Vitalik Buterin’s Seven Deadly Crypto Sins: Bitmain and 51% Attacks
In the following series, BTCManager will be walking through, in detail, seven questions posed by the co-creator of Ethereum. These seven questions are some of the most relevant features of this booming ecosystem. From mining, as in this week’s installment, to governance and everything in between. The series was inspired by a discussion between Buterin and a WeChat group.
Fear of 51% Attacks
Of all the potential attacks on cryptocurrencies, one of the most dreaded is known as a 51 percent attack. This type of attack would allow the attacker complete control over the cryptocurrency and cause a great deal of chaos.
An event like this occurs when miners launch an assault on a given blockchain to take over the approval process for transactions currently being processed. A successful attack would not allow for complete control over the cryptocurrency, but it could significantly alter how the cryptocurrency is used.
This attack, for instance, would not allow this group of miners to create new coins arbitrarily or to alter historical transactions, but the malicious miners could double-spend transactions over which they currently have control or to halt the operation altogether.
Bitcoin Gold: Successfully Attacked
The most significant example of this attack is with Bitcoin Gold. In May 2018, over a period of four days, malicious miners controlled a vast amount of hash power on Bitcoin Gold’s network such that they were able to double-spend transactions eventually stealing more than $18 million worth of Bitcoin Gold.
Even while creating updates to the wallet, reversing entire blocks, and increasing confirmation times, the cryptocurrency still experienced a significant failure.
In the case of Bitcoin Gold, the attack was made possible by a confluence of events. Since Bitcoin Gold used the Equihash mining algorithm, the mining platform is very similar to ZCash, so there is an ample supply of hash power available – around 500 Megahash in May 2018. Second, the high value of the coin at the time, approximately $75 for each coin. And lastly, the low amount of total hashrate on the coin – about 40 mega hash.
To attack Bitcoin Gold, the malicious miner simply had to create a custom mining script and deploy it to around 40 mega hash worth of miners. At the cost of about one bitcoin per mega hash per 100 hours, the 40 mega hash system would only cost approximately 40 BTC for the 100-hour time.
Can Bitmain Attack Bitcoin?
Larger networks, such as Bitcoin and Ethereum, point to the considerable hash power as proof that the 51 percent attack cannot occur to their cryptocurrency. Bitcoin is currently at approximately 40 Petahash and Ethereum is at 288 Terahash. Based on this, there would only be two ways to attack either cryptocurrency using this style of hack.
The two methods would be to either attempt to double the hashrate overnight or to compromise more than 51 percent of the miners via collusion and monopolization.
It is Buterin’s assertion, however, that the Bitcoin protocol is vulnerable to such a threat by Bitmain and related pools as they have more than enough hashpower to compromise the cryptocurrency at any time. The principal point is that most Bitcoin miners run on rigs manufactured by Bitmain or they mine in pools controlled by Bitmain or their affiliated pools.
This means that at any time, malicious code can be injected into the pools, or potentially into the miners by a software update, to affect how the miners are mining.
Could Antbleed Have Caused a 51% Attack?
Bitmain was directly responsible for the “Antbleed” vulnerability as revealed in April 2017. This problem was hard coded into a vast majority of miners that would allow either Bitmain or malicious hackers to shut down all miners running this system.
This means that a majority attack would then be less costly for someone to implement. Bitmain’s response at the time was that this was never intended to be a bug but rather a feature:
“We never intended to use this feature on any Antminer without authorization from its owner. This is similar to the remote erase or shutdown feature provided by most famous smartphone manufacturers.”
A subsequent fix by Bitmain still introduced potential calls to Bitmain servers that contained information about the miners.
Although the source code for Bitmain’s miners is public, the software that runs their pools is kept confidential and out of the public’s view. As of the date of this article, the following five pools control more than 50 percent of Bitcoin’s hashrate:
- BTC.com – 19.1 percent
- ViaBTC – 12.4 percent
- AntPool – 12.2 percent
- BTC.TOP – 10.7 percent
- SlushPool – 10.7 percent
This totals 65.1 percent of the entire hashrate of the Bitcoin network. If these five pool owners were to collaborate on any combined update to their pool, it would have a disastrous impact on mining.
Matt Odell on the 51% Attack
Speaking to the issues, Bitcoin developer Matt Odell told BTCManager:
“[We] don’t know the makeup of the individual pools. How much is controlled directly by Bitmain in their server farms vs. how much are independent miners who use Bitmain’s pools because they are solid, reliable pools with low variance.”
