Horizen now penalises delayed block submissions for 51% resistance

{“theme”:”dark”,”direction”:”horizontal”,”showArrows”:true,”splitTitle”:true,”playerOptions”:{“captions”:true,”popupOnScroll”:true,”subscribe”:{“title”:”Subscribe”,”url”:”https://www.youtube.com/channel/UCKvc0WUB65GCvOTgPVJ9yRA?sub_confirmation=1″,”visibleOnMain”:true,”visibleOnPopup”:true}},”active”:{“index”:0,”start”:52,”end”:null,”thumb”:”https://d1ic4altzx8ueg.cloudfront.net/finder-au/wp-uploads/2018/10/Harry-Generic.jpg”,”thumbAnimation”:”kenburns-top-right”,”heading”:{“small”:”WATCH”,”large”:”Venezuela launches the oil backed Petro at last.

It might be a much-needed addition for many of the smaller cap PoW coins.

Horizen is introducing a clever new feature to help protect it against 51% attacks going forwards.

This is a very real concern for it, because Horizen (known as ZenCash at the time) was one of many cryptocurrencies to suffer a 51% attack this year.

There are a few different ways of resisting these attacks, but they all turn into a confusing mesh of pros and cons. And whether something is a pro or a con might depend on the situation at the time.

Staving off majority control

ASIC resistance, for example, can simultaneously be a great way of avoiding and succumbing to 51% attacks depending on the coin at hand and the rest of the market.

On the one hand it prevents secret ASICs from taking majority hashrate without anyone knowing. Secret ASICs are thought to have been behind the Bitcoin Gold 51% attack. On the other hand, ASIC resistance greatly reduces total network hashpower which can make it easier to assault through rented hashing power and similar.

Large cap coins like Monero might become more resistant to 51% attacks through ASIC resistance, while smaller cap PoW coins are probably damned if they do, and damned if they don’t.

If the smaller coins aren’t ASIC resistant they can be easily overwhelmed by the first ASIC miners to take an interest. Plus, almost any non-ASIC-resistant PoW coin except maybe bitcoin and Ethereum will quickly become highly centralised, at which point its primary miners can probably knock over the network with a 51% attack anytime they want.

If the smaller cap coins are ASIC resistant, they’re still at risk of secret ASICS while also being at risk of attacks through rented hashpower. This is a relatively intractable but widely problem, so new ways of minimising the chances of a 51% attack would probably be of great interest to a great many coins.

The attack

51% attacks are, as the name suggests, carried out by someone who controls 51% of the network’s hashrate.

In a blockchain network, the “truth” is whatever the majority of nodes agree on. So with majority control, an attacker has the power to single handedly determine their own version of the truth, within certain constraints.

In practice this can be done by using one’s enormous hashrate to mine blocks faster than all the other miners combined, then at the right moment overtake the main chain.

The basic effect is that an entity can single handedly fork the blockchain, run their fork in parallel, and then later have the other miners keep building on top of their fork to cement it as the truth.

It’s not that a 51% attacker can just lay down the law of the network. Rather, it’s that they can mine blocks fast enough to overtake the rest of the network and create the new truth. If the attacker’s chain is longer than the other chain, other miners will start building on top of it which cements it as the new truth.

So, a typical attack might involve:

  • Forking the Coin A network and mining blocks in parallel, faster than they’re being mined on the real chain
  • Selling Coin A for Coin B
  • Waiting until the transaction is confirmed, and pocketing Coin B
  • Announcing that their fork is longer, which invalidates transactions – including their trade – from the time they forked to the time they made the announcement.

Challenges and confirmations

There are a few things which make this attack easier said than done.

Firstly, they have to privately mine blocks fast enough. This means having at least 51% hashrate, and involves a potentially large up front cost depending on how long their new chain needs to be.

Secondly, they need to wait for enough “confirmations” from the exchange before they can create their fork. This is because unintentional mini forks are normal, such as if two people mine a block and try to add it at the same time, or different miners unintentionally start building on different chains.

Systems need to accommodate for this, and so can’t just go sending money everywhere on the say-so of a single block. This is why they require a certain number of confirmations.

A confirmation is essentially when another block is built on the same chain that holds the block that holds a certain transaction.

So if an exchange requires 5 confirmations before sending over Coin A, the attacker will need to build in parallel for at least 5 more blocks. Only then will the exchange confidently say “yep, that’s the real thing” and complete the trade.

So, the more transactions required, the more secret blocks need to be mined, the more cost is involved in a 51% attack. This is why the first thing people do when there’s a 51% attack going around is increase the number of confirmations required.

Naturally the attack will also have to keep their fork-building secret, and avoid broadcasting it to the network if they want the attack to succeed. Otherwise exchanges and everyone else can pre-emptively increase confirmation requirements to prevent the attack.

The Horizen solution

Horizen’s contribution to protection against 51% attacks is called “the delayed block submission penalty approach.” (PDF)

It works by imposing a penalty on side chains that are being privately mined and then connected to the main chain. This penalty takes the form of a delay before the side chain can be permanently cemented, and a requirement that the attacker continue mining on the new chain after their attack is complete.

The size of the delay penalty increases based on how far behind a miner is when they propose a secret block. So in a way, it multiplies the effectiveness of waiting for confirmations without forcing a network to actually wait for more confirmations.

This offers a much wider window for exchanges and other participants to respond to a 51% attack, while simultaneously drastically increasing the cost of an attack.

The exact conditions of the penalty delay can be fine tuned based on current network difficulty and confirmation times to ensure it’s a more flexible potential solution for more different PoW coins. It also doesn’t penalise “honest” forks that mine openly.

If it all works as intended, it might be a significant and much-needed development for the wide range of smaller cap PoW coins roaming the market.

“The operating environment for cryptocurrency systems has changed significantly since 2009 when mining power was more decentralised,” notes Horizen Chief Engineer Alberto Garoffolo. “It’s now imperative for public blockchains to upgrade their consensus rules to protect against bad actors and we believe the release of our update will act as a resource to vastly improve security across the industry.”

“Our open-source contribution enhances protection against advanced attack methods and helps improve the security of the entire industry,” agrees Horizen co-founder and president Rob Viglione.

Disclosure: At the time of writing the author holds ETH, IOTA, ICX, VET, XLM, BTC, ADA

This information should not be interpreted as an endorsement of cryptocurrency or any specific provider,
service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and
involve significant risks – they are highly volatile and sensitive to secondary activity. Performance
is unpredictable and past performance is no guarantee of future performance. Consider your own
circumstances, and obtain your own advice, before relying on this information. You should also verify
the nature of any product or service (including its legal status and relevant regulatory requirements)
and consult the relevant Regulators’ websites before making any decision. Finder, or the author, may
have holdings in the cryptocurrencies discussed.

Crypto explained


Latest cryptocurrency news

Picture: Shutterstock

Source link

Comments (No)

Leave a Reply

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.