Browsing Tag

Bitcoin Cash


Bitcoin Cash ABC Is Vulnerable To 51% Attacks

It’s been a couple of days since Bitcoin Cash split into two separate blockchains and the results from the controversial hard fork are mostly negative (if you wanna know why hard forks suck click right here). One of them is the BSV (operated by nChain) and the other is BAB, the brainchild of ABC.

As of writing, both networks are struggling with severe technical difficulties. However, yesterday ABC’s vision of Bitcoin Cash rolled out an update that made things even worse. In short, if miners with bad intentions decide to launch a 51% attack they could easily do so.

The update in question amends the way the mainnet verifies pending transactions. Originally, BAB relied on a classic Proof-of-Work algorithm but with recent changes “checkpoints” entered the game. Checkpoints make sure miners validate transactions on the original blockchain, and not on a copycat one. The idea is clearly to protect the network from “deep organization attacks”. Put simply, deep organization attacks happen when a group of highly-coordinated baddies tricks miners into mining a false blockchain. A successful deep organization attack could force the blockchain into nasties such as double spending and reverse transactions.

With the latest software update, every 10th block operates as a checkpoint. That being said, blocks which do not match the checked version of the ABC network will be automatically rejected by miners.

I don’t see why this is bad

Some security researchers voiced their concerns that this opens up space for 51% attacks. If someone takes over 51% of the network’s hashrate they could easily add ten artificial blocks by simply restructuring 9 checkpoint blocks. If this happens at exactly the same time when the network mines its 10th block (which it will assume as “honest”), this could result in a malicious and unplanned hard fork.

According to Eric Wall (as cited by Hard Fork) the arising issues are as follows:

“Since not all information gets propagated over the network at the exact same time, some nodes will see a 10-block reorganization, which they will reject, and others will see a [nine] block reorganization, which they’ll accept. […] The network will then have forked into two, and if there are two exchanges on different forks, it’s trivial for the attacker to sell the same cryptocurrency twice, on both these exchanges, and thus be double-spending.”

Other crypto geeks such as Bob MacElrath also voiced their concerns:

And to make things worse, it turns out that ordinary mining rigs and $27k are just enough to take the ABC network down.


Trezor Wallet Adds Important Bitcoin Cash Update

Two of the world’s largest exchanges, Coinbase and Bitpay have already integrated cashaddr in their platforms. That undoubtedly boosted the adoption of Bitcoin Cash as the community seems to enjoy cashaddr. What is even more exciting is that Trezor announced it has added cashaddr support to it hardware wallets.

If you don’t know what cashaddr is, here is a simple explanation. It is a Bitcoin Cash address format, specifically designed to differ from Bitcoin wallet addresses. The addition of cashaddr is a major step for both Bitcoin Cash and Trezor. Surely, the process took a lot of time and investment but we are sure it is for good. The announcement was brought by Bach N and Jochen Hoenicke via Twitter and GitHub respectively. They are both cashaddr developers in Trezor.

Developers discuss

Earlier, Pavol Rusnack (Satoshi Labs) expressed his opinion by stating:

“I suggest to change the address version to something different, so it is obvious the address is a Bitcoin Cash address. (It can start with C for example). Don’t forget to change also address version for P2SH!”

The cashaddr topic remained viral in the community as Amaury Séchet quickly continued the discussion, commenting, “Agreed. I have a plan to change the address format. Changing the address format is expensive, so I would like to investigate various other option than just changing the prefix before settling on something. I would also have to convince other in the space that this is a good address format.”

Hoenicke took the discussion on Github where he explained:

“This needs to be done outside the firmware for cashaddr support. Webwallet: compute cashaddr addresses from xpub. Note that only the last step from hashed public key to address needs to be changed. The webwallet checks that the address the Trezor returns is as expected. This check should also allow 1.. addresses so that it works with older firmware (so we don’t have to deploy both at the same time); allow cashaddr as send to address. The firmware supports both and both use SPENDADDRESS. The only difference is the confirmation message given to the user; the transaction format did not change at all.”

It is fascinating to see how different projects support each other, thus increasing the trust in the community. Stay tuned!