While I've argued for ProgPoW because I'm not a fan of ASIC manufactures because of their malicious business practices, I think we all know the real problem for PoW security, Hashrate Rental sites. Let's go through a short-list of coins that are listed on Nicehash, where hashpower could be bought and then executed a 51% attack.
BitcoinPrivate 51% (Ethical Hack)
Nicehash has been the #1 to go to "sell" hashpower for whatever coin they support for BTC and other rental services such as miningrigrental. While we cannot prove that this attacks were used by buying hashpower on nicehash, a ethical hacker
Geocold lived streamed how easy it was to attack PoW coin BTCP. "using a couple of hundred dollars’ worth of rented hashpower he’d purchased from Nicehash with BTC" (bitcoin.com). We can assume then that other 51% attacks all follow this method.
Step 1. Buy more Hashpower than the current network using rental services
Step 2. moves coins on the true network to other addresses, makes deposits, then withdraws them to a safe addresses
Step 3. broadcast the untruthful chain to the network
Step 4. this reverts the truthful network.
Step 5. Profit.
Shockingly, several crypto-currencies not only were cheap to attack but also had plenty of hash rate for sale on NiceHash with which such an attack could take place. When 51% attacks were considered in the past, most calculations included the cost of hardware, electricity, and maintenance. But this new “rent-a-attack” method is proving dangerous for smaller networks. (ccn.com)
This is what happened to ETC recently. Few people who were using nicehash services commented that they noticed a pay-bump mining ETH-HASH.
One PoW altcoin team has set up a script to constantly monitor their hashrate. In the event of a spike of over 10%, they will be automatically notified. Should the newly added hashrate emanate from an unknown pool, or be in danger of tipping an existing pool over 50%, they have a large quantity BTC on standby with Nicehash ready to purchase their own firepower to counter the attack (bitcoin.com)
Again it shows the only way that people counter this is to over-bid/buy more hashrate.
While I understand PoS doesn't suffer from these type of attacks. However I find it unreasonable to say PoW is flawed because 51% attacks. Hashrental services we not envisioned by Satoshi's PoW. Any actual mining actors not using hash rentals would need a sizable amount of resources to perform a 51% and double-spend even on small cap coins. Nicehash takes your money and doesn't care.
The elephant Crypto needs to deal with it shutting off nicehash and rental services. After the nicehash hack I know I saw a sizable increase in profits because difficulty dropped on so many coins.
IMHO Nicehash needs to turn-off purchasing hashrate and instead turn to "auto-covert" where they mine the coin that's profitable that day and turn into bitcoin for the user. We wouldn't have the chance of 51% attacks.
No comments:
Post a Comment