Types Of Attacks That Pose Threat To Blockchain Technologies
Mining technical background
Cryptocurrencies are based on several technologies. The distributed ledger technology is responsible for data storage rules. This technology has several alternatives but the most popular one is blockchain. Since data is distributed among all network participants, it is very important for each user to agree on the blockchain content. Such an agreement state is called consensus. Consensus allows adding a new block to blockchain every time.
Consensus is reached as soon as a user proposes a blockchain attachment and other users agree to accept it. The right to propose another block is defined by a consensus type. It is fair to say that consensus is reached by several users in different ways, which are based on the computer performance of users, their financial capabilities, the amount of spent cryptocurrencies, and other parameters.
The very first type of the consensus achievement used in Bitcoin and Ethereum is called Proof-of-Work. According to its rules, each following block is proposed by the user who first receives a required result of calculations. All participants are constantly calculating hashes of blocks, that is why they are called miners. The more often users calculate hashes, the higher their chance to find a desired value. As soon as it is found, a miner sends the block across the network.
Further, we will describe problems related to the Proof-of-Work approach used in the Bitcoin network.
The transfer of assets is executed via transactions. Simply speaking, each transaction defines “where from”, “where to” and “how much” money was transferred. If a participant decides to send money, he or she forms a transaction and forwards it to a miner. As the miner receives the transaction, it gets added to the block. If the transaction is placed in the block, the miner successfully calculates the hash and the block is approved by other participants, the transfer can be considered successful.
Miners cannot find new blocks very often. In accordance with the total performance, the protocol changes the complexity level once per 2016 blocks. This variation allows keeping an average time of discovering a new block at a 10 minutes level. This means that transactions will be pending for some time. All transactions accepted and verified by miners are placed in a so-called transaction pool. Some time later they will be added to blockchain. Different miners often mine blocks with the same transactions. It can happen because miners want to get more profit. The profit amount comes from transaction fees. Thus, transactions with higher fees have more chances to get into a block.
Let’s assume that a malicious user decides to use the same Bitcoin coin twice. The user forms two transactions with the similar parts of the “where from” fields. Previously, some services checked if transactions are placed in the transaction pool but not into the block. This allowed getting rid of unnecessary pending time. Attackers used this feature and received a 50% chance of a wrong transaction being placed into blockchain. By the time the service owners found out about the fraud, the transaction had already been provided.
The attack 51% requires certain conditions to be executed, though it does not guarantee success. It rather increases the chance of success. An attacker has to possess more than 51% of the network performance. The calculation of a hash function is rather random. Finding a correct block may take a minute or several weeks of unsuccessful mining. This means that with a higher performance, a miner has more chances to find a new block.
Blockchain relies on consensus. Besides, all blocks are linked to each other. It is impossible to change data inside of blocks and keep it secret. But it is possible to create an absolutely new set of blocks that will substitute the correct sequence in the end. Having several parallel chains, which are absolutely legitimate and correct, users will choose the longest one. That is how attackers can apply a chain split to a transaction copy and cover it with hashing performance.
Attack 51% algorithm
- An attacker creates two transactions. The first one transfers assets to a recipient’s account, and the other one transfers them back to the attacker.
- The first transaction is transferred to the network, and the second one is kept by the attacker.
- After the transaction is sent, the attacker forgets about it and starts generating a new chain of blocks in parallel with other participants.
- As soon as the recipient checks that transaction has passed successfully and is placed in blockchain, he or she performs their part of agreement. The attacker receives goods or services.
- Since the new block calculation probability is higher with higher performance, the attacker will create the secret chain faster than others.
- After the secret chain is published, the majority of miners accept it because it is longer.
This attack may be performed with a hashrate less than 50%. If the attacker performance does not exceed 50%, this attack is called an alternative history attack.
If the attack is successful, the wrong transaction will be placed in blockchain instead of the correct one. The receiver will not get funds, while the services have already been provided. Basically, the attack targets one victim. Other transactions will be added to blockchain in a regular way. Unfortunately, the selection of the longest chain is one of the main blockchain rules. Improved variants of Proof-of-Work may rely on the complex metrics of target “weight”, as it is proposed in the Ethereum network, but it does not solve the problem anyway.
