Latest Articles

What Is a 51 Percent Attack, and How Did It Hit Vertcoin?

The cryptocurrency Vertcoin appears to have fallen victim to a “51 percent attack” — a breach in its blockchain network from a malicious actor who controls the majority of the network’s computing power. What does this mean for the project, and what threat do these types of attacks pose throughout the rest of the cryptocurrency ecosystem?

Vertcoin’s Hit

Vertcoin (VTC), which vows to eliminate “all the hard parts about cryptocurrency,” has been robbed of an equivalent of $100,000, according to a blog post from Mark Nesbitt, a security engineer at Coinbase.

The Vertcoin attack involved four separate incidents in which attackers took control of more than 50 percent of the Vertcoin blockchain’s computing power. The attacks, which varied in duration from less than a day to more than a week, took place between mid-October and early December.

In Vertcoin’s case, the attacker(s) were able to perform “reorganizations” of the Vertcoin blockchain, which meant that they modified data that had previously been recorded on the blockchain. By changing this data, which consisted of records of Vertcoin cryptocurrency transactions, the attackers effectively stole about $100,000 worth of Vertcoin tokens.

The identity of the person or group that carried out the Vertcoin attack remains unknown, and it appears unlikely that Vertcoin investors will recover lost funds.

What Is a 51 Percent Attack?

A 51 percent attack is what it sounds like: a breach of a blockchain network in which malicious actors take control of more than 50 percent of the computing power on the network. (The term “51 percent attack” is slightly misleading in that attackers need not control exactly 51 percent of the computer power; controlling any amount in excess of 50 percent is sufficient.)

Such a move allows attackers not only to control which new data is recorded on the blockchain but also to modify data that was recorded previously.

They can do this because most blockchain consensus algorithms require each node on the network to perform cryptographic operations that require a significant amount of computing power in order to verify data stored on the blockchain. Thus, if one malicious node or group of nodes is able to perform more operations than all other nodes combined, the malicious group effectively gains sole control over the data.

The risk of a 51 percent attack is inherent to the way blockchains work. Since the creation of Bitcoin a decade ago, most blockchains have been designed with the assumption that a majority of the nodes on their networks will be controlled by people who want the network to remain secure. Fifty-one percent attacks happen when that assumption turns out to be wrong.

To be clear, what counts in a 51 percent attack is computing power that a group controls, not the number of nodes it runs. Adding just one node to a blockchain network could suffice to execute a 51 percent attack if that node’s computing resources outweigh those of the rest of the network’s combined. And because cloud-based cryptocurrency mining services make it easy for attackers to gain access to a large amount of computing power quickly for relatively little money, temporary 51 percent attacks have become easier to execute, especially against smaller blockchains, like Vertcoin’s, whose total compute power is minimal compared with that of large blockchains, like Bitcoin.

Why the Vertcoin Attack Might Be Good News for Crypto

Vertcoin is by no means the first blockchain to suffer a 51 percent attack. Similar attacks have affected Bitcoin Gold, Verge and ZenCash (now Horizen), to name just some of the highest-profile incidents.

However, the Vertcoin attack comes at a particularly bad time for the crypto ecosystem. The value of bitcoin is in free fall, taking with it that of most other cryptocurrencies. Gartner has moved blockchain technology into its dreaded “trough of disillusionment” (although the analyst firm remains keen to point out that it still sees real value in some blockchain applications). Many of the ICOs of the past two years have failed to deliver the results they promised — or anything at all, in some cases.

The last thing the crypto world would seem to need at this point is an attack that highlights one of the potential technical risks of blockchains.

Yet perhaps the Vertcoin attack is not all bad news. In one respect, it’s a good thing for larger blockchains like Bitcoin and Ethereum, because executing a 51 percent attack against these much bigger networks would be many magnitudes more costly. Thus, the Vertcoin breach could potentially drive investors from small-scale coins toward the cryptocurrency world’s bigger players. That would in turn lead to more consolidation within the crypto market, which would help to stabilize the large coins and the overall ecosystem.

In addition, the Vertcoin incident could be the tipping point that spurs blockchain developers to build better defenses against 51 percent attacks. Although complete assurance against such attacks is impossible on most blockchain architectures, developers can increase security by instituting measures that require attackers to expend more computing power in order to rewrite a blockchain’s existing data.

They could also shift from a proof-of-work consensus algorithm to alternative models, such as proof of stake, that don’t grant so much influence to nodes that control the most computing power. Fifty-one percent attacks against a proof-of-stake network could happen, too, but they would require attackers to buy a great deal of cryptocurrency on that network, which makes attacks less feasible.

Browser Extension Lets Users Shop on Amazon With Lightning Network

Source: CoinDesk

The crypto payment processor Moon has announced that users can now leverage a Lightning Network wallet to pay for Amazon purchases through its browser extension. The extension also enables e-commerce payments with litecoin, ether and bitcoin cash through Coinbase accounts.

FinCEN Takes First-Ever Enforcement Action Against Cryptocurrency Trader

Source: FinCEN

The Financial Crimes Enforcement Network (FinCEN) has assessed a civil money penalty against a peer-to-peer bitcoin trader for violating anti-money laundering (AML) regulations, its first enforcement action against a cryptocurrency exchanger. According to the agency, the exchanger failed to register as a money services business and failed to report "suspicious transactions," among other violations. The exchanger has been assessed a $35,000 fine and is now prohibited from providing money transmission services.

2019 Investments in Crypto and Blockchain Startups at $850 Million

Source: Reuters

According to data compiled by Pitchbook for Reuters, venture capital investment in crypto and blockchain startups has reached $850 million so far this year.

EEA Launches 'Token Taxonomy Initiative'

The Enterprise Ethereum Alliance has announced a "Token Taxonomy Initiative" to develop universal definitions for tokens to encourage their interchangeability across blockchain platforms. Members of the initiative include Microsoft, R3, ConsenSys, IBM, EY, Accenture and Intel.