Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Bitcoin Network Security The Almighty Buck

Bitcoin Gold Hit By 51 Percent Attacks, $72,000 In Cryptocurrency Double-Spent 119

Posted by BeauHD from the weakness-of-proof-of-work dept.
Malicious cryptocurrency miners took control of Bitcoin Gold's blockchain recently to double-spend $72,000 worth of BTG. The Next Web reports: Bad actors assumed a majority of the network's processing power (hash rate) to re-organize the blockchain twice between Thursday and Friday last week: the first netted attackers 1,900 BTG ($19,000), and the second roughly 5,267 BTG ($53,000). Cryptocurrency developer James Lovejoy estimates the miners spent just $1,200 to perform each of the attacks, based on prices from hash rate marketplace NiceHash. This marks the second and third times Bitcoin Gold has suffered such incidents in two years.

Any entity that controls more than 51 percent of a blockchain's hash rate can decide what version of the blockchain is accepted (or rejected) by the network. These scenarios also allow for "double-spending," attacks that initiate a transaction with intent to quickly reverse it by "re-organizing" the blockchain, so that they can spend their original cryptocurrency again. What results is a third party accepting the original transaction and the network returns the cryptocurrency spent to the attacker, essentially allowing their funds to be used twice -- hence the name "double-spending." With Bitcoin, a transaction is generally deemed legitimate once found six blocks deep in the blockchain. These particular 51-percent attackers performed re-organizations up to 16 blocks deep, seemingly in a bid to trick exchanges like Binance into paying out BTG destined to be double-spent.
This discussion has been archived. No new comments can be posted.

Bitcoin Gold Hit By 51 Percent Attacks, $72,000 In Cryptocurrency Double-Spent More

Bitcoin Gold Hit By 51 Percent Attacks, $72,000 In Cryptocurrency Double-Spent

Comments Filter:

  • It is of not belief that currency of piracy is pirated!

    Much expression!

    Double plus ungood - must complain to N Korea and Russia

  • "Bitcoin Gold" (Score:2, Insightful)

    by Anonymous Coward
    There's an oxymoron if I ever seen one...
    • You could start your own fork and call it "Bitcoin The Best" or something equally silly, but it doesn't mean it is secure. Weird people throw their money at something that has no security, especially if it only took $1,000 in hash power to doublespend Bitcoin Gold!

  • Greed not as good as promised (Score:4, Interesting)

    by Comrade Ogilvy ( 1719488 ) on Monday January 27, 2020 @07:43PM (#59662564)

    That was a much cheaper attack than I would have expected.

    From TFA:

    Cryptocurrency developer James Lovejoy estimates the miners spent just $1,200 to perform each of the attacks, based on prices from hash rate marketplace NiceHash.

    • Yes, I noticed that myself, now the question is ...

      Is it a crime?

      • Re: (Score:2)

        by dryeo ( 100693 )

        Wouldn't it be fraud if you knowingly spend it twice? Might be hard to prove though.

        • Wouldn't it be fraud if you knowingly spend it twice?

          No. The only "rules" are the code itself. Any other set of "rules" would require a central authority, which doesn't exist.

          If the code allows coins to be spent twice with 51% approval, then that is how the system works. No rules were broken, so no fraud was committed.

          If you bought BTGs without reading the code and understanding what you were buying, then that is your problem.

          • Wouldn't it be fraud if you knowingly spend it twice?

            No. The only "rules" are the code itself. Any other set of "rules" would require a central authority, which doesn't exist.

            Maybe. Even though much of the point of cryptocoins is to break free of the governmental system of controls, it still exists. Odds are that all of this crosses jurisdictions in a way that would make it very difficult to prosecute, and the lack of any written contracts would create additional complications, but if the jurisdictional question is surmountable, judges are often quite good at cutting through all of that to find a fair judgement based on the expectations of all involved.

            It's not impossible tha

            • Re: (Score:2)

              by ceoyoyo ( 59147 )

              That would be a fun case. Most fraud laws refer to some kind of gain, not just monetary. But massive fraud takes place in games, for virtual items that are exchangeable for real items, or for real money in, for example, poker.

          • Re: (Score:1)

            by dryeo ( 100693 )

            It's a contract, perhaps only verbal but still a contract. Lets say I trade a car to you for a bitcoin, that means we agree the bitcoin is worth a car. If you are planning on shortly making that bitcoin worthless, you've fraudulently made a transaction. It's similar to paying me with a check and then quickly removing the funds to cover the check, fraud.
            As swilden points out, things like jurisdiction and lack of a written contract might make it impossible to prosecute, but it still seems to be fraud.

