a decentralized way, is considered by many to be its strongest point.
Recent attacks have put that point of view in check. Especially in the most common use of blockchain: the exchange and mining of crypto-coins. As The Technology Review shows, repeated attacks on virtual currency trading systems have been successful recently, stealing the equivalent of $ 2 billion dollars in crypto coins since the beginning of 2017.
The latest attack was directed at Coinbase, a storage platform, buying and selling large crypto-coins such as bitcoin and ethereum. Someone was able to take control over more than half of the transaction verification system, being able to remotely use several computers to rewrite operations that had been done, directing them to other recipients. Although in this particular case the hacker was unsuccessful, another "digital stock exchange", Gate.io, admitted having lost $ 200,000 in Ethereum Classic to the same hacker.
The attack is particularly worrisome for the blockchain ecosystem because it was the first directed at one of the top 20 existing crypto-coins. Previously, they looked at only the less popular ones, which require less financial and technological resources for an assertive attack (it is estimated that $ 260,000 is needed to try to defraud bitcoin, for example).
Moreover, according to The Technological Review, the attacks were considered minor problems, because they were directed to the exchange of the coins themselves, and not to the blockchain system that supports them. And if the brokerage or marketing platform does not guarantee the security of your system, the problem would not be in the structure that supports the transactions.
But the popular mode - the "51% attack," in which the attacker manages to control more than half of the transaction-checking network - has changed that understanding. In it, the invaders use a large computer infrastructure to mine (add new certified transactions to the blockchain system) large-scale crypto-coins.
Once these miners gain control over more than half of the computing power of the network, they can create an "alternative" version of it without users noticing, reversing transactions that have already been made and "skimming" values that had already been invested in transactions (a practice known as double spend), directing the crptomoedas to themselves.
This type of attack began to be noticed in the middle of last year, and amounted to about $ 20 million in stolen values, even without attacking the largest crypto-coins. With the attack on the ethereum classic (originated from a bifurcation of the original ethereum and 19th critto-nomeda with the highest market value, according to the Coin Market Cap), the intention was to steal more than $ 1 million at a time.
David Voick, co-founder of the blockchain-based cloud service Sia, believes that such attacks should continue to grow and become more powerful. It facilitates hackers' work to popularize "hashrates marketplaces," a kind of virtual marketplace where computer owners used for coin mining lease their capacity to others who are theoretically more efficient at mining, generating more financial returns for both.
Those who suffer the first blow of these attacks are the brokerages and providers of transactions with criptomoedas, that can lose the confidence of their clients, says Voick. Thus, a side effect of the scenario may be that these brokerages become more selective about which crypto-currencies they will include in their base. Consequently, there may be a greater "concentration" of crypto-coins, with users fleeing those who are smaller and theoretically more subject to 51% attacks.