It’s no secret that the cryptocurrency market is in poor health. That’s true of any market that goes from over $800bn outstanding to $135bn over a year. But price moves do not, in themselves, pose a conceptual threat to the asset class.
A 51% attack, especially one against the second largest cryptocurrency by volume, is different. It strikes at the heart of what makes cryptocurrency viable.
The concept is a little technical, but is simple in essence.
Bitcoin, and many other cryptocurrencies, are verified by a process called 'proof-of-work consensus'. This means that the whole computer network maintains the ledger, rather than a trusted third party (like a bank or central bank).
Each computer in the network is informed of new transactions and competes in a mathematical race to add these transactions to the ledger. Successful computers receive a monetary reward. This ensures the security of the currency by ensuring that only transactions acknowledged by the whole network will be added to the ledger.
Even if your computer gets lucky, and wins the mathematical race once, and are able to introduce a block with a fraudulent transaction, the next block will not contain your transaction.
You have to be able to consistently beat the rest of the network until your version of reality becomes accepted (generally around six blocks, or an hour).
That requires you to have a majority of the computing power in the network (hence the 51% attack moniker).
The bitcoin network is the most powerful computer network on earth, and has long been considered utterly unassailable. Smaller cryptocurrencies though, are more vulnerable.
As cryptocurrency values fall, the rewards for verifying transactions fall too, and the computer power deployed in cryptocurrency also shrinks.That, combined with the aggregation of resources in mining pools and the ease with which people can temporarily rent servers, has made an attack more likely.
This week, it happened.
Hackers were able to control 51% of the Ethereum Classic network (a cryptocurrency with a tumbling market cap of $550m) and use it to steal $1.1m by doublespending (spending the same money).
In the scale of cryptocurrency hacks, $1.1m is pretty small. The infamous 2011 Mt Gox hack resulted in 7% of all bitcoin in circulation at the time being lost (around $473m then). The 2016 hack on the Decentralized Autonomous Organization, which triggered the SEC’s first report saying cryptocurrencies were securities, resulted in the theft of $150m.
But these were problems with faulty infrastructure for using cryptocurrency — not with the very idea of crypto. A 51% attack, though, strikes at the very essence of a cryptocurrency’s value proposition.
Ethereum Classic is not among the top flight cryptocurrencies today. To attack the big players would require a much greater investment of computing power. And other cryptocurrencies rely on different mechanisms that do not all share this vulnerability (although they may be flawed in other ways).
But, when we discussed the possibility of a 51% attack a year ago (when ByteMe called the top of the market), we noted that such an attack could devastate confidence in the concept of crypto, dealing a blow from which the market may never recover.
Make no mistake — this is a crack in the foundations.