Several sources reported yesterday that the “original
Ethereum”, more commonly known as Ethereum Classic, is being subjected to chain
reorganization. This reorganization can be done by a malicious player who owns
more than half of targeted network’s mining hash rate and is thus called a “51%
attack”. By controlling more than half of the network’s mining power, the
attacker is capable of “double spending” aka rolling back on-chain transactions.
A 51% attack is one of the most feared concepts in modern cryptography as it removes
an essential piece of a crypto network: its immutability. Reddit user
turtleflax explains how the attack works:





“What a 51% attack
does is remove 2 important properties from a blockchain, immutability and
censorship resistance. This happens because consensus is achieved based on
trusting the majority of hash rate. This works great in a decentralized system,
but when 1 entity (attacker, hacked/malicious pool, nation state, etc.)
acquires majority hash power then problems happen:





Miners package up
transactions from the mempool into blocks so a majority hash rate miner can
exclude specific transactions or all transactions (mining empty blocks). This
is effectively censoring transactions on the network for the duration of the
attack





When a miner includes
a transaction in a block, it is said to be confirmed. If they have more hash
rate than the rest of the network, they can spend coins and then spend them
again elsewhere, a “double spend”.”





The problem was initially brought to light on January 7th
by an entity called Ethereum Classic Consortium, which communicated that a
security team Slow Mist detected transaction rollbacks on several ETC blocks.
The ETC community dug deeper and discovered that a private mining pool (address:
0x3ccC8F7415e09BEAd930dc2B23617bD39ceD2C06) has been achieving more than 50% of
the total network hash rate at certain times.





In order to prevent potential attacks, Ethereum Classic
developers called on the exchanges and mine pools to increase the number of
required confirmations on transactions to more than 400 until the issue is
resolved.- Several exchanges responded; Bitfly confirmed they’ll be increasing
the confirmation threshold to the recommended numbers:





“We can confirm that
there was a successful 51% attack on the Ethereum Classic (#ETC) network with
multiple 100+ block reorganization. We recommend all services to closely
monitored the chain and significantly increase required confirmations,”

said the exchange.





Coinbase revealed
that several instances of 100+ block reorganization and double spending did in
fact appear on the ETC network. The total value of the double spends that Coinbase
has observed thus far is currently sitting at 219,500 ETC (~$1.1M). At the same
time, several mining pools are showing invalid block heights and experiencing
orphaned blocks, which are clear signs that the Ethereum Classic blockchain has
been tampered with. As of now, Ethereum Classic developers are reportedly working
with Slow Mist and many others in the crypto community to find a way to resolve
the issue.





  • Brave
    browser shows impressive growth in 2018, hits 5.5 million monthly active users




Popular cryptocurrency project Brave, centered on
integrating cryptocurrency with ad-free, safe internet browsing, released their
2018 stats recently. The stats and milestones showcased did imply that the
project had a productive year behind it, with strong strides forward made on
several fields.





Biggest highlight of the year was certainly the recorded user
base growth. According to the numbers presented by Brave the project managed to
grow their adoption more than 5 times, as active monthly user numbers grew from
1 million in January of 2018 to 5.5 million that the project currently has. Apparently
80% of this user base is located on Android/iOS platforms, with the remaining
20% coming from desktop users. Further growth is expected in the future, with an
even stronger influx of users to come once the browser leaves beta and sees its
1.0 version released.





In other milestones for 2018, Brave saw a steady growth of their
verified publisher pool, which clocked at 28 thousand members at the turn of
the year. This represented a seven-fold increase from Brave’s January 2018
verified publisher numbers of 4000. Work was done on improving user privacy on
the Brave platform, as highlighted by the integration of Tor in Brave browser’s
Private Windows, as well as the opening of a Research office in London for
future implementations of privacy innovations such as SpeedReader and AdGraph.
Some strong partnerships, policy/industry conversations and community relations
were a part of the year gone by for Brave; you can check all of that on the
project’s official end-of-the-year
blog post
.





  • New
    XLM-based scam exposed




Reddit user b1tcc brought light to a new scam that is making
the rounds on the crypto market. The scam is apparently called StellarPay and
is made by the same people who were responsible for similar shady Stellar-based
projects like StellarActivity and Stellar Dolphin.





Apparently the scammers are contacting individuals via Reddit,
Twitter and other social media platforms, asking them to visit the StellarPay
website and join a giveaway of project’s XLB tokens. The scam involves the
project offering XLB bounties for anyone who takes some load off their back and
promotes the scam online.





“Huge giveaways, empty
promises, low effort product with some images, and lots of bounties for people
start using their crap token so they could gather a big user base, in the end
they exit scammed by shutting everything down after selling some of their
supply.”





The scam seems to be a bit more advanced and high-effort this time, differing from the low-effort “enter your private key on our phishing website” scams that were previously ran by the people behind StellarPay. The “team” apparently hired some graphic designers and created a better looking website, and also went to the trouble of stealing their team member pictures from this link. With some bad English sprinkled aside and no intrinsic value behind the XLB token, it’s recommended that the community stays away from this project.


The post Summary of the Ethereum Classic (ETC) 51% attack appeared first on CaptainAltcoin.




Full article