            • It's a contract, perhaps only verbal but still a contract. Lets say I trade a car to you for a bitcoin, that means we agree the bitcoin is worth a car. If you are planning on shortly making that bitcoin worthless, you've fraudulently made a transaction.

              What if the person decides the car is only worth a cent? Seeing as you have agreed the car and the bitcoin are the value, is destroying the value of the bitcoin, which is literally just a number, fraud?

              It's similar to paying me with a check and then quickly removing the funds to cover the check, fraud..

              No, because the the check has a value set by a third party, the government of the nation issuing the currency that the check represents. Bitcoins, being nothing but a number backed by nothing and issued by no one, has no set value.

              • Re: (Score:2)

                by dryeo ( 100693 )

                At least here, when transferring a vehicle, the worth has to be declared and sales tax paid. In the case where the declared worth is much different then the book price, other forms need filling out, so the transfer papers should show the agreed upon worth.
                Even currency's value is set by the market, though the government will manipulate the market by buying/selling currency and setting interest rates, what it comes down to is what you can trade currency for.

          • That is not how fraud is worked out. Fraud is defined as obtaining a financial advantage by deception. It is most DEFINITELY fraud. It doesn't matter whether the system prevents it or not.

          • and more to the point, if BTC is designed to avoid any interaction or surveillance by the government, good luck getting someone to care about redress.

            If you deliberately pay no taxes, the government will not be too bothered to send cops or financial regulators to help you out when you need them.

          • Re: (Score:2)

            by jythie ( 914043 )
            That is a bit like saying that altering paper documents is 'within the rules' because erasers are capable of removing graphite. Just because a 51% attack is mechanically possible does not make it any less a fraud. You pay someone, then use a trick to alter the record. By definition, fraud includes things that are possible.

          • Re: (Score:2)

            by spun ( 1352 )

            You appear to love systems where the lack of rules allows people to be screwed over without consequences to the con artist. Do you feel that inferior people are the natural prey of superior people?

            • Yes,
              This is a valuable lesson to many, I look forward to the person that is creating the concept of a 51% attack on bitcoin or another highly liquid target.

              if the cost vrs results ( using slightly off numbers) $3000 start up to get $70,000 gross, You could easily scale that and just park the coins, the next seemingly feasible attack would be Monero https://bitinfocharts.com/comp... [bitinfocharts.com] because it's hashrate does not seem to be that far off from being able to do it ( 100 times more hashing power ) and liquidi

              • Re: (Score:2)

                by spun ( 1352 )

                But these "inferior" people can and do band together, to limit the power the "superior" people have over them. This in fact means the so-called inferior people are superior. So by your own logic, the weak who band together should dominate the wrongly labelled "strong." Typically, this is done through something we call "government" that lets the common person engage in collective decision making. This process creates things called "laws" which regulate behavior. The people who engage in this activity, common

                • Nice dissertation,
                  but this is what I expect with UID as low as yours. ( not throwing shade, just stating a factual observation )

                  the public benefit of a decently structured republic show that the inferior have the chance to become superior, and the the superior get to have a gain from the inferior subject to taxation.
                  basically a better regulated biology. sometimes it catches a cold but it works to go forward and have a decent life.

                  • Re: (Score:2)

                    by spun ( 1352 )

                    Nah, because of the ound power problem. Let's assume we start with a real meritocracy. Assume merit is rewarded with money. Let's also assume we allow low taxed gifts or inheritance. Well, money is power. And enough power lets you shift what is called "merit." Merit becomes "whatever I or my offspring do" and whatever I don't do, is not meritorious or deserving of reward. Soon, the meritocracy is no more and we have an inheritable aristocracy instead. That's where we are right now.

                    The problem is that the su

                    • Re: (Score:2)

                      by spun ( 1352 )

                      Oops, "Compound power problem," like compound interest.

                    • personally,
                      I liked the thought of a 40% asset tax if you die as a 1% or above ( a number published weekly by the IRS )

                      this way you force the 1% to spend money so they don't become the 1%.
                      yes they will find loopholes but they will spend a shit load still.

                      yes, they will buy the latest and greatest toys, and most likely harm the environment along the way with whatever harms the environment. I'm thinking so something like a true live version of "battleship" done with parked yachts and 1 rented battleships, that

                    • Re: (Score:2)

                      by spun ( 1352 )

                      Not 1 percent. .01 Percent. The billionaires, not the millionaires. Millionaires are a dime a dozen these days, it's not an excessive amount of wealth. tens of millions should get you a 10% transfer tax, hundreds should get you 20%. Or so, these are just spitballing some numbers, but the 1% aren't really the problem. It's just a catchier phrase than "the .01 percent."

