Bitcoin Satoshi’s vision, the fork of another Bitcoin (BTC) fork, has suffered a blockchain reorganization attack (reorg) for the third time in three months. With a call to everyone involved to mark the malicious network branch as invalid, the developers of Bitcoin SV (BSV) say that the attacks have been repelled and all fraudulent chains have been identified.
The spate of attacks against Bitcoin SV, although reportedly fended off, underscores the risks associated with Proof-of-Work (PoW) blockchains, which have a small amount of hash rates that sustain their existence. In fact, in addition to Bitcoin SV, several chains such as Ethereum Classic (ETC) and Firo – formerly known as Zcoin – fell victim to such attempted blockchain reorg exploits.
While not all of these attacks are successful, some have significant economic ramifications for honest subscribers and the network in general, as the villains responsible for the malicious exploit on the network can double-spend “coins”. The problem is so advanced that it is theoretically possible to launch these attacks with rented hashing power worth a few thousand dollars.
Another blockchain reorg attack
In early August, Bitcoin SV suffered a suspected 51% attack that resembled previous incidents that occurred between late June and the first week of July. At the time, it was said that the malicious network exploit resulted in three versions of the main chain being mined simultaneously in a deep blockchain reorg attack.
This type of attack occurs when a malicious actor controls 51% of the network’s hash rate and can use that majority of the hashing power to control and prevent block production and double-spend coins. The August 3 incident is reportedly the largest exploit against BSV since it was diverted from Bitcoin Cash (BCH) in 2018.
At some point during the exploit, the attacker aims to compromised According to Nikita Zhavoronkov, lead developer at the blockchain explorer Blockchair, transactions in the Bitcoin SV chain are carried out with a value of around 10 hours. In response to the event, the Bitcoin Association – an advocacy group of Bitcoin SV – advised honest node operators to mark the fake chains initiated by the hacker as invalid.
Marking split chains initiated by 51% of attackers as invalid is necessary to prevent the hackers from obtaining economic benefits such as double spending. Usually the aim of such incidents is to send mined coins from the counterfeit chain to the exchanges and thus extract monetary value from “thin air”.
In their updated report on the incident, the Bitcoin Association stated that the hacker’s attempted 51% attacks were unsuccessful and urged network participants to ensure that their nodes only interact with the chain backed by honest miners. As part of their report, the Bitcoin Association stated that all relevant stakeholders, including the Bitcoin SV Infrastructure team, will continue to monitor the network to prevent further attacks.
Speaking to Cointelegraph, Steve Shadders, Chief Technology Officer of Bitcoin SV developer nChain, stated that both stakeholders are implementing “a number of proactive and reactive measures” to prevent further attacks.
“Together with the Bitcoin Association team, we also worked with exchanges, miners and ecosystem companies to quickly dismantle the fraudulent chain of illegal double spending using the invalidateblock command – an RPC code that was introduced in Bitcoin in 2014 and is still part of it the code base is for both BTC and BCH. “
According to Shadders, this move undermined the attacker’s efforts and allowed honest participants to channel their hashing power onto the right chain. Shadders also stated that the attack added more hashing power to the Bitcoin SV chain to “defend the network”. In fact, data from BitInfoCharts shows an increase in the Bitcoin SV hash rate between August 3rd and 4th, with the network’s hashing power increasing by almost 15%.
Three attacks in as many months
The fact that there have been three attacks in three months, each with similar methods, has led the discussion about whether there is an agenda against Bitcoin SV. Between June 24th and July 9th, Bitcoin SV suffered four separate 51% attack attempts that resulted in double-issued coins being sent to the Bitmart crypto exchange.
In July, Cointelegraph reported that Bitmark was seeking an injunction from a New York judge to prevent the hackers responsible for the 51% attacks on Bitcoin SV from selling their duplicate coins. At the moment it is not clear whether the August attacker was able to send BSVs issued twice to an exchange.
In a note sent to Cointelegraph, the Bitcoin Association clarified that the existence of double-spend transactions in the June and July attacks did not adversely affect Bitcoin SV users, adding:
“It is possible that the malicious actor may have duplicated its own transactions. There were no losses and nobody was stolen. “
The June 24 and July 1 attacks reportedly went unnoticed, and the investigation did not begin until after the July 6 incident. At the time, some exchanges, including Huobi, paused deposit and withdrawal services for BSV, sparking inaccurate speculation that trading platforms would wipe out the coin.
The likelihood that the August attacks are related to the earlier incidents, Shadders told Cointelegraph: In July, the similarity in attack vector and methodology would suggest that the attacker is likely to be the same again. “
The only difference between the two sets of attacks is that the exploits in June and July used the pseudonym “Zulupool” – not associated with the legitimate Hathor network miner of the same name – while the August hacker embodied the Taal mining pool. In fact, the attacker is believed to have masqueraded as a Zulu pool in June and July and was also linked to the Block Reorg exploit against Bitcoin ABC in March.
Given the suspected links between all of the attacks, Shadders told Cointelegraph that legal action would be taken, stating:
“The Bitcoin Association and its legal representatives are actively involved in law enforcement in the affected jurisdictions – a process that the Bitcoin SV Infrastructure Team continuously supports by collecting and collating all forensic evidence left by the attacker.”
Vulnerable PoW networks
PoW networks with much lower hash rates are vulnerable to 51% attacks because the hashing power required to seize the network costs only a few thousand dollars. In some cases, rented hashing power from NiceHash worth a few hundred dollars is enough to stage a blockchain reorg exploit on some PoW chains.
According to data from Crypto51 – a platform that tracks the theoretical cost of a 51% attack on PoW chains – it costs about $ 5,200 to rent the hashing power required for a 51% attack on Bitcoin SV for an hour .
Ethereum Classic, another PoW network, also suffered several 51 percent attacks in 2019 and 2020. In one incident, an attacker allegedly siphoned over $ 5 million from the network while spending only $ 192,000 on hashing power to carry out the attack. It is important to note, however, that while such attacks are still possible, network actors can take steps to mitigate the vulnerability.
Related: If you have a bitcoin miner, turn it on
In the absence of the superior network effect and massive hashing power of Bitcoin, other PoW chains actually need to create secondary security protocols to detect malicious blockchain reorgs. To put the hash rate disparity in stark contrast, the total hashing power of the Bitcoin network is currently more than 320 times greater than that of Bitcoin SV.
Crypto exchanges must also increase the network verification requirement for coins whose chains do not have sufficient hashing power. Most 51% of attackers try to double their transactions through exchanges by exchanging their counterfeit coins for the legitimate funds often held by trading platforms on behalf of their users.
Even if the blockchain eventually fights off the attack, the hacker can siphon off the value of the exploit by trading their counterfeit coins on exchanges that do not apply the minimum required verification protocols.