Vertcoin, a crypto project, that aims to keep mining power decentralized, has suffered its second 51-percent attack in a year.
#RT @coindesk: .@Vertcoin, a crypto project that aims to keep mining power decentralized, has suffered its second 51-percent attack in a year. https://t.co/EeFqQ1Pb1s — Sam Wood (@woodensamuell) December 2, 2019
On December 1, it has been reported that the blockchain reorganization caused five “double spends” to the value of 125 Vertcoin (VTC) worth approximately $29.
“Each of the double-spent outputs are Coinbase outputs owned by the attacker and it is unknown to whom the coins were originally sent before being swept to an attacker address after the reorg.” James Lovejoy
However, a 51-percent attack can occur when an entity (or entities) gains over half of the hashing power of a blockchain network, bringing the ability to rewrite the blocks making up the “chain.”
It has been analyzed that almost exactly a year ago to the day, Vertcoin saw another 51-percent attack that caused multiple reorgs and was estimated by Coinbase to have cost users over $100,000. After that attack, Vertcoin, which aims to block powerful mining chips called ASICs from the network to keep mining more community based and affordable, switched its proof-of-work algorithm to one called Lyra2REv3.
“On Nov 30th, 2019, a Vertcoin miner noticed a large upswing in hashrate rental prices for Lyra2REv3 on Nicehash. This was combined with workers connected to Nicehash’s stratum server being sent work for unknown (non-public) Vertcoin blocks. I contacted Bittrex, Vertcoin’s most prominent exchange, to recommend they disable the Vertcoin wallet on their platform once it became clear an attack was in progress, which they subsequently did.” James Lovejoy
Likewise, the developer continued to say that there’s “strong evidence” that the attack was carried out by harnessing leased hashrate from Nicehash.
“The attack was originally discovered by inspecting the work being sent from Nicehash’s stratum servers, which were sending work for non-public blocks.” James Lovejoy
However, why Vertcoin was attacked again is still unclear. Lovejoy said that it would not have been profitable based on miners’ block rewards alone. He suggested that Bittrex may have been target, but the exchange disabling its Vertcoin wallet may have prevented more double spends.
Thus, an alternative option is that thefts through double-spending were not the plan and the attack may have been “proof of concept or sabotage attack.”