One of Bitcoin developers Peter Todd believes that the younger a cryptocurrency is, the higher the chance the attack will be successful. The main attach mechanism is based on the correct chain suppression with the computation performance. This is quite possible for a new cryptocurrency. But when it comes to a token with a long history, we should consider a huge support from the miners society. To provide such an attack, significant investments are required, and they will likely never pay off.
A race attack in fact is a slightly changed double spending attack. It is based on the slow validation of accepted transaction and receiver’s bounded knowledge. A recipient cannot check what transactions are sent to miners, but can check if a transaction is already in the block or ask the sender to provide a transaction copy. In this case, the attacker will transfer a fake transaction to miners and give a correct one to the recipient.
Even if the recipient sends a transaction to miners in person, they will see that the “where from” field is already present in the transaction pool. Most likely that the latest transaction will be put aside. Of course, this attack will fail if miners put aside all suspicious transactions or show their potential block and the transaction pool content to everyone.
The Finney attack is also based on double spending. As in the previous case, a recipient has to consider if a transaction is successful. It may succeed even if the recipient waits for some time to be sure the block is appropriate. To perform such a kind of attacks, attackers have to mine blocks on their own. In theory, they do not need 50% of the total network performance.
The sender mines block with the unfair transaction. Once the block is found, goods or services are paid by coins from this block. Even if the recipient waits for some time till the block is closed, the unfair block will be transmitted to the network as soon as the attacker gets a profit. Since the block is composed in accordance with the consensus rules, it will be accepted by the network and the coins will be turned back to the sender’s wallet.
This kind of attacks will fail if one more block is found until the malicious sender goes for the fraud result. Then the whole trade will be performed along with the rules. As in case of the attack 51%, the less the hashing performance is, the less the chance to succeed.
Another double spending attack was proposed by the Vector76 user in 2011. This attack requires a sender to possess two nodes and use one of them for mining. An online wallet service with the direct IP-address connection available is also required.
The attack is performed as follows:
- The attacker creates two transactions. The first one transfers a lot of bitcoins to the online wallet, while the other one transfers a small amount to another attacker’s address.
- The attacker starts mining the block with the first transaction inside. As soon as the block is received, the second transaction is spread across the network. Only after this the first transaction is shown to the victim.
- The victim observes the correct transaction (which is supposed to transfer funds to the online wallet) and places this operation to queue. By that time, the unfair transaction is already spread across the network. It will prevent the fair one from being placed in the transactions pool.
- As soon as someone in the network closes the block with the unfair transaction, the attacker passes the block to the victim, who in turn transfers funds to the wallet account. Immediately after that, the attacker asks for the funds to be returned.
- The victim returns the funds. At this time, the false block is not accepted by the network because the correct one already exists. As a result, the attacker takes funds from the victim’s account even if the validation is received.
On July 2014, a mining pool called Ghash.io reached 55% of the whole Bitcoin network hash performance. The pool members voluntarily agreed to reduce their mining capacity down to 40%.
Since April 2018, the cryptocurrency Verge has faced 51% attacks three times. Attackers managed to withdraw $16,000 for the first time and $1,7 million for the second time. The third accident is still discussed. Nobody can say for sure whether it was the attack or not. Both confirmed incidents became possible because of the software vulnerability.
Starting from 16 May 2018, an attacker has possessed more than 51% of Bitcoin Gold computing performance for three days. A lot of double spendings were performed during the attack on different crypto platforms. The total amount of stolen money reached $18 mln.
As a result of an attack, the Japanese Monacoin currency lost about $90,000 in May 2018. The attack started on May 13 and lasted till May 15. The reason was the high speed of finding new blocks. An unknown person has managed to mine two blocks at the same time. Using this fact, the attacker created a secret chain and used the longest chain rule.
Some experts think that cryptocurrencies based on the Proof-of-Work algorithm require better protection. There is also an opinion that all these attacks might be connected somehow.
Anyway, Proof-of-Work vulnerabilities are well-known. Common users should pay a lot of attention to the safety of their cryptoassets. Unfortunately, mass network attacks cannot be fought off locally. Their prevention is the sole responsibility of the network developers.
Sergey Borsuk, Blockspoint