The only check on the mining pool’s power is the individual miners. To that, Odell offers:
“Pool operators have a lot of power, but those individual miners can change their pools if they don’t like how it is being operated, which provides a soft check on that power, in the future if Matt Corallo’s betterhash works and gets adopted those pool operators will have much less power.”
Betterhash – Will it Really Be Better?
The reason why Betterhash would solve this issue is that of how individual miners operate within mining pools. The “Stratum” protocol requires pool operators, such as Bitmain, to create the template for the block and then the protocol requires the miners to build on that template.
This means that pool operators can censor what miners can work on. Since the pool can select which transactions to include in a block, the pool could potentially reject transactions as well.
The most dramatic effect of the pool’s censorship power was most visibly seen in the “block accelerator” systems that all pools were offering during the “full blocks” period of Bitcoin prior to the introduction of Segwit and the Lightning Network.
The Betterhash proposal that Matt Corallo submitted on March 2018 is pending on the fact that the standards track would change how this system works. This proposal would move the building of block templates to individual miners and allow miners to select for themselves as to which transactions to include in blocks.
Attack on Stratum
For almost 12 months and during the rise of Bitcoin to $20,000, just about every block mined by Bitcoin was a full 1MB block. During this time, the debate regarding the block size increase reached a fevered pitch between Bitcoin and Segwit supporters as well as the 8MB block supporters. Ultimately, the battle ended with the fork of Bitcoin Cash (BCH) on August 1, 2017.
During this time, ViaBTC and BTC.com both offered “transaction accelerators” and required miners to mine blocks with those accelerated transactions while keeping the payments for accelerated transactions to themselves.
This opens up another related attack vector. Using this same power, governments or other malicious groups could require pools to block transactions and to keep quiet about those transactions that they block.
Audit of Bitmain
Bryan Bishop, a cryptocurrency expert, recently offered to provide an independent third-party audit of Bitmain’s hashrate. On Twitter, he told BTCManager:
“An independent, outsider audit of Bitmain hashrate is possible. I think their move towards greater transparency is a huge win for bitcoin, if they follow through. A good audit would combine both the technical expertise of a Bitcoin developer with forensic accounting.”
BTCManager reached out to Bryan to follow up with a few questions of our own. When asked about the Betterhash proposal, Bryan said:
“I think the Betterhash proposal from Matt Corallo is going to help a lot. In the meantime, I’m left wondering about Bitmain’s control of many of the large bitcoin mining pools.”
When confronted by the Bitcoin Community about these concerns, Bitmain only offered the transparency policy on their website excerpted below:
- Every 30 days Bitmain will publish data on self-mining.
There is a zero-tolerance policy on secret mining.
They will never seek to mine empty blocks.
They will provide shipping and volume information of new miners to the public.
There is nothing in the disclosure about their cooperation with other pools or about how they select which transactions to mine or even how their mining pools operate. BTCmanager asked Bitmain these questions on their support forum and by email and have not received a response. We will update this article should we hear back from the firm.
Is Ethereum Protected?
Ethereum has proven to be more resistant to attacks than Bitcoin; however they suffer from the same Stratum protocol difficulty as the pioneer cryptocurrency. That said, Ethereum has been moving to a Proof of Stake (PoS) implementation.
This would require some significant changes to the entire Ethereum system. Ethereum “Serenity” is the code name for this system that includes the Casper Proof of Stake. The next major step will be Ethereum’s “Constantinople” and will provide the building blocks for this. Implementation has been delayed until sometime between 2019 and 2020 according to Ethereum developers.
This means, right now, the top Ethereum pools can collaborate in a malicious way. The top four pools are:
- Ethpool / Ethermine – 43.88 percent
- Nanopool – 20.91 percent
- MiningPoolHub 10.12 percent
- 2miners – 8.6 percent
BTCManager also attempted to reach out to Ethermine and Nanopool through their support system and email and, to date, we have not received a response to our inquiries. We will update this article should we hear back from either pool operator.
Stopping the Attacks
A 51 percent attack is a genuine threat. The threats are not only from external state-sponsored forces but can also come from malicious attackers. Cryptocurrency developers are continuing to review proposals and to propose multi-year development plans while attackers are crafting plans of their own.