Modern day check kiting & blockchain


#1

Just watched Ivan’s Do you REALLY understand Bitcoin Stale Blocks? Programmer explains on stale & orphan blocks, it was very interesting but left me with a question…

What would happen if you were miraculously able to hack a major blockchain like Etheror Bitcoin to the extent that you maintained the longest chain for say…4 hrs… and in this hack you steal millions of coin (actual coin, which is a fraction of fiat equivalents).

The 4 hr window may be long enough to get the standard 6 confirmations to come through on an exchange. Or maybe you’re using a slightly less reputable exchange that uses less confirmations.

During this time you trade your “stolen” bitcoin for alt coins across multiple exchanges which of course are on other block chains.
You even sell some on local bitcoins or another escrow-like service at a steep discounoyt for true cypto under the guise of “looking for a quick cashout” say 1BTC : 6ETH given a market rate is 1 BTC for 8 ETH.

This seems to be a futuristic version of Check-kiting -
tl;dr: you double/multi-spend money by taking advantage of the slow bank check-clearing times and the internal bank trust limits.

How would all of the affected networks rectify this situation?

side note: It seems like the affect of a similar situation for IOT-based chains would have an even worse affect because its dealing with physical things which are not as easily reversible.

I would love to hear community input here before positing the question to more forums.


#2

Such an attempt would not get unnoticed and the funds of the malicious parties would probably be frozen in the exchanges. Of course this would be a major disturbance and will probably lead to a significant drop in the price of the affected cryptocurrncy.


#3

Actually, with a proof-of-work type network, I disagree with your statement, this scenario would actually go unnoticed by the network.

If we take the original statement:

Being able to do so implies that you control over 51% of the hashing power of the network, the network has no reason to dispute your entries, since every time you execute a double spend transaction you are the one validating and approving it yourself, the network would be powerless until such time that it can amass enough hashing power to take you off of the 51% position. Until then you control the longest chain and are therefore assumed the truth.

Obviously you would have to do this by controlling a virtual set of different mining operations (they can all be in one location but are called differently) and you distribute the mining across each virtual entity so that the network doesn’t immediately see they’re all mined by the same entity. You would be able to mine at least 6 blocks / hour in bitcoin, so 24 blocks total; for a value of 12.5 BTC / block or 75 BTC (at current rate: 658,200 USD) as well as have all your double spend coins.

They might notice it after or even during and yes, the funds would likely be frozen, but whether that freeze would happen within the same 4 hours is highly unlikely and therefore you would actually get away with this.

Having said that, the cost of doing so would be significant if not rendering the process useless:

  • You would need to own mining gear that is almost more than twice the capacity of the current total mining pool (assuming this hack doesn’t come from within the pool), so your hardware cost would be astronomical.

  • You would need to use more than twice the amount of energy than the current pool to achieve a hashrate that almost doubles the current network’s hashrate,

I.e. the current hash rate is 23,721,528 TH/s in order to achieve a 51% majority you would need to produce at least 24,700,000 TH/s to achieve 51% of total capacity (48,421,528 TH/s)

  • There is no guarantee that your 51% majority would be able to mine all blocks ahead of the rest of the network, to do so you would need to go significantly higher in hashing power than the network (and be able to maintain it).

So - theoretically you can do it, is it economical / practical, no, not as far as I can see. If you have that much hashing power, you’re better of simply mining (you’d need a lot less) and you would have a very decent income (the current annual mining revenue is: USD 7,374,246,478).


#4

Iwan, thank you, I really appreciate your elaborate answer.

My line of thought was if this were to happen it would be done purely as an attack on a major cryptocurrency to undermine the integrity of the industry and likely by a large economic power(s) to bring control back to a centralized state.


#5

Hi Validictus :slight_smile: , a government or other large economic power could be able to do it, but I’m not sure what their incentive would be. Cryptocurrency - while very important to the people on this forum - are actually quite small on a global scale.

I don’t know the exact numbers but if I recall by mid September 2017 there were around 8 Million cryptocurrency users (that includes the dead accounts).

Right now cryptocurrencies have a combined market cap of 425 Billion USD, while that is a lot (slightly larger than Amazon, more than half of Apple); the gold market cap is 8.2 Trillion USD, so crypto is about 5% of gold to date. Don’t get me wrong, I just calculated the number and I’m impressed, it is substantial but not gigantic.

If you look at physical money, we are talking about a market cap of 31 Trillion USD, so crypto is 1.4% of fiat. Stock markets are 67 Trillion, so crypto amounts to 0.63%, again impressive but at the same time really small.

It is much easier for governments to either ban it outright, demonise it or to regulate it; and much more cost effective than hacking it.

If you hack you certainly damage the coin and potentially the market but look at the ridiculously vast array of hacks that have taken place, and yet crypto currencies survive. You would have to do a truly massive hack of Ethereum or Bitcoin and bring it down to its knees to break that kind of (misplaced?) investor optimism.

Doing such a hack on such a large scale would be noticed, no politician wants to have their name attached to willfully spending public money to bring down bitcoin through a hack (especially since your hacked coins will equally depreciate in value), I.e. there is no economical justification to do it.

Likewise, a commercial entity would not want to see their name attached to such a hack and honestly there is no economic harm for them in cryptocurrencies existing.

Currently most governments are looking at regulatory requirements, simply because it is still small enough to put some controls in place, before it becomes to big and uncontrollable.

If I wanted to bring it down I would do it through demonisation, much easier and much more cost effective.