                    • good observation,
                      it's been noted that in California, the top 200 tax payers make up 35% to 44% of the budget depending on the bonus and stock options.
                      so I can see that the fight not to be in the .01% bracket at death is important for inheritance.

                      but I am sticking to the 40%, just has to be painful just to the point of reasonable. historically speaking in the 30's and 40's we had tax rates exceeding 65% on income. sure as heck we can take lot's of those billions and place it into better transport

      • Re: (Score:2)

        by hAckz0r ( 989977 )

        Is it a crime?

        It's probably the logical equivalent of someone writing a bad check for $72,000.00, only the crime itself is technologically much more sophisticated. While writing a bad check might be argued in court to be an impulse decision, this crime was definitely premeditated.

        The question I have is would any judge presiding the case have a complete grasp of how this crime was actually pulled off. We probably need laws written to specifically deal with this kind of crime, as the existing laws are likely inadiquate

    • That was a much cheaper attack than I would have expected.

      From TFA:

      Cryptocurrency developer James Lovejoy estimates the miners spent just $1,200 to perform each of the attacks, based on prices from hash rate marketplace NiceHash.

      Yeah, imagine, it only takes $1,200 worth of GPUs to take over 51% of the bitcoin network.

      • Re: (Score:2)

        by ceoyoyo ( 59147 )

        https://www.crypto51.app/ [crypto51.app]

        More than $1200, less than $1 mil. The fact that you could 51% bitcoin for a modest amount suggests that the $162 billion market cap is bullshit.

      • Re: (Score:3, Informative)

        by Anonymous Coward

        Yeah, imagine, it only takes $1,200 worth of GPUs to take over 51% of the bitcoin network.

        No, it takes $1200 to take over 51% of the bitcoin GOLD network.

        It is a 751:1 exchange rate between bitcoin and bitcoin gold. It would cost just over $900,000 for the same amount of bitcoin, and they would need hundreds of those $900k purchases to reach 51% as the BTC network has far more miners than BTG.

        It would be well over $10 million USD in BTC plus the mining hardware and electricity to perform the same attack with actual bitcoin.

        • Re: (Score:2)

          by Dunbal ( 464142 ) *
          Yeah but the potential payout from a well executed theft could be equally as profitable.

          • Re: (Score:3)

            by rtb61 ( 674572 )

            The potential payout from that kind of theft, ZERO, you basically parasite the coin to death. What is bitcoin worth without the illusion of security, ZERO, it in reality was always just a marketing delusion, zero worth, in fact technically, negative worth, considering the capital required to generate it. So how much real world money can you steal via this method, not much really, the more you steal, the rapidly it becomes worth, ZERO.

            • Re: (Score:3)

              by Dunbal ( 464142 ) *
              Nope because you're cashed out first. THEN it collapses once everyone realizes what just happened and panic sells.

              • Re: (Score:2)

                by jythie ( 914043 )
                This.

                Such an attack would probably be a one time thing by an actor who then cashes out. Whoever does such a thing is not going to be interested in the long term viability, they would probably just be some large investor or any sized state that sees an opportunity. I would not be surprised if there were already groups debating when, if ever, to try such a thing, and reading the tea leaves about what future payoffs might look like if they wait.

            • Re: (Score:2)

              by ceoyoyo ( 59147 )

              The point of a double spending attack is that you *spend* the coin immediately. The blockchain communities are more than capable of reversing bad transactions so you want to dump that coin as quickly as possible for real currency.

              You are absolutely taking both your ill gotten gains and a bunch of confidence out of the value of the coin, but other people are left holding that bag.

            • If you can destroy the value of a traded investment you can probably make lots of money. Bitcoin has every sort of nutty derivative you can possibly imagine so if you can force it to your will in any manner there is a good chance you can make money.
              If you could dependably topple the whole house of cards in a given time frame you could make a mint.

        • ... and they would need hundreds of those $900k purchases to reach 51% as the BTC network has far more miners than BTG ...

          Unless they are the government of the legal jurisdiction where 65% of those miners are located, miners dependent upon cheap government supplied electricity, miners that are commercially oriented in nature.

      • Yeah, imagine, it only takes $1,200 worth of GPUs to take over 51% of the bitcoin network.

        It costs one nation nothing to take over 65% of the real bitcoin network. This government controls the electricity for 65% of the miners.

