Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Thursday May 24 2018, @03:41PM   Printer-friendly
from the Oops,-the-honest-people-are-in-a-minority-again dept.

CCN reports:

A malicious miner successfully executed a double spend attack on the Bitcoin Gold network last week, making BTG at least the third altcoin to succumb to a network attack during that timespan.

[...] To execute the attack, the miner acquired at least 51 percent of the network's total hashpower, which provided them with temporary control of the blockchain. Obtaining this much hashpower is incredibly expensive — even on a smaller network like bitcoin gold — but it can be monetized by using it in tandem with a double spend attack.

After gaining control of the network, the attacker began depositing BTG at cryptocurrency exchanges while also attempting to send those same coins to a wallet under their control. Ordinarily, the blockchain would resolve this by including only the first transaction in the block, but the attacker was able to reverse transactions since they had majority control of the network.

Consequently, they were able to deposit funds on exchanges and quickly withdraw them again, after which they reversed the initial transaction so that they could send the coins they had originally deposited to another wallet.

A bitcoin gold address implicated in the attack has received more than 388,200 BTG since May 16 (mostly from transactions it sent to itself). Assuming all of those transactions were associated with the double spend exploit, the attacker could have stolen as much as $18.6 million worth of funds from exchanges.

The last transaction was sent on May 18, but the attacker could theoretically attempt to resume it if they still have access to enough hashpower to gain control of the blockchain.

Bitcoin gold's developers advised exchanges to address the attack by increasing the number of confirmations required before they credit deposits to customer accounts. Blockchain data indicates that the attacker successfully reversed transactions as far back as 22 blocks, leading developers to advise raising confirmation requirements to 50 blocks.

Bitcoin Gold appears to use a standard ~10 min block rate so the new recommendation is for exchanges to hold funds for ~8 hours before clearing them.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by JoeMerchant on Thursday May 24 2018, @04:36PM (30 children)

    by JoeMerchant (3937) on Thursday May 24 2018, @04:36PM (#683607)

    I only recently became aware of how Ripple operates [ripple.com].

    There are pluses and minuses to Ripple's curated list of trusted validators approach.

    I think Bitcoin Gold just demonstrated a minus of trusting the collective network to operate more than 50% honestly because it's just so damn expensive to gain majority share.

    --
    🌻🌻 [google.com]
    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Thursday May 24 2018, @05:01PM (2 children)

    by Anonymous Coward on Thursday May 24 2018, @05:01PM (#683621)

    Each individual's personal risk profile can be used to determine how one uses the network.

    These exchanges lost, because they were risk taking rather than risk averse.

    On a decentralized PoW blockchain Just wait longer for exponentially stronger statistical guarantees.

    All this proved is that, as usual, nobody in a position of power actually knows what he's doing.

    • (Score: 2) by Geotti on Friday May 25 2018, @01:31AM (1 child)

      by Geotti (1146) on Friday May 25 2018, @01:31AM (#683844) Journal

      All this proved is that, as usual, nobody in a position of power actually knows what he's doing.

      If anyone actually would, he/she would immediately stop doing anything.

      • (Score: 0) by Anonymous Coward on Friday May 25 2018, @05:54PM

        by Anonymous Coward on Friday May 25 2018, @05:54PM (#684107)

        The word "he" Is masculine only in the sense that it is not necessarily feminine.

        Sometimes, it's necessary to distinguish special, exotic, or cherished objects, such as boats or women. In that case, the word "she" is used.

        It's redundant to say "he/she". Just say "he".

  • (Score: 3, Insightful) by Snow on Thursday May 24 2018, @05:48PM (20 children)

    by Snow (1601) on Thursday May 24 2018, @05:48PM (#683645) Journal

    Ripple instamined the vast majority of XRP and assigned them to themselves.

    Ripple's central authorities are also a liability because a government could knock down their door and shut the entire network down.

    • (Score: 2) by JoeMerchant on Thursday May 24 2018, @06:11PM (9 children)

      by JoeMerchant (3937) on Thursday May 24 2018, @06:11PM (#683655)

      I totally agree on both points, however... I do like the basic premises behind Ripple - web-of-trust over proof-of-work.

      I think where they are missing the point is that they are holding on too tight. If (big if) they could provide some incentive-rewards for running validator nodes, speed development of a larger trusted core of validators, and of course burn the hell out of bad actors, I think they'd have something worth using. Of course, there's always the problem that your trusted core of validators gets pwned by some party that just wants to screw the system over (Warren Buffet's buddies?), but that could be what's happening in Bitcoin Gold right now, too.

