From MIT's Technology Review, Feb. 19:
More and more security holes are appearing in cryptocurrency and smart contract platforms, and some are fundamental to the way they were built.
Early last month, the security team at Coinbase noticed something strange going on in Ethereum Classic, one of the cryptocurrencies people can buy and sell using Coinbase’s popular exchange platform. Its blockchain, the history of all its transactions, was under attack....MUCH MORE
An attacker had somehow gained control of more than half of the network’s computing power and was using it to rewrite the transaction history. That made it possible to spend the same cryptocurrency more than once—known as “double spends.” The attacker was spotted pulling this off to the tune of $1.1 million. Coinbase claims that no currency was actually stolen from any of its accounts. But a second popular exchange, Gate.io, has admitted it wasn’t so lucky, losing around $200,000 to the attacker (who, strangely, returned half of it days later).
Just a year ago, this nightmare scenario was mostly theoretical. But the so-called 51% attack against Ethereum Classic was just the latest in a series of recent attacks on blockchains that have heightened the stakes for the nascent industry.
In total, hackers have stolen nearly $2 billion worth of cryptocurrency since the beginning of 2017, mostly from exchanges, and that’s just what has been revealed publicly. These are not just opportunistic lone attackers, either. Sophisticated cybercrime organizations are now doing it too: analytics firm Chainalysis recently said that just two groups, both of which are apparently still active, may have stolen a combined $1 billion from exchanges.
We shouldn’t be surprised. Blockchains are particularly attractive to thieves because fraudulent transactions can’t be reversed as they often can be in the traditional financial system. Besides that, we’ve long known that just as blockchains have unique security features, they have unique vulnerabilities. Marketing slogans and headlines that called the technology “unhackable” were dead wrong.
That’s been understood, at least in theory, since Bitcoin emerged a decade ago. But in the past year, amidst a Cambrian explosion of new cryptocurrency projects, we’ve started to see what this means in practice—and what these inherent weaknesses could mean for the future of blockchains and digital assets.
How do you hack a blockchain?
Before we go any further, let’s get a few terms straight.
A blockchain is a cryptographic database maintained by a network of computers, each of which stores a copy of the most up-to-date version. A blockchain protocol is a set of rules that dictate how the computers in the network, called nodes, should verify new transactions and add them to the database. The protocol employs cryptography, game theory, and economics to create incentives for the nodes to work toward securing the network instead of attacking it for personal gain. If set up correctly, this system can make it extremely difficult and expensive to add false transactions but relatively easy to verify valid ones.
That’s what’s made the technology so appealing to many industries, beginning with finance. Soon-to-launch services from big-name institutions like Fidelity Investments and Intercontinental Exchange, the owner of the New York Stock Exchange, will start to enmesh blockchains in the existing financial system. Even central banks are now looking into using them for new digital forms of national currency.
But the more complex a blockchain system is, the more ways there are to make mistakes while setting it up. Earlier this month, the company in charge of Zcash—a cryptocurrency that uses extremely complicated math to let users transact in private—revealed that it had secretly fixed a “subtle cryptographic flaw” accidentally baked into the protocol. An attacker could have exploited it to make unlimited counterfeit Zcash. Fortunately, no one seems to have actually done that.
The protocol isn’t the only thing that has to be secure. To trade cryptocurrency on your own, or run a node, you have to run a software client, which can also contain vulnerabilities. In September, developers of Bitcoin’s main client, called Bitcoin Core, had to scramble to fix a bug (also in secret) that could have let attackers mint more bitcoins than the system is supposed to allow.
Still, most of the recent headline-grabbing hacks weren’t attacks on the blockchains themselves, but on exchanges, the websites where people can buy, trade, and hold cryptocurrencies. And many of those heists could be blamed on poor basic security practices. That changed in January with the 51% attack against Ethereum Classic.
The 51% rule
Susceptibility to 51% attacks is inherent to most cryptocurrencies. That’s because most are based on blockchains that use proof of work as their protocol for verifying transactions....
Cue Aretha: