The 51% Attack – What Bitcoin Can Learn From Alt-coin Experiments


Considering a bitcoin mining hardware purchase? Make a more informed decision with our Bitcoin Mining Dashboard.

Starting late in the day on June 8th, and then again on June 10th, Feathercoin succumbed to 51% attacks. While this does not directly affect bitcoin, there are several lessons that the bitcoin community can learn from this experience. There is a case to be made that alt-coins have a diversification advantage, as silver does to gold, but they also provide an interesting testing ground for both new technologies and human behavior.

feathercoin_70Feathercoin is part of a group of crypto-currencies commonly called alt-coins. These currencies are largely based on the bitcoin protocol but with a few minor modifications. In Feathercoin’s case, there are two significant changes:

  1. 2.5 minute block time – This is 1/4 the length of bitcoin’s 10 minute block time. The intent of this is to reduce the wait time for confirmations of transactions. However, the net computing power over a larger set of conformations would be the same regardless of block size so this advantage is debatable.

  2. Scrypt as a hashing function – Bitcoin uses SHA256 for bitcoin mining, which is only computationally expensive so FPGA and ASIC miners only really require CPU power. Scrypt is both computational and memory intensive, making custom ASICs more difficult to design since they will require additional memory space. This also has the added benefit of not allowing current bitcoin ASICs to mine on feathercoin, since their hardware cannot compute scrypt hashes.

Feathercoin is the 6th largest crypto-currency with a market cap over $700,000. It is a close cousin to the second largest crypto-currency litecoin, and shares scrypt as the mining algorithm.

The Attack

A 51% attack can occur when a single entity has more mining power than the rest of the network combined. This causes concern because it increases the likelihood of a double spend attack and affects the difficulty of the rest of the network. A double spend attack can occur when a transaction is accepted on one chain, and the attacker creates an alternate fork where they still maintain control of the coins. They could theoretically transfer to an exchange, convert to another currency, withdraw it, then create their own fork where they still maintain control of their original coins. They would have effectively doubled their holdings in a short period of time. An additional effect is the lingering network difficulty after an attack. With a several factor increase in speed comes a corresponding increase in computational power required to discover new blocks. If the attacker then leaves the network, as they did in the case of Feathercoin, this will significantly increase the block and transaction confirmation time until the difficulty can be adjusted downward.

Starting at 7pm EST on June 8th, Feathercoin’s network speed increased from 300 MH/s to over 1,500 MH/s. The attacker then mined about 180 blocks in quick succession resulting in over 36,000 coins awarded (39.2 bitcoins at the current exchange rate). A second attack was started at 8pm EST on June 10th, where the attacker added 2,500 MH/s to the network.

In the first attack, the attacker started 80 block back on the main chain in order to maximize his rewards as well as the damage. This means that 80 blocks, 3 hours worth of transactions, on the main chain were effectively reversed as the miner created a forked block chain. Users with transactions on the wrong blockchain experienced 100’s of confirmations without the counterparty acknowledging receipt. Btc-e, one of ther largest BTC/FTC exchanges, increased the confirmation requirement to 100 blocks (over 4 hours) completely countering Feathercoin’s quick confirmation advantage. Additionally, a lot of miners remained on the wrong chain and their users wasted time and hashing power on the wrong blocks.

Potential Attackers

While no one has claimed responsibility for the attack, most likely the attacks came from one of the three following groups:

Bitcoin miners using a graphic card (GPU) mining mining farm temporarily switched to feathercoin mining. GPU miners would only require a software change, as opposed to ASICs which are too customized to mine feathercoins. Although the attacker’s coins have yet to be spent, this would be clearly profitable with a net value of over $4,300 if the feathercoins are able to be exchanged.

Litecoin miners have an easier time switching than bitcoin GPU miners, since both currencies share the same mining algorithm. It is possible that a litecoin pool operator is frustrated with feathercoin’s copying litecoin and the increase in value that feathercoin has seen recently. Litecoin has significantly larger hashing power than feathercoin, and pointing a medium size pool’s miners at feathercoin would have a significant impact on the feathercoin network.

Botnets were notorious for mining bitcoin before FPGAs and ASICs made it too difficult, and it is possible that a bitcoin operator saw the recent increase in Feathercoin’s value as a good opportunity to quickly mine some coins, or simply for the entertainment value of interfering with a young network.

Potential Responses

Feathercoin users will likely have two choices in the coming days. They can choose to continue mining on the attacker’s block chain, or they can start over from a checkpoint before the attack began. It is an interesting dilemma, since technically the attacker did nothing wrong. While clearly malicious, there are no official rules beyond what the software allows you to do. Continuing on the current block chain would encourage future attacks since the malicious party was able to keep their rewards. Legitimate miners that had been on the proper chain had their efforts nullified and transactions on that chain were reversed.

On the other hand, the core developers could release a client update with a checkpoint at a block before the attack began – creating a hard fork. This would revert all transactions to June 8th, effectively reversing everything that has occurred since then. Miners would begin mining from this block, and ignore the malicious chain. While punishing the attacker, this could also reduce confidence in the currency itself. Having irreversible transactions is an important factor for bitcoin-based currencies, and knowing that any time an attacker performs a 51% attack transactions will be reversed will significantly reduce the confidence in the currency.

What Bitcoin Can Learn

Interestingly, this attack occurred a few days after our recent article describing the consequences of a hard fork. It will be interesting to see what the community decides. In the slim chance that the core development team does release an update causing a fork, will the entire community agree to use the new client? Miners here will be the real ones making the decisions. They will have to decide whether to continue from the checkpoint, forfeiting anything they’ve made since the attack, or to continue on the current block chain. The longer this decision takes the more impactful the decision will be since an increasing number of transactions will be reversed.

Additionally, it will be interesting to see if this is the precursor for a larger attack on litecoin, the second biggest cryptocurrency. The top three mining pools account for 55% of the network’s speed. If these pools were DDoS’d in coordination with another large scale attack like we saw with feathercoin, it is possible that an attacker would be able to threaten this much more established currency. Litecoin’s ability to adapt to this coordinated attack would be an enlightening lesson for bitcoin. Is the best response to not do anything at all, or is it possible to coordinate a decentralized network and thwart an attack? Altcoins provide a great testbed for these questions, and hopefully an acceptable solution is found before a 51% attack threatens bitcoin itself.


For the latest analysis and updates