      They have some interesting ideas about operating as an exchange platform, but at the end of the day they still publish their XRP and it tracks BTC nearly 1:1, the open market never ceases to amaze me in how deep it does not look when determining value.

      --
      🌻🌻 [google.com]
      • (Score: 0) by Anonymous Coward on Thursday May 24 2018, @06:37PM (8 children)

        by Anonymous Coward on Thursday May 24 2018, @06:37PM (#683663)

        ... layer.

        Yes, you're right: There is a lot more trust in the world than zero, and that trust can be exploited for mutual profit.

        However, Bitcoin is a more fundamental system the that; it works not only when there is zero trust, but also in the face of active attackers.

        So, build your trust into a higher-level protocol, but use Bitcoin to take snapshots of the state of your trustworthy world, or use Bitcoin to escape potential attacks when trustworthiness becomes uncertain.

        • (Score: 2) by JoeMerchant on Thursday May 24 2018, @07:23PM (7 children)

          by JoeMerchant (3937) on Thursday May 24 2018, @07:23PM (#683694)

          is a more fundamental system the that; it works not only when there is zero trust, but also in the face of active attackers.

          Does it, really? You're trusting more than 50% of the hashing power to play fairly. I believe there's not really a way to increase that ratio in your "trust free zone," either: say you require 80% agreement, well - now an attacker only needs to gain 21% control to shut down processing.

          --
          🌻🌻 [google.com]
          • (Score: 1, Interesting) by Anonymous Coward on Thursday May 24 2018, @10:19PM (6 children)

            by Anonymous Coward on Thursday May 24 2018, @10:19PM (#683779)

            Firstly, having a hashing majority simply allows one, at great cost, to make a limited set of mild manipulations for a limited time (people start noticing), such as toppling a handful of the top blocks, slowing down the processing of particular transactions, etc. Meanwhile, each new block secures ever more the blocks on which it is built, which is still a service, and is one reason why Bitcoin would probably serve best as a settlement layer.

            Secondly, if there's enough aggravation, it could be incentive to whip up support among fair players (or just opponents of the attacker, such as one government against another) to fund competing minors. There's a huge incentive to keep an attacker from ruining the value that has been poured into growing the system.

            Secondly, nobody really has to put up with it; if there's enough aggravation, both miners and non-miners could agree on new rules that disadvantages the bad actor, which might be enough to render such an attack too expensive to keep repeating; this need not be too invasive, either, as a soft fork could allow people to begin transacting with a different PoW algorithm, essentially transitioning to a side chain where the bad actor must once again foot the bill of building up a majority hashing rate.

            • (Score: 3, Funny) by Justin Case on Thursday May 24 2018, @10:48PM

              by Justin Case (4239) on Thursday May 24 2018, @10:48PM (#683790) Journal

              whip up support ... to fund competing minors

              Hell yeah I'd fund that! And them with whips even!!! I'm assuming because it's all blockchain the feds will never bust me since I'll be invisible.

              Let's keep it tasteful, though. No minors under 12. That's just creepy. Especially if they're wrestling naked in a giant vat of olive oil.

              Oh, you meant "miners"?

              See, sometimes literacy does matter.

            • (Score: 2) by JoeMerchant on Friday May 25 2018, @03:11PM (4 children)

              by JoeMerchant (3937) on Friday May 25 2018, @03:11PM (#684043)

              as a soft fork could allow people to begin transacting with a different PoW algorithm, essentially transitioning to a side chain where the bad actor must once again foot the bill of building up a majority hashing rate.

              So, the bad actor has forced manual intervention (I know, ethereum does this all the time), and changing everybody else's hashing gear to run away from them.

              Except, what's to stop this bad actor from adapting their hashing gear over onto the new fork and doing it all over again?

              I think some of what is going on with Bitcoin Gold and the other exploited coins is that there's so much compatibility between competing miner networks that somebody has built up a powerful hashing pool and is jumping from one relatively little network to the next, thrashing them and then moving on. This does not bode well for the whole theory of a distributed multi-layered Proof Of Work system, since each independent honest miner network will have to be bigger (more expensive) than the largest malicious network out there.

              --
              🌻🌻 [google.com]
              • (Score: 0) by Anonymous Coward on Friday May 25 2018, @05:56PM

                by Anonymous Coward on Friday May 25 2018, @05:56PM (#684110)

                People can still use the old rules.

