Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday January 09 2019, @06:07AM   Printer-friendly
from the double-double-toil-and-trouble-fire-burn-and-caldron-bubble dept.

Submitted via IRC for SoyCow1984

Cryptocurrency trading portal Coinbase delisted today the Ethereum Classic (ETC) currency after detecting a series of double-spend attacks over the last three days.

In layman terms, double-spend attacks are when a malicious actor gains the majority computational power inside a blockchain, which they then use to enforce unauthorized transactions over legitimate ones.

According to a security alert published today by Coinbase security engineer Mark Nesbitt, this is exactly what's been happening on the Ethereum Classic blockchain for the past three days, since January 5.

[...] The ETC cryptocurrency was created in August 2016, shortly after the infamous DAO hack, and was one of the first forks of the more established Ether (ETH).

[...] Update, January 8, 06:00 AM ET: Bitfly, a fellow cryptocurrency trading platform, has also confirmed Coinbase's report. So did the Ethereum Classic team, which was immediately criticized for not spotting the attack on its own network in the first place. Coinbase, too, was criticized, but for failing to reveal the double-spend attacks on Saturday when they first happened, leaving ETC users at risk for three days, for no good reason. Coinbase also updated its original report with details on another 12 double-spend attacks, bringing the total of stolen funds to 219,500 ETC (~$1.1 million).

Source: https://www.zdnet.com/article/coinbase-suspends-ethereum-classic-etc-trading-after-double-spend-attacks/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by rigrig on Wednesday January 09 2019, @10:33AM (6 children)

    by rigrig (5129) Subscriber Badge <soylentnews@tubul.net> on Wednesday January 09 2019, @10:33AM (#784044) Homepage

    You left out the next sentence, which is quite important:

    He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth.

    The point is that an attacker could make a net profit in cryptocoins, but they would become worthless once people realize that the attacker controls the blockchain and refuse to exchange them for anything. At that point he would be stuck with a whole lot of worthless bits and a bunch of mining hardware.

    In this case someone managed to double-spend 219,500 ETC (~$1.1M), Coinbase found out about it and stopped trading ETC.
    So the attacker may very well have made a profit, as long as they cashed in in time:

    1. Attacker starts mining (in secret) their alternative chain where their ETC is send to Exchange B
    2. Attacker publicly sends the ETC to Exchange A
    3. Exchange A confirms transaction, attacker cashes out
    4. Attacker publishes their self-mined alternative chain, which is now the longest chain so becomes the accepted one
    5. Exchange B sees accepted chain where they get the ETC, confirms transaction, attacker cashes out with them as well

    Now they cashed out twice, and (assuming all faith in ETC is forever gone) it cost them the mining rewards for the alternative chain, because those are now worthless bits.

    --
    No one remembers the singer.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2, Insightful) by Anonymous Coward on Wednesday January 09 2019, @12:09PM (2 children)

    by Anonymous Coward on Wednesday January 09 2019, @12:09PM (#784078)
    We should not presume that there are no big, state-level players who want to destroy cryptocurrencies.
    • (Score: 3, Insightful) by VLM on Wednesday January 09 2019, @12:19PM

      by VLM (445) Subscriber Badge on Wednesday January 09 2019, @12:19PM (#784082)

      Also consider competing cryptocurrencies.

    • (Score: 2, Informative) by khallow on Wednesday January 09 2019, @03:27PM

      by khallow (3766) Subscriber Badge on Wednesday January 09 2019, @03:27PM (#784138) Journal

      We should not presume that there are no big, state-level players who want to destroy cryptocurrencies.

      They still need to get the gear. It costs money to destroy money. Every budget has limits and the benefits to destroying cryptocurrencies are greatly overstated.

      And there are ways to make the needed threshold of compromise much higher than 50%.

  • (Score: 2) by deimtee on Wednesday January 09 2019, @03:57PM (2 children)

    by deimtee (3272) on Wednesday January 09 2019, @03:57PM (#784149) Journal

    There is also the possibility of whatever the equivalent of short-selling is. Isn't there some exchange now trading futures on cryptocurrencies?

    --
    If you cough while drinking cheap red wine it really cleans out your sinuses.
    • (Score: 0) by Anonymous Coward on Wednesday January 09 2019, @04:19PM

      by Anonymous Coward on Wednesday January 09 2019, @04:19PM (#784153)

      As long as there are fools and their monies and the potential to separate the two, there will be futures markets.

    • (Score: 0) by Anonymous Coward on Wednesday January 09 2019, @04:53PM

      by Anonymous Coward on Wednesday January 09 2019, @04:53PM (#784169)