Bull market is back… Another wave of hacker attacks starts again?

Image for post

The picture from COINDESK related reports

On Aug. 2, Ethereum Classic Labs (ETC Labs) made an important announcement on ETC blockchain. ETC Labs said due to network attack, Ethereum Classic suffered a reorganization on August 1st. This has been the second attack on the Ethereum Classic Network this year.

Did renting-power cause the problem again?

In this ETC incident, one of the miners mined a large number of blocks offline. When the miner went online, due to its high computing power, and some versions of mining software did not support large-scale blockchain mergers, the consensus failed. Therefore, the entire network was out of sync, which produced an effect similar to a 51% attack. Finally, it caused the reorganization of 3693 blocks, starting at 10904147. The deposit and withdrawal between the exchanges and mining pools had to be suspended for troubleshooting during this period.

Media report shows that the blockchain reorganization may be caused by a miner (or a mining pool) disconnected during mining. Although it has been restored to normal after 15 hours of repair, it does reflect the vulnerability of the Proof of Work (PoW) network: once the computing power of the network is insufficient, the performance of one single mining pool can affect the entire network, which is neither distributed nor secure for the blockchain. Neither does it have efficiency.

At present, most consensus algorithms of blockchains are using PoW, which has been adopted over 10 years. In PoW, each miner solves a hashing problem. The probability to solve the problem successfully is proportional to the ratio of the miner’s hash power to the total hash power of mainnet.

Although PoW has been running for a long time, the attack model against PoW is very straightforward to understand, and has attracted people’s attention for a long time: such an attack, also known as double-spending attack, may happen when an attacker possesses 51% of the overall network hash power. The attacker can roll back any blocks in the blockchain by creating a longer and more difficult chain and as a result, modify the transaction information.

Since hash power can be rented to launch attacks, some top 30 projects have suffered from such attacks. In addition to this interference, the main attack method is through the computing power market such as Nice Hash. Hackers can rent hashpower to facilitate their attacks, which allows the computing power to rise rapidly in a short time and rewrite information. In January of this year, the Ethereum Classic was attacked once, and it was also the case that hackers can migrate computing power from the fiercely competitive Bitcoin and Ethereum, and use it to attack smaller projects, such as ETH Classic.

Image for post

The picture shows the cost of attacking ETH Classic. It can be seen that it costs only $6,634 to attack ETH Classic for one hour.

The security of one network is no longer limited by whether miners within the main net take more than 51% of the total hash power, rather it is determined by whether the benevolent (non-hackers) miners take more than 51% of the total hash power from the pool of projects that use similar consensus algorithm. For example, the hash power of Ethereum is 176 TH/s and that of Ethereum Classic is 9 TH/s. In this way, if one diverts some hash power from Ethereum (176 TH/s) to Ethereum Classic, then one can easily launch a double-spending attack to Ethereum Classic. The hash power ratio for this attack between the two projects is 9/176 = 5.2%, which is a tiny number.

As one of the top 30 blockchain projects, Ethereum Classic has been attacked several times. Therefore, those small and medium-sized projects with low hash power and up-and-coming future projects are facing great potential risks. This is the reason that many emerging public chain projects abandon PoW and adopt PoS.

Proof of Stake (PoS) can prevent 51% attack but has problems of its own

In addition to PoW consensus, another well-adopted consensus algorithm is Proof of Stake (PoS). The fundamental concept is that the one who holds more tokens has the right to create the blocks. This is similar to shareholders in the stock market. The token holders also have the opportunities to get rewards. The advantages of PoS are: (i) the algorithm avoids wasting energy like that in PoW calculation; and (ii) its design determines that the PoS will not be subjected to 51% hash power attack since the algorithm requires the miner to possess tokens in order to modify the ledger. In this way, 51% attack becomes costly and meaningless.

Image for post

In terms of disadvantages, nodes face the problem of accessibility. PoS requires a permission to enter the network and nodes cannot enter and exit freely and thus lacks openness. It can easily be forked. In the long run, the algorithm is short of decentralization, and leads to the Matthew effect of accumulated advantages whereby miners with more tokens will receive more rewards and perpetuate the cycle.

