Horizen (formerly ZenCash) has proposed a new way to head off 51% attacks in cryptocurrencies. While it isn’t a cure-all, it might be a solution some currencies may want to adopt. It could especially help those without large amounts of hashing power.
The proposal is titled “Proposal to Modify Satoshi Consensus To Enhance Protection Against 51% Attacks – A Penalty System For Delayed Block Submission” and was written by Alberto Garoffolo, Pier Stabilini, Robert Viglione and Uri Stav.
The idea, put simply, is to disincentivize “Private” mining by attaching a fee onto any delayed block reporting.
51% attacks happen when a bad actor submits a transaction and then before it is confirmed by the network sends another contradictory transaction. The bad actor then attempts to mine a few blocks including the second transaction. He then submits those blocks after the first transaction is accepted by the receiver. The idea is that the attacker’s chain will include the second transaction before the first, invalidating the first transaction. If the attacker can make his chain the longest, the network will determine that the attacker’s chain is the legitimate.
They have to do this mining in private however. As any changes that are done in real time will be noticed by the network. Horizen’s solution is to add a penalty to any privately mined chain comparable to how many blocks it was mined before being submitted. So if the private chain has two blocks mined in private it will have to pay one fee, but if it is added with (for an example) seven privately mined blocks then the fee will be significantly higher.
While this probably isn’t completely necessary for coins with insurmountable hashing power, like Bitcoin, it could potentially help the hundreds of other coins that are vulnerable to a 51% attack.
Just last week, a Reddit user claimed he would livestream a 51% attack on the cryptocurrency known as Einsteineum. That came after an exchange fell prey to a 51% attack utilizing several coins, including Horizen, and Bitcoin itself patched a flaw that would have allowed a 51% attack (though that bug has nothing to do with this adjustment.)
It isn’t the kind of monetary fine that you would expect however, it is a time delay that will result in more resources having to be used before the faulty chain will be accepted, meaning that malicious miners would have to maintain their faulty chain in competition to the regular chain for a long while before the rest of the network will accept it. Since they would have to keep that computing power going for that long, it becomes economically untenable in most cases, to perform a 51% attack.
Furthermore, there would be additional time for honest actors to notice the attack. That will give them time to head off the attack.
It is also important to note that the time delay is based on the number of blocks, not real-world time. So any delays in blocks being mined won’t give the attacker an advantage.
In addition, the method can be fined tuned for different coins based on their difficulty. So a coin with a lower hashrate may want to increase the penalty for submitting late blocks, in order to further discourage bad actors.
From my basic understanding, it seemed it might be difficult for the system to keep up with a chain that has an extremely fast block time, like Ethereum’s 10 second blocks. But the Horizen developers assured me that isn’t the case. Presumably that is because it can be adjusted to account for that and can simply decrease the penalty or increase the the number of blocks before something is considered “delayed”.
While it will be a while before Horizen’s solution is implemented in Bitcoin, if it ever is, the proposal is still significant. Altcoins serve as a vital proving ground for solutions and new ideas. But if those coins are susceptible to 51% attacks, then there will be little incentive for developers to work on that level. If Horizen’s proposal proves effective, it could make a whole bunch of coins previously at risk of a 51% attack that much more viable. Which will add a lot of new real-value coding playgrounds for developers to experiment in.
We will periodically check in on how it is doing and will update you with the results.