        The real bitcoin has deviated from its security model. It was supposed to have a diverse decentralized network of miners, miners that maintain the blockchain, miners that are ordinary people spread around the globe who are using their own computers. Such a population of miners would be beyond the control of any one government.

        However this is not what we have. Mining

        • Re: (Score:2)

          by tlhIngan ( 30335 )

          The real bitcoin has deviated from its security model. It was supposed to have a diverse decentralized network of miners, miners that maintain the blockchain, miners that are ordinary people spread around the globe who are using their own computers. Such a population of miners would be beyond the control of any one government.

          However this is not what we have. Mining is dominated by ASIC hardware, the miners are predominantly commercial enterprises and 65% of the mining hardware in is China.

          No, that security

          • Re: (Score:2)

            by jythie ( 914043 )
            Yeah, but a lot of the early BTC thought and rhetoric was centred around the idea that it would break away from such patterns. It is the classic recurring problem with people trying to design by assuming that forces that affect the world will not affect them because they choose 'better people' or some substitute.
          • There are ASIC resistant proof of work algorithms. ASICs are hardware, the virtual currency is based on software. The software can be patched to break ASIC hardware as it appears. Rendering all that engineering R&D and manufacturing wasted. So ASICs themselves are not inevitable, they can be defeated *IFF* a virtual currency community cared. BTC apparently did not and its too late.

            GPUs, that's consumer grade so they are perfectly fine in the original security models assumptions. You can get diversity

    • Even cryptocurrency fraud is a hyper-inflated bubble. Seriously, $1200 in, and you get to 60x your investment?

  • The wheels are coming off the cryptocurrency bus aren't they?

    • Bitcoin Gold vs Bitcoin

      is like

      Java Script vs Java

      • Re: (Score:2)

        by jythie ( 914043 )
        The problem is one of scale, but of structure. We have seen a bunch of these attacks over the years for smaller systems where the cost is fairly cheap to execute, but if the payoff gets large enough, BTC is just as vulnerable.

    • The wheels are coming off the cryptocurrency bus aren't they?

      The promised fix is going to be to replace the current octagonal wheels with ten-sided wheels.

  • "Shut up and take my money!"

    Oh, wait...you already did.

  • What is Bitcoin "Gold"? (Score:3)

    by timeOday ( 582209 ) on Monday January 27, 2020 @07:51PM (#59662598)
    I suspect 99% of the excitement around this story will stem from confusion (or obfuscation) on the distinction between actual Bitcoin vs "Bitcoin Gold" which I suspect is tiny.
  • It would be possible to do the same, but with all bitcoins. Nobody wants to do that because it will render all bitcoins stolen, and end it forever, and set back all blockchain uses by decades. But it'll be fun when someone does it.

    • Re: (Score:2)

      by Dunbal ( 464142 ) *
      They would need one hell of a lot of computing power, but yes in theory it's possible. Which means it will probably happen eventually. I can just imagine the wailing and gnashing of teeth...

      • Re: (Score:2)

        by AK Marc ( 707885 )
        Enough spare computing power exists to do it now. The problem is finances. For this one, someone spent $1200 on computing power to steal $72k. That makes sense. But if someone spent $500k on computing power to steal $200B in bitcoins (all of them), they'll get $0 of them, as nobody will want them after that, so it's a net loss.

        • I think you underestimate how many "Jokers" there are in this world, who would love to see it burn. The amount of money used to obtain this end would be utterly irrelevant. You're deluding yourself.

        • Re: (Score:2)

          by Dunbal ( 464142 ) *
          Oh you don't steal 200 billion of them, you just steal $10 million worth or so. Not a bad return on $500k...

        • For this one, someone spent $1200 on computing power

          Or someone had $1200 of idle capacity. Or someone hijacked $1200 of capacity. Or suckered a bunch of people into contributing a sum total of $1200.

          • Re: (Score:2)

            by AK Marc ( 707885 )
            So I should crowdsource $500k to wipe bitcoin off the face of the earth. Can someone short bitcoin? Google says yes, but I didn't find anyone who would confirm they would without setting up accounts at various marketplaces. Raise $750k to wipe bitcoin. Spend $300k on the processing power, and $450k shorting bitcoin, then walk away a billionaire (if you could short that much, adjust the numbers for the amount that's possible to short.

            • Re: (Score:2)

              by ceoyoyo ( 59147 )

              Except you can't short that much. The majority of bitcoin's "value" is created by meaningless transactions among large holders. You'd never find anyone to take your billion dollar short.

