Two blockchain terms are in the headlines recently: 51% attack and double-spend. Most notably, Firo, a privacy-focused project formerly known as Zcoin, experienced a 51% attack where an actor controlled over half of the mining power in order to reverse transactions and compromise the security of the network.
Proof-of-work mining was the original security method for decentralized cryptocurrencies beginning with Bitcoin, and it has stood the test of time as the industry standard. However, events such as these cast increasing doubt on whether or not a purely mining-based approach can be trusted for securing a network in the future. A day of reckoning may soon come where cryptocurrencies with older designs are unable to keep up in the ever-evolving and competitive technological landscape.
51% attacks affect all but the “top-of-the-food-chain” coins
It’s relatively well-documented at this point that lesser proof-of-work chains are vulnerable to 51% attacks. More specifically, projects which use a hashing algorithm for which it isn’t the dominant project, where a relatively minor player in the mining scene of a top coin can easily and single-handedly attack a minor coin using the same algorithm.
Some projects seek to avoid this risk by developing resistance to ASICs, mining equipment specialized to a particular algorithm, allowing users with more basic or universal hardware to participate effectively in mining. However, this leads to another kind of vulnerability, where general-purpose hashrate can be rented to attack a coin.
In contrast with ASIC coins where an attacker risks destroying their investment of specialized hardware, ASIC-resistant coins can be attacked without said specialized hardware, making the potential costs much lower. In all cases, however, hashrate marketplaces make it difficult for smaller market cap projects to be truly safe.
Having specialized ASICs necessary for effective mining does make a network more difficult to attack, and provides a strong incentive against doing so, as damaging the price of a coin which is the principal source of income for your specialized hardware can prove to be a higher cost than the potential for profiting off of an attack.
However, this still presents centralization risks with many of the top coins having as few as three pools controlling the majority of hashrate. This centralization issue is even starker in the production of mining equipment, with few players controlling the vast majority of the market.
The double-spend problem
Bitcoin recently experienced what was touted as a double-spend attack, which is where an attacker sends a transaction that it later fraudulently revokes. Upon further review, this was likely a user that had a transaction stuck due to a low fee and twice attempted to re-attempt it with a higher fee (which usually works to unstick the transaction).
But in the end, the first transaction was approved and the following attempts were rejected. All in all, this led to days of uncertainty as to which transaction would end up being the legitimate one.
Make no mistake, however, double-spends are a real thing, the highest-profile of which were a series of Bitcoin ATM thefts from 2018 where attackers exploited the ATM’s settings which allowed unconfirmed transactions to be accepted and later double-spent the Bitcoin back into their control, making off with the cash dispensed from the machines.
Make no mistake, however, double-spends are a real thing, the highest-profile of which were a series of Bitcoin ATM thefts from 2018 where attackers exploited the ATM’s settings which allowed unconfirmed transactions to be accepted and later double-spent the Bitcoin back into their control, making off with the cash dispensed from the machines.
This is not unique to Bitcoin either (although its replace-by-fee feature certainly makes this easier): Bitcoin Cash also experiences double-spend attempts, sometimes thousands a day. Most are unsuccessful but many have nonetheless succeeded.
Making the transaction irreversible may protect the network from the attack
This is the fundamental principle Dash’s ChainLocks technology operates on. By using a network of incentivized and collateralized nodes, the first-seen block on the network is locked-in and made permanent, making chain reorganizations impossible. This means that after a transaction is sent, within just a couple minutes it will become completely irreversible.
A similar but separate feature, InstantSend, also uses the masternodes except it instantly locks a transaction from being double-spent until it is included in a block, at which point ChainLocks takes over and makes the transaction fully permanent. Essentially what this means for cryptocurrencies such as Dash that implemented this technology is that once a transaction is sent, the user can confidently consider it finalized and secure.
The reason this is secure is that the masternode network consists of nodes which require a significant investment in order to operate. At present prices, an attacker would need to spend over $100,000 per masternode (likely significantly higher due to the effects this would have on the market), and do this thousands of times.
About half of Dash’s supply is currently spoken for in existing masternodes, making it practically impossible to acquire enough to affect network security.
This is not lost on the Firo team, either. Firo had actually implemented ChainLocks on testnet prior to the incident, which may not have happened at all had it happened several weeks later. Project steward Reuben Yap believes that ChainLocks can indeed represent the ideal security solution:
In short, we believe that PoW + LLMQ chain locks are a great way of combining security and fair distribution while remaining permissionless… shoutout to Dash for massively improving the masternode system from the original masternode lists. Their innovations in deterministic masternodes and LLMQ chain locks are a huge step forward.
Why not just use proof-of-stake?
Of course, the implementation of collateralized nodes to improve network security begs the question: why not just switch to using proof-of-stake entirely? While this would certainly solve the threat of 51% attacks, it introduces a new set of challenges.
First is the supply issue: by definition, proof-of-stake coins distribute the supply to existing holders of the coin. In theory, if such a coin started with 10 initial holders, those 10 individuals would end up controlling the entire supply unless they either sold, spent, or donated their coins to someone else.
Of course, this isn’t a common occurrence, and many proof-of-stake projects either started as proof-of-work (and therefore don’t have that distribution problem) or have alternative distribution mechanisms such as an ICO or giveaways. In any case, it poses a risk of centralizing power around too few actors.
Mining allows anyone to participate in theory, and as miners have fixed costs associated with running equipment (much higher than typical node hosting costs), they are more likely to need to sell some of their profits to maintain operations, further distributing the supply.
Additionally, proof-of-stake may present some unique security challenges, past examples of which include attacks tricking the network into thinking a node had associated collateral when in fact it did not, overloading the memory of staked nodes causing them to fail, and others.
Proof-of-work is inherently much more difficult to spoof, and its intensive infrastructure requirements make it much more difficult to knock offline. A hybrid model including both a staked and a mining element can combine the best of both worlds and avoid each respective system’s vulnerabilities.
While still a fledgling industry, cryptocurrency is still well over a decade old. Some of the initial technologies that the space pioneered are starting to show their age. It’s time to update proof-of-work mining to survive in the modern digital age.