              • (Score: 1) by khallow on Sunday May 27 2018, @12:57AM (2 children)

                by khallow (3766) Subscriber Badge on Sunday May 27 2018, @12:57AM (#684710) Journal

                Except, what's to stop this bad actor from adapting their hashing gear over onto the new fork and doing it all over again?

                The lack of profitability?

                • (Score: 2) by JoeMerchant on Sunday May 27 2018, @02:22AM (1 child)

                  by JoeMerchant (3937) on Sunday May 27 2018, @02:22AM (#684726)

                  The lack of profitability?

                  I'm just going to throw out a guess here that $18M in the space of less than a day was a profitable day for the attacker.

                  --
                  🌻🌻 [google.com]
                  • (Score: 1) by khallow on Sunday May 27 2018, @04:20AM

                    by khallow (3766) Subscriber Badge on Sunday May 27 2018, @04:20AM (#684750) Journal
                    Depends on how much the equipment costs them to run. If they're directing around a bunch of hacked computers, it's probably pretty cheap. If they're chewing up more than $18 million in order to earn $18 million it doesn't work for them.
    • (Score: 3, Interesting) by JoeMerchant on Thursday May 24 2018, @06:58PM (9 children)

      by JoeMerchant (3937) on Thursday May 24 2018, @06:58PM (#683673)

      Holy F! - I just found this nugget:

      Ripple (the company) holds a large reserve of XRP in escrow. At the start of each month, 1 billion XRP is released from escrow for Ripple to use. (Ripple uses XRP to incentivize growth in the XRP Ledger ecosystem and sells XRP to institutional investors. Ripple also sells XRP programmatically on exchanges, limited to a small percentage of overall exchange volume.

      That's out of a 100B total pool, so they're floating themselves 1B XRP per month for 8+ years... and yet it continues to track BTC at a fixed ratio.

      Shenanigans.

      --
      🌻🌻 [google.com]
      • (Score: 1) by khallow on Friday May 25 2018, @02:26AM (8 children)

        by khallow (3766) Subscriber Badge on Friday May 25 2018, @02:26AM (#683861) Journal
        Or they're using that muscle to push the market towards a fixed ratio with BTC. They may be raking it in, or they might be leaking money. Can't tell from what you wrote.
        • (Score: 2) by JoeMerchant on Friday May 25 2018, @11:55AM (7 children)

          by JoeMerchant (3937) on Friday May 25 2018, @11:55AM (#683971)

          they're using that muscle to push the market towards a fixed ratio with BTC.

          Exactly: Shenanigans. Illegal shenanigans if that's what they're doing: https://www.pymnts.com/cryptocurrency/2018/bitcoin-criminal-probe-regulation/ [pymnts.com]

          --
          🌻🌻 [google.com]
          • (Score: 1) by khallow on Friday May 25 2018, @12:00PM (6 children)

            by khallow (3766) Subscriber Badge on Friday May 25 2018, @12:00PM (#683972) Journal
            What makes that illegal? That they're using a cryptocurrency? That they're breathing? Crime requires criminal acts first.
            • (Score: 2) by JoeMerchant on Friday May 25 2018, @01:13PM (5 children)

              by JoeMerchant (3937) on Friday May 25 2018, @01:13PM (#683995)

              From the linked article: spoofing and wash trading are illegal.

              If individuals or groups are trading XRP with themselves in order to manipulate the market price up or down, that's wash trading, and illegal.

              Like most bad laws it's difficult to prove: intent or collusion or manipulation of market price, but that doesn't change the illegal status, and in every market manipulation there are damaged parties who either paid more or received less than they would have without the manipulation (or, as you say: muscling).

              What really makes it illegal is somebody's willingness to pursue it in a court of law coupled with a victory - then it becomes case law, of which there is quite a bit existing for wash trading. The legal system in its current form isn't one I love, but it is the one we have.

              --
              🌻🌻 [google.com]
              • (Score: 1) by khallow on Saturday May 26 2018, @03:26AM (4 children)

                by khallow (3766) Subscriber Badge on Saturday May 26 2018, @03:26AM (#684330) Journal

                spoofing and wash trading are illegal.

                And that has what to do with the managers of the currency?

                If individuals or groups are trading XRP with themselves in order to manipulate the market price up or down, that's wash trading, and illegal.

                Except when it's not illegal. For example, stock buybacks aren't illegal.

                • (Score: 2) by JoeMerchant on Saturday May 26 2018, @11:59AM (3 children)

                  by JoeMerchant (3937) on Saturday May 26 2018, @11:59AM (#684481)

                  stock buybacks aren't illegal.

