Blockchain Reorgs: Historical Effect and Differing Perspectives
After the recent Binance hack where the exchange lost $40 million, Jeremy Rubin made a blockchain reog suggestion to Chanpeng Zhao, CEO of Binance. Jeremy Rubin, who is deeply involved in the MIT Digital Currency Initiative, spoke to Zhao over his live stream where Zhao was describing the hack and countermeasures being taken.
Binance and Reorg Talks
Rubin told Zhao it would be possible to construct a transaction that essentially turns a hacker’s Bitcoin transaction into a pure miner fee. Effectively, this would keep all other transactions in the blockchain the same while allowing miners to roll back consensus – turn that 7,000 BTC transaction into a mining fee, and deprive the hacker of any reward.
https://twitter.com/cz_binance/status/1125996194734399488
Some people like James Prestwich, founder of StorJ, came out in support of Rubin claiming Bitcoin was created for mass consensus and punishing crime outside the inefficiencies of a government and that rolling back the chain to punish these hackers is in line with Bitcoin’s principles. Most others, like Mike Novogratz and Pierre Rochard, publicly decimated Binance for thinking they had the power to reorg the blockchain.
I am shocked that @cz_binance even went there. Talk of forking or reorganizing the blockchain is close to heresy. When the ethereum community did it the project was like 5 months old. A baby. Bitcoin now has $100bn market cap and is a legitimate store of wealth. https://t.co/pXSqiUcq0i
— Mike Novogratz (@novogratz) May 8, 2019
DAO Hack Backlash and the Role of Miners
In June 2016, the DAO hack on the Ethereum blockchain rattled the crypto community and divided Ethereum into two factions: One half believed that a reorg goes against the principles of a blockchain while the other half rolled back the blockchain to its state before the hack to revoke any reward the hackers gave themselves. The former is now Ethereum Classic (ETC) and the latter is Ethereum (ETH), which is the more developed and adopted of the two.
This was the first instance of rolling back a blockchain, and developers now understood there was a need for community consensus on how to deal with these attacks. Back then and even now, the majority think a reorg is not consistent with the morals of decentralized systems. Vitalik Buterin and the Ethereum Foundation were subjected to public bashing for believing it was ok to reorg a blockchain. But it’s not as though Buterin himself mustered 51 percent of network hash power and rolled it back – he contacted miners and gave them his position on the matter after which they all agreed it was best to roll back the chain. If the miners felt this was not in their best interest, they would’ve told Buterin they won’t support a network reorg.
A miner’s interests are usually seen from the standpoint of financial incentive and economic benefit. But more often than not, these things are tied to the basic well-being and health of the blockchain itself. A miner will receive more in fees if more people are using the chain, more people using the chain means higher user acquisition growth, and finally more users means stimulating adoption, so a miners best interest boils down to network usage.
Reorg Protection: Bitcoin Cash’s Checkpoints
During the split between Bitcoin Cash (BCH) and Bitcoin Satoshi’s Vision (BSV), the BCH faction implemented ‘automatic checkpoints’ to the network. They feared BSV would try to divert hash power to BCH to cause havoc in the network. So to avoid a reorg of the blockchain which would affect network integrity, the BCH blockchain now has a checkpoint created every 10 blocks. Simply put, nobody can cause a reorg of more than 10 blocks on BCH even if they acquired 51 percent of the hash power. Surprisingly, the BCH community suspects BSV enthusiasts are mining BCH under the pseudonym of Satoshi as reported by BTCManager.
Bitcoin and BSV proponents refer to this as ‘centralized checkpoints’ because the validity of such a checkpoint is confirmed by a single miner in each block they build. BCH believes it is an effective strategy to ensure the immutability of a ledger and stop a malicious miner from secretly mining a false chain and projecting it to a set of nodes, causing a huge disruption to the network.
Both sets have their own reasonable logic to back their opinions and there is merit to both sides of the argument when it comes to checkpoints. On one hand, the Bitcoin maximalists have a point when they say checkpoints are centralized; even though the process stops a reorg and protects network integrity, there are ways a malicious miner can change a checkpoint as security is deferred to the miners and it breaks the principle of ‘verify, don’t trust’; even BCH developer Andreas Brekken said checkpoints were a bad idea. On another hand, Satoshi himself implemented checkpoints on Bitcoin with the reasoning of preventing a large scale network reorg that could even alter the genesis block.
Perspectives Across Different Factions
While there are differing viewpoints on the Binance and Rubin issue, their proposal was technically a reorg, but just a minor change in one transaction of a block. The same thing happened in 2016 when Bitfinex was hacked for $72 million and asked miners if they would consider rolling back the chain to the pre-hack state. What Binance was considering was not rolling back the chain to a state before the hack but rather to just shift the coins from the hacker’s wallet to miners to punish the hacker.
https://twitter.com/_prestwich/status/1125996139675652096
From the history of reorgs we generally see two factions – those who believe immutability is the most important part of a blockchain and those who are willing to compromise pure immutability for a fair system. A system cannot be called immutable if it can be easily changed but these kinds of events don’t occur often. Moreover, these reorgs are recommended to occur within 6 blocks, after that even those in support of them note that it is too expensive and dangerous to attempt.
In the future, I'd like consider a standard way of dealing with a hack to be to, within 6 blocks, reorg the attacked funds to a transaction which pays out on a long term timelocked schedule to future miners.
That way at least these hacks can secure the future of bitcoin :p
— jeremy rubin | bip-119 (@JeremyRubin) May 8, 2019
Reorgs are a technical matter that require mass miner consensus, for this kind of situation it could be considered just as a way to deter hackers, but a full block reorg is something that should and probably will never happen. It is admirable that various factions of the crypto community engage in dialogue to express their viewpoints and argue based on merit.
There are not many systems in the world that have open dialogue as crypto communities do; despite all the in-fighting that reorg discussions have caused, it also solidifies the notion that there is no one person who decides things in Bitcoin – everyone is a part of the discussion that leads to decision making.