Understanding Attacks on Blockchains

Dec 10, 2021 | Blockchain, Digital Finance, Security

By Victor Cook, Ph.D., Chief Scientist at Fabriik 

A live blockchain is a marvelous combination of technology and economic incentives. Able to coordinate millions of participants across borders and cultures using diverse assets like node servers, specialized mining computers, and public networks, the blockchain chugs forward. It resembles a locomotive building its own track in front of it one block at a time while pulling behind a chain of blocks each full of transactions. These include exchanges of value, immutable data stored like NFTs, and the operational steps of smart contracts. The transactions are locked on track with the steel rails of cryptography. Once the train has passed and the transactions are confirmed no other computer can break or change it, as long as at least one valid copy is broadcast.   

Attack Scenarios 

The enormous value aggregated in major blockchains provides incentive for attackers to disrupt their function and take unfair economic advantage. Since the fully confirmed chain is cryptographically impervious, perpetrator seek to fork the chain using a 51% attack or a partitioning attack. Both attacks are similar in that they create false blocks and fill them with malicious transactions mixed together with legitimate ones. The partition attack requires less than 51% of computing power but relies on communication interference.   

If either attack is successful, the marvelous locomotive is derailed from its proper track and captured by the bandits. This does not last forever, but can be long enough to do a lot of damage by double-spending and changing program outcomes.  These are the attacks BSV confronted during the summer of 2021 and other chains such as ETC and BCH have suffered in the past. Events unfold in real-time, visible to the entire world as defenders rally to protect the blockchain.   

Let’s now take a more detailed look into attacks on “proof of work” blockchains and countermeasures to foil them.  

51% Attack 

The 51% attack overwhelms the blockchain network by taking over a majority of the computing power (known as hashrate) of all the miners. This is a brute force attack that is very costly to maintain. The attacker must pay for sufficient hashrate to exceed that of the entire blockchain, or alternatively buy the allegiance of existing miners and node operators to achieve dominance over the network. Existing miners are usually invested in the blockchain so would have an economic incentive to remain loyal.    

The high cost of 51% attacks puts them out of reach of all but the most determined adversaries. But other factors such as a drop in the price of computers or a temporary decrease in blockchain hashrate may temporarily tip the balance. Last summer distress sales of Chinese mining rigs may have given attackers a unique opportunity to set up a formidable mining farm (SHA-256 ASIC) at low cost, facilitating the attacks on BSV. The miners and their rigs appear to have found legitimate employment after the massive dislocation of hashrate. Fortunately, the opportunity cost of using such valuable assets for wrongdoing is high.    

Using a metric of hash rate per dollar of coin market capitalization to compare the economics of 51% attacks across different blockchains, BSV shows comparable resistance as BTC and BCH, although the total hash power required to attack BCH and BSV is two orders of magnitude lower than for BTC. 

Table 1: Hash Rate Per Billion Dollars of Market Capitalization 

 

 
Aug 2021 
Dec 2021 
Blockchain  EH/sec  Billion$  EH/sec- B$ EH/sec  Billion$  EH/sec-B$ 
BTC  110  814  0.135  177  923  0.192 
BCH  1.2  10.3  0.117  1.3  8.47  0.153 
BSV  0.4  2.72  0.147  0.4  2.25  0.178 

 

Partitioning Attacks 

Partitioning attacks rely on spatialtemporal, and logical methods to divide and conquer the blockchain.  If blockchain hashrate is centralized  (i.e. heavily weighted to a few miners) attackers seek to isolate these powerful nodes in a partition and send false blocks to the other full nodes maintaining the network. When hashrate is evenly distributed among many nodes spatial attacks are more challenging. Attackers look for spatial anomalies, such as many independent nodes sharing the same AS (autonomous system) layers of the Internet, or even sharing the same hosting company, ironically perhaps due to a perception of better security and reliability. 

Besides spatial partitions, an attacker can take advantage of the inevitable network latency in updating full nodes and feed the lagging nodes bad blocks. Unlike spatial partitioning, this temporal partitioning is almost impossible where nodes are centralized. Temporal attacks may succeed with as little as 33% of hashrate. 

A third method of partitioning is to craft an attack based on the different versions of software on the network. This logical partitioning might involve developer collusion inserting an apparently harmless defect in the code, a zero-day attack on a faulty deployment, or taking advantage of a “hard fork” update where there is a change in the blockchain protocol.    

Countermeasures 

The 51% attack and the partitioning attacks can be prevented by improving information shared among miners and full nodes. The goal is to discourage bad actors by making the attack too expensive.  The relative cost of a 51% attack is comparable for BSV and the other Bitcoin family blockchains. A classic defense against 51% attacks is to apply an algorithm that weighs the reputation of miners promoting competing chains. The BSV blockchain has recently implemented a unique method based on this concept.    

Spatial partitioning remains a risk due to BSV miner concentration and steps are being taken to mitigate this.  Temporal and logical partitioning is nearly impossible on BSV because the network has very low latency and good coordination in deploying updates. Hard forks are infrequent. The BSV blockchain community has learned from recent attacks and countermeasures are now in place to deter and foil future attempts. 

 

Change how you trade crypto.

Easy, fast, in 3 simple steps.

Be a part of FabriikX's Inaugural NFT Collection! Coming on Jan 25th.

Inviting ALL creators to showcase their art to the world.

fabriik