                  Unless you've sold stock to a colluding party, and then buy it back in a short time frame, that becomes an illegal wash.

                  What's colluding? What's short? Yeah, the law sucks, but it's the law.

                  --
                  🌻🌻 [google.com]
                  • (Score: 1) by khallow on Saturday May 26 2018, @09:29PM (2 children)

                    by khallow (3766) Subscriber Badge on Saturday May 26 2018, @09:29PM (#684669) Journal

                    Unless you've sold stock to a colluding party, and then buy it back in a short time frame, that becomes an illegal wash.

                    So not always illegal as I already noted.

                    • (Score: 2) by JoeMerchant on Saturday May 26 2018, @09:54PM (1 child)

                      by JoeMerchant (3937) on Saturday May 26 2018, @09:54PM (#684675)

                      So not always illegal as I already noted.

                      And f-ing hard to prove in court, which is why all the chat room pump and dumps of the 2000 dot-com bust got away with their shenanigans.

                      Illegal if you can bring a case and make it stick. Cybercurrency traders are an order of magnitude bolder than the chat roomers from ~20 years ago, I'm sure there's available records all over the internet that would make a case for wash sales and even spoofing (I think one guy is actually using Spoofer as his pseudonym...) Now, does anybody care enough to bring the case? We will see.

                      --
                      🌻🌻 [google.com]
                      • (Score: 1) by khallow on Sunday May 27 2018, @12:55AM

                        by khallow (3766) Subscriber Badge on Sunday May 27 2018, @12:55AM (#684709) Journal
                        You are equating legal activity with illegal activity. As I already noted, there are legal ways to manipulate markets. Show it's illegal first.
  • (Score: -1, Troll) by Anonymous Coward on Thursday May 24 2018, @05:57PM

    by Anonymous Coward on Thursday May 24 2018, @05:57PM (#683648)

    why would you investigate a bankster coin like ripple? just how dumb are you?

  • (Score: 2) by FatPhil on Thursday May 24 2018, @08:36PM (2 children)

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Thursday May 24 2018, @08:36PM (#683739) Homepage
    The whole proof of work policy is wrongthink anyway, no matter how hard it is to abuse in theory, even though it's easy enough to have been done repeatedly in practice. (Just, erm, do the work!)

    I read the ripple spec a while back, and it seems a lot like hashgraph, which is presently just a platform for performing consensus-based algorithms, which hasn't been wrapped up into a cryptocurrency yet. Both aim for efficiency, which is comms limited, rather than proof-of-work, which is CPU limited.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    • (Score: 2) by JoeMerchant on Thursday May 24 2018, @08:54PM (1 child)

      by JoeMerchant (3937) on Thursday May 24 2018, @08:54PM (#683749)

      You might want to take a look at ripple today... it's still not what I would call "off the ground", but they have managed to put out a cryptocurrency XRP which has been tracking BTC pretty much 1:1 for about a year now, why that valuation has been tracking I cannot begin to fathom beyond: crypto investors are idiot-greed-sheep.

      https://developers.ripple.com/become-an-xrp-ledger-gateway.html#trading-on-ripple [ripple.com]

      --
      🌻🌻 [google.com]
      • (Score: 2) by FatPhil on Thursday May 24 2018, @09:38PM

        by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Thursday May 24 2018, @09:38PM (#683770) Homepage
        I've taken enough of a look, and the quantity of roll-your-own crypto was enough for me to run away beating my head and wailing.
        --
        Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
  • (Score: 2) by All Your Lawn Are Belong To Us on Thursday May 24 2018, @10:10PM (1 child)

    by All Your Lawn Are Belong To Us (6553) on Thursday May 24 2018, @10:10PM (#683777) Journal

    The primary difference to my eyes being: If you have a network that you can trust (by whatever mechanism you define as trustworthy), you can trust the network. What keeps that from being a tautology is that cryptocurrency (and other cryptomining operations) are supposed to work in an environment where trust is unnecessary or unavailable. "Supposed to be" because we've always been told that getting 51% of a network's mining is infeasible. That just got dunked on in this particular network.

    --
    This sig for rent.
    • (Score: 0) by Anonymous Coward on Thursday May 31 2018, @01:15PM

      by Anonymous Coward on Thursday May 31 2018, @01:15PM (#686714)

      My thoughts are that someone that managed to get 51% of the network, should be easy enough to track down and slap cuffs on.

      I always figured that was the ultimate safety against the 51% attack.