The crypto news feeds (example) highlight that the crypto coin, Verge is being hit with a 51% attack the day before and has let the attacker steal 35 million XVG worth USD 1.75 million. They were hit with the same attack last month, when the attacker stole 20 million XVG worth USD 1.1 million and which seems downplayed by Verge.
Verge is a privacy coin with wallets featuring Tor and I2P networks already integrated. This is seen better than using VPN tunnels that encrypt your network traffic, but where you can’t be sure whether the service provider has logged your activities. One can use Verge coin to buy legitimate (charter jets, chess lessons, performance enhancing drugs) as well as questionable (porn) products.
Repeated coding mistakes – the ones that I highlighted earlier this week (Quality) and few months ago (Rising security flaws) made this seemingly impossible attack, possible and that too, twice. This is how I understand it occurred. Happy to stand corrected, still learning.
Quick Primer on Terminologies
- Timestamps – The blocks are accepted on Verge even if the timestamp varies by about two hours, like Bitcoin.
- Difficulty Level – The level to find the hash is set such that a block on Verge can be mined every 30 seconds, compared to 10 minutes on Bitcoin; probably to allow anyone to mine using their laptop rather than a dedicated ASIC.
- Hashing Algorithms – Verge miners can use any of the five hashing algorithms (Scrypt, X17, Lyra2rev2, myr-groestl and blake2s), compared to SHA-256 on Bitcoin. This is possibly to avoid the mining power resting with few miners as is argued with Bitcoin mining. In addition, individuals with different types of mining equipment will be able to mine.
- Difficulty Level Adjustment – The difficulty level is reduced if not enough blocks are found to be mined or increased if too many blocks are found to be mined. On Verge, it is adjusted every 30 minutes as compared to 2 weeks on Bitcoin. The problem being 30 minutes much less than the two-hour timestamp variation.
How the attack occurred?
- The attacker seems to have purposely alternated the use of two (Scrypt and Lyra2re) of the five hashing algorithms and purposely spoofed the timestamps only on the alternate blocks that they were mining – to one hour ago. These blocks were accepted on the main chain, given that the timestamps were within the acceptable timestamp variation and fast enough, because the target block time is 30 seconds.
- It made the algorithm calculating the difficulty level for those using Scrypt and Lyra2re to “think” that the blocks were mined an hour apart, instead of the target time of 30 seconds. Consequently, it reduced the difficulty level by a third every half an hour and all the way to almost zero. See Figure 1 below, which shows the difficulty level for scrypt and lyra2re to be almost zero. (Source)
- This allowed the attacker to mine one block every second, possibly by renting the hashing algorithms on nicehash (the largest crypto mining marketplace) and dominate the hash power of each of those two algorithms (competing against other miners using the same algorithm), which was then just over 10% instead of 50%. In this regard, it can be argued that this is rather a time-warped attack and not 51% in its truest sense. Last month, the attacker spoofed the timestamps on the alternate blocks, only using Scrypt hashing algorithm.
Figures
- Difficulty level for scrypt and lyrar2e hashing algorithms reduced to almost zero
2. The algorithm used to calculate the difficulty level is DarkGravityWave and included in the Verge source code. Figure 2 shows part of that algorithm as it appears in the source today.
3. Figure 3 shows the initial variables defined in the source code of Verge. The max of 12 blocks (as seen in Figure 2) and 150 seconds PoW spacing (see line 49 below) gives us 1800 seconds or 30 minutes.
4. The current version of DarkGravityWave on Github shows that the difficulty level is adjusted to every hour (refer to line 2 and line 13). Note that this algorithm is also by used other cryptocurrencies like Dash.
CC-BY Viren Mantri, 2018, licensed under a Creative Commons Attribution 4.0 International License.
Disclaimer: All views expressed here are entirely mine.