              You could probably pull out a few million using the same double spending technique, giving a pretty good ROI on the $800k or so it would take to 51% bitcoin though.

      • Not really, chinese government could do it any time they choose by simply seizing the mining farms on chinese soil

    • Nobody wants to do that because it will render all bitcoins stolen, and end it forever, and set back all blockchain uses by decades.

      I see your definition of "Nobody", includes people who don't own any bitcoin, people who want to destroy bitcoin, and people who just want to watch bitcoin burn for the fun of watching all blockchain users for the fun of it.

  • Don't use "Bitcoin Gold" (Score:4, Insightful)

    by jdavidb ( 449077 ) on Monday January 27, 2020 @08:12PM (#59662668) Homepage Journal
    Bitcoin Gold is a fork of the original Bitcoin. Don't use it unless you know what you're doing.

    • Bitcoin Gold is a fork of the original Bitcoin. Don't use it unless you know what you're doing.

      I think you can leave off the "unless you know what you're doing" part. Unless what you mean by that is controlling 51% of the mining so you can double spend money.

    • Re: (Score:1)

      by rootb ( 6288574 )
      Actually, it's a fork of a fork of the original Bitcoin. It was forked from the so called SegWit chain (Bitcoin Core), which is a fork of the original Bitcoin (now traded under the ticker BSV)

    • Re: (Score:3)

      by reanjr ( 588767 )

      s/ unless.*/./

    • Re: (Score:2)

      by idji ( 984038 )
      and what makes you think Bitcoin is immune to the same attack? A state player could easily produce >50% of servers at any moment.
  • I think two groups did this, MIT students and some smart guy in Wisconsin, They figured out you could always win under certain circumstances and did quite well as I recall. One of the keys was to save all the losing tickets so taxes did not eat up all the winnings.

    • IIRC, There was a consortium of already wealthy people from Australia who kept track of jackpot sizes in some of the lotteries. When the jackpot was big enough they could reasonably purchase all combinations and guarantee a winner. Since the outlay was large, the return was probably just double their money as opposed to the millions of times return that average players are aiming for. Of course, when you've already got $100 million, doubling that is a tasty proposition. I think the lotteries have found

      • Re: (Score:2)

        by Dunbal ( 464142 ) *

        I think the lotteries have found ways to prevent this

        By having more combinations so that it's not possible to "buy them all". Try buying up the US "Powerball" lotto. That will be $584 million please...

      • Re: (Score:3)

        by starless ( 60879 )

        IIRC, There was a consortium of already wealthy people from Australia who kept track of jackpot sizes in some of the lotteries. When the jackpot was big enough they could reasonably purchase all combinations and guarantee a winner.

        I think you're thinking of Stefan Mandel.
        Originally from Soviet Romania before moving to Australia.
        And then applied the same scheme to the Virginia lottery.

        https://allthatsinteresting.co... [allthatsinteresting.com]

      • Re: (Score:2)

        by ceoyoyo ( 59147 )

        Why would lotteries want to prevent it? It's just more money for them.

        It's pretty trivial to compute when the jackpot in a lottery gets big enough to make the expected payout positive. Not many people play the game though because it usually requires a massive investment, and it *isn't* a sure thing. The number can still come up with a combination you didn't buy or some dweeb could randomly buy the winning number in a gas station in the middle of nowhere and you have to share the payout.

  • Keep piling money into crypto. Any crypto will do. You'll be a guaranteed millionaire in just a few months. Totally legit! Sigh.

    • The problem is there are genuine use cases beyond crime or tax evasion for a cryptocurrency. Some are higher priority than others, but it fills a need.

      Unfortunately, crime and tax evasion seem to dominate the activity.

  • Video at 11. Recriminations updated recursively.

  • Dogecoin is safe here! It's so big, you CAN'T get 51%! And ever since the beginning, 1 Dogecoin is STILL worth 1 DOGE. That is security and stability unlike anything else in the world - including gold!

  • wow, who could have imagined that e-ponzi schemes would be at least as successful at separating fools from their money as real-world ponzi schemes?

  • Bitcoin Cash (BCH) = Shitcoin Bitcoin Core (BTC) = Shitcoin Bitcoin Gold (BTG) = Shitcoin The real Bitcoin, the only blockchain that has scaled to unlimited blocksize and can handle over 10,000 transactions per second, includes the full original Bitcoin script, etc. is traded under the ticker BSV
  • After more than ten years, cryptocurrencies remain the realm of crooks and speculators (who tend to be crookish themselves.)

Slashdot Top Deals

I've noticed several design suggestions in your code.

Close