Less than a year after a block reorg that caused $100,000 worth of double-spending, VertCoin has seen yet another 51 percent attack where 603 blocks were reorganized on the chain. As per Crypto Briefing, a mere 125 BTC, worth $29, was sent to the hacker’s wallet, but the larger implications of this show that the Proof of Work (PoW) is not secure for low hashrate networks, December 2, 2019.
Renting Power for Low-Security Coins
Bitcoin’s consensus algorithm, Proof of Work (PoW), relies on a large amount ofto ensure the network cannot be gamed. The lack of hash distribution to Bitcoin SV and Bitcoin Cash is a leading reason for poor on-chain security.
Here comes the plight of VertCoin – a mere $12.4 million network. Renting hash power to attack the network is seemingly a child’s play. Back in December 2018, the hourly cost of the attack was just $125. However, this time around the cost of doing so spiked on November 30. Lead maintainer of the repository, James Lovejoy, claims the attacker spent $3500-7000 on the attack (.5-1 BTC), but only a managed to make away with $3200 (.44 BTC).
Bittrex, the main source of liquidity for VTC, was made aware of the attack and closed deposits and withdrawals on the exchange. Lovejoy believes the attack may have targeted Bittrex but was unsuccessful due to Bittrex halting wallet transfers.
Pitfalls of Proof of Work
Reliance on external equipment and variable costs like electricity amplifying the need for profitability makes Proof of Work a poor consensus algorithm for smaller altcoins.
Low hashrate on a PoW network is a recipe for disaster and acts as a hindrance to network security. VertCoin implements an ASIC resistant version of PoW to enable more individual miners to take part in the network. But the low hash rate means that the cost of carrying out a 51 percent attack is much, much lower relative to Bitcoin.
With Proof of Stake, security hinges on parameters set internally on the network and is not greatly influenced by hardware and energy costs. Security is dependent on the staking rewards schedule and general perception of the network’s ability to scale and generate returns.
With two attacks in the span of a year, VertCoin would do well to either switch their consensus algorithm or refine it to mitigate double-spending risks.