Michael J. Casey is the chairman of CoinDesk’s advisory board and a senior advisor for blockchain research at MIT’s Digital Currency Initiative.
The following article originally appeared in CoinDesk Weekly, a custom-curated newsletter delivered every Sunday exclusively to our subscribers.
-------
You may not have heard of Vertcoin, a crypto project designed to curtail concentration in mining power in the interests of broad-based participation. But if you care about security, decentralization and open access for cryptocurrencies, then the questions raised by a recent breach of its blockchain will matter to you.
In a textbook 51 percent attack documented in a blog post by Coinbase security engineer Mark Nesbitt, someone seized majority control of the Vertcoin network’s hashing power to conduct multiple “reorgs” of the blockchain. The attacker essentially rewrote part of the ledger’s history and then, using their dominant hashing power to produce the longest chain, convinced the rest of the miners to validate this new version of the blockchain. With that, he or she could commit the ultimate crypto crime: a double-spend of prior transactions, leaving earlier payees holding invalidated coins.
It was a painful blow for Vertcoin’s passionate community of users. Led by a dedicated, decentralized team of developers – the antithesis of last year’s money-grabbing ICO issuers – for four years they have defended their “ASIC-resistant” algorithm as a way to avoid the industrialized concentration of bitcoin and other proof-of-work cryptocurrencies.
Now, the bear market in cryptocurrencies has posed them with a challenging question: was their constant commitment to maintaining the competitiveness of affordable, general-purpose mining equipment worth it? Is their otherwise laudable goal of democratized mining only creating an untenable security risk?
Not surprisingly, critics, including many bitcoin maximalists, see the affair as a nail in the coffin for Vertcoin and other such projects. These ASIC-resistant projects’ algorithms are designed to ensure that powerful rigs running expensive, uniquely designed application-specific integrated circuits (ASICs) have no advantage over those with graphics cards, or GPUs, a widely available, more affordable processing unit that can also be used for gaming consoles and other purposes.
The problem, these critics say, is that if mining is relatively cheap and can be employed by simply taking a machine that’s currently doing one thing and having it do a different task, it’s easy for an attacker to deploy enough hashing power to seize control of the network. As a Breaker Mag headline declared, “Vertcoin’s greatest strength” seems now to be “a fatal flaw.”
There’s still a case for ASIC resistance
Yet there’s still no slam-dunk argument in favor of ASIC-dominated cryptocurrencies.
By any measure, concentrated, ASIC-led mining power has fostered centralization around a few big players, which not only raises the risk of 51 percent attacks by any of those large operators on their own or in collusion but also puts them in a role as de facto gatekeepers. That violates the anti-middleman objectives of cryptocurrencies and blockchain technology generally.
Look at how Bitmain has, with varying success, periodically used its position as the dominant provider of bitcoin mining hardware to manipulate the market and force its interests on the wider community. While it’s true that Bitmain has at times been thwarted by its opponents, notably by developers who successfully introduced the Segregated Witness (SegWit) update to bitcoin’s code against its wishes, there’s an argument that this only put users at the mercy of a different kind of gatekeeper group: the Bitcoin Core developers.
The arms race unleashed by ASIC-based competition for block rewards has also resulted in massive energy consumption in proof-of-work cryptocurrencies. While I believe bitcoin’s threat to the planet is way overblown and am encouraged by a recent Coinshares calculation that 77.6 percent of bitcoin mining uses renewable power, there’s no denying that electricity usage remains both an environmental challenge and a serious public relations problem for this industry.
What’s more, it’s not clear that ASIC mining models are immune from the root cause of Vertcoin’s problems. Essentially, falling coin prices made mining less profitable and resulted in lower rental rates for already-installed hardware on cloud mining sites such as Nicehash. It was that rented capacity, not newly deployed machines, that gave the attacker a quick, low-cost route to amassing hashing power.
All cryptocurrencies, both ASIC-resistant and ASIC-allowing versions, have seen their mining rental rates fall as crypto asset markets have collapsed. That has put a big pool of installed ASIC capacity at attackers’ disposal, undermining the argument that ASIC coins are protected because their rigs are more expensive to acquire and deploy than general-purpose GPUs.
It’s true that if there’s not enough rented hashing power to reach 51 percent, then an attacker will face a bigger barrier if they must deploy new ASICs to get there. But if the attacker is already a large-scale ASIC miner, that’s not necessarily a big leap, either.
Some developers are seeing the Vertcoin experience as a warning for all cryptocurrencies, viewing this bear market, which is playing havoc with mining profitability, as an all-encompassing threat to consensus models.
Even before the worst of the downturn, 51 percent attacks seemed to be becoming more common. In comments to a Twitter thread he started regarding Nesbitt’s blog post, zcash developer Zooko Wilcox suggested the threat was quite wide indeed:
To be sure, bitcoin appears to be significantly less vulnerable than other coins, because its massive overall hashing power, though itself down sharply since early October, makes it extremely expensive to rent enough of that power to take over the network.
In contrast with a mere $131 per hour cost for a 51 percent attack on Vertcoin as of Friday, a bitcoin attack would have cost you $226,000 per hour, according to the website Crypto51. And that doesn’t take into account the fact that the current list of cloud mining providers could never deliver enough hashing power for a renter to grab majority control of the network.
Also, if bottom-fishers eventually stabilize bitcoin’s price, which is now down more than 80 percent over the past 12 months, it will allow the protocol’s in-built difficulty adjustment to catch up and start to restore mining profitability.
Still, this case for bitcoin’s superior security stems from its status as the dominant coin, not from the presence of ASICs per se. And it unreasonably assumes no further improvements in the various models aimed at achieving alternative consensus and governance models.
We are by no means in stasis. Developers, within both altcoin and bitcoin communities, continue to explore decentralizing solutions. And for very good reason: the purpose of this technology has always been to achieve peer-to-peer exchange with broad, permissionless access that no gatekeeper can control.
The way the Vertcoin community has approached that objective deserves recognition. It combines an anti-ASIC algorithm with a clear, community-wide pact to fork the code whenever an ASIC chip is designed to mine its coin.
The model brings together two design elements that are critical for this technology’s success: smart on-chain cryptography with a clear off-chain social governance structure. (Disclosure: two of the main developers at Vertcoin, James Lovejoy and Gert-Jaap Glasbergen, are researchers at the MIT Digital Currency Initiative, where I am a senior advisor.)
Fighting the good fight
Still, this latest attack is a reminder that this cat-and-mouse game between the community and prospective attackers is really difficult to manage. The recent incursion into the Vertcoin network by specially designed Vertcoin ASICs showed how hard it is to keep up with the threat being amassed against it.
But in the spirit of learning from failure, Vertcoin’s developers are now making fixes that will improve their cryptocurrency’s security. One protocol update will make the new Vertcoin ASICs uncompetitive, for example.
It isn’t clear whether these are enough to offset the loss of confidence among Vertcoin investors and exchanges, which were the biggest losers in the double-spend attack. Vertcoin’s price has been hammered. From a peak of $10 in January, it was near $0.24 on Friday. And it is down 64 percent since the beginning of November alone. It may never recover from the blow to its reputation.
But what Vertcoin developers are trying to achieve is important. It would be a mistake to dismiss their work based on this latest development.
STORY CONTINUES BELOW
Whether this cryptocurrency itself survives or the learnings that come from it are applied to some other project, work on models that encourage open access and decentralization should be allowed to continue.
Bitcoin mining facility image via CoinDesk archives.