More importantly, the current PoS consensus has not been verified for long-term reliability. Whether it can be as stable as the PoW system is yet to be verified. For some of the PoW public chains that are already launched, if they want to switch consensus, they need to do hard fork, which divides communities and carries out a long consensus upgrade and through which Ethereum is undergoing. Is there a safer and better solution?

QuarkChain Provide THE Solution: High TPS Protection + PoSW Consensus

For new-born projects, and some small or medium-sized projects, they all are facing the problem of power attack. For PoW-based chains, there are always some chains with lower hash power than others (ETC vs. ETH, BCH vs BTC), and thus the risk of attack is increased. In addition, the interoperability among the chains, such as cross-chain operation, is also a problem. In response, QuarkChain has designed a series of mechanisms to solve this problem. This can be summed up as a two-layer structure with a calculation power allocation and Proof of Staked Work (PoSW) consensus.

First of all, there is a layer of sharding, which can be considered as some parallel chains. Each sharding chain handles the transactions relatively independently. Such design forms the basis to ensure the performance of the entire system. To avoid security issues caused by the dilution of the hash power, we also have a root chain. The blocks of the root chain do not contain transactions, but are responsible for verifying the transactions of each shard. Relying on the hash power distribution algorithm, the hash power of the root chain will always account for 51% of the net. Each shard, on the other hand, packages their transactions according to their own consensus and transaction models.

Moreover, QuarkChain relies on flexibility that allows each shard to have different consensus and transaction models. Someone who wants to launch a double-spending attack on a shard that is already contained in the root chain must attack the block on the root chain, which requires calling the 51% hash power of the root chain. That is, if there are vertical field projects that open new shards on QuarkChain, even with insufficient hash power, an attacker must first attack the root chain if he or she wants to attack a new shard. The root chain has maintained more than 51% of the network’s hash power, which makes the attack very difficult.

Image for post

Image for post

As illustrated in the diagram, if the attacker wants to attack the QuarkChain network, one would need to attack the shard and the root chain simultaneously.

PoW has achieved a high level of decentralization and has been verified for its stability for a long time. Combining PoW with the staking capability for PoS would make use of the advantages of both consensus mechanisms. That is what QuarkChain’s PoSW achieves exactly.

PoSW, which is Proof of Staked Work, is exclusively developed by QuarkChain and runs on shards. PoSW allows miners to enjoy the benefits of lower mining difficulty by staking original tokens (currently it’s 20 times lower). Conversely, if someone malicious with a high hash power and does not stake tokens on QuarkChain, he will be punishable by receiving 20 times the difficulty of the hash power, which increases the cost of attack. If the attacker stakes tokens in order to reduce the cost of attack, he/she needs to stake the corresponding amount of tokens, which may cost even more. Thus, the whole network is more secure.

Taking Ethereum Classics (ETC) as an example, if ETC uses the PoSW consensus, if there was another double-spending attack similar to the one in January, the attacker will need at least 110Th/s hash power or 650320 ETC (worth $3.2 million, and 8 TH/s hash power) to create this attack, which is far greater than the cost of the current attack on the network (8Th/s hash power) and revenue (219500 ETC).

Relying on multiple sets of security mechanisms, QuarkChain ensures its own security, while providing security for new shards and small and medium-sized projects. Its high level of flexibility also allows the projects to support different types of ledger models, transaction models, virtual machines, and token economics. Such great degrees of security and flexibility will facilitate the blockchain ecosystem to accelerate growth of innovative blockchain applications.

Learn more about QuarkChain

Website https://www.quarkchain.io

Telegram https://t.me/quarkchainio

Twitter https://twitter.com/Quark_Chain

Medium https://medium.com/quarkchain-official

Reddit https://www.reddit.com/r/quarkchainio/

Community https://community.quarkchain.io/

1 Like