Editor’s note: This article from the etheric Fang enthusiasts (ID:ethfans) author: David, Vorick, translation & proofreading: Chen Liang & Elisa, the daily planet unauthorized release.
2019 is the 51% year of the cryptography currency attack, because the attack seems to be just some of the market value of 51% was not worth mentioning the cryptography currency problems, however, we found that now has a relatively high visibility and market value of the currency in the face of cryptography because of the 51% attack of the “double” problem, and exchange to bear the brunt of these attacks the.
With the increasingly frequent attacks and cryptography currency exchange began to take serious measures to prevent risk defense. Usually, improve the cryptography money transfer block number can confirm the defense of the 51% attacks, however, the attack has been able to expand from dozens of blocks to hundreds of blocks, by increasing the number of 51% blocks to confirm the effectiveness against the attack has not guaranteed.
If there is no significant agreement to upgrade, we expect the attack will be more and more, even may cause the exchange can not operate normally. These 51% attacks succeed because these attack protocol based cryptography currency weakness in the bottom, so the final exchange in the selection and support of new cryptographic currencies will be more conservative.
Game theory and risk model
Many go to the center of the protocol assumes that the network protocol at least 51% of the participants are honest and reliable. Bitcoin success is because the protocol designers realized that this assumption is not sufficient to support the effective operation to the center of the protocol in the real world. In an anonymous and unregulated Internet world, each network participant plays the role of the main economy, even if they take and the established protocol does not conform to the rules of “deviant” behavior, also won’t have what consequences. Instead of assuming that 51% protocol participants are honest and reliable, bitcoin hypothesis more than 51% participants will act in accordance with their own economic interests maximization rule.
Bitcoin developers assume that all participants in the bitcoin protocol will actively find a way to profit, even if this method violates the agreement itself rules rather (bitcoin) assumption of the risk model of loose degree (compared to the assumption that 51% participants honest and reliable model) is greatly reduced, but this assumption will limit the agreement the flexibility of the design, but it is the inevitable requirement made success in the open network. .
Bitcoin developers seeking is the incentive compatibility, which means the optimal decision of each protocol of participators is the optimal decision of the whole system. When an agreement with incentive compatibility, all participating individuals can be completely selfish, because such selfish behavior is also beneficial for the system as a whole.
Bitcoin can safe and stable operation of the game theory behind it is complex and ingenious. Many try to imitate the design of bitcoin protocol cryptography because of inappropriate changes in currency and undermine the incentive compatibility, therefore, these cryptographic currencies are not safe, “the recent flooding attack good old-fashioned” to show us the truth: this world is not all things as we imagine so orderly.
Although the competition coin designer in the fancy changed the bitcoin protocol incentive coordination, but caused a more important reason the recent frequent double attack is a lot of competition as a guarantee currency decided to use more blockchain safe means for general hardware. When a variety of cryptographic Hardware mining can dig money, then the key incentive compatibility of the association will be destroyed.
The use of Multi Chain Hardware mining cryptography currency mainly has two kinds: the first kind is the most famous is the anti ASIC mining cryptography currency, anti ASIC mining generally used cryptography currency Multi Chain Hardware mining, ASIC mining people supporting the resistance that lower threshold of more general mining, mining equipment, will make the stress more scattered and decentralized; second kinds of Multi Chain hardware cryptographic currency while there is also ASIC mining mining, mining algorithm is the same with other individual currency used in cryptography. When using a variety of cryptographic algorithm as currency mining, mining the same hardware (even special mining hardware) as can be any one of cryptographic currencies as the target to attack the incentive compatibility and lead to destruction, as we saw against ASIC mining currency attack case cryptography.
The change of 2017 years.
Multi Chain Hardware mining for many years has been the focus of discussion in the field of cryptography currency, however, 51% attack is only recently began to appear frequently, indeed, caused by a simple reason of these attacks is a more convenient tool began to appear, smarter attackers emerge, the industry infrastructure is more and more perfect, the development of the industry is more and more complex and diversity. The rapid development of the industry to bring more benefits to the honest participants, on the other hand to facilitate the attack, making some experience but have an ulterior motive came against unsafe cryptographic currencies more easily.
Here we look at some of the 51% attack very important things, but I believe that even without these, we will see more and more high-profile 51% attacks occurred in the use of many mining equipment chain currency cryptography. In the “double” defensive attack, many mining equipment chain is not a safe method fundamentally.
Is the market force
Is the maturity of the market is one of the key catalysts lead to frequent attacks of recent cryptography currency, for the use of Multi Chain mining equipment cryptography currency, know each time the mining profitable cryptography currency requires skills and experience. The market provides such a market, let the machine owner can put machine lease to more experienced miners, increased computing power market profit of all participants, creating a win-win situation. However, the negative effect of market force is to provide a quick loan platform for a large number of force attackers to attack. For example, previously appeared in computing power market, attack a network with 100 thousand GPU mining cryptography currency, more or less to the attacker has 100 thousand GPU, which requires the attacker must have the money amount to millions of dollars to attack, attack the high threshold means that the relative safety of mining GPU cryptography currency. But with the development of power market is the same 100 thousand GPU by attackers on loan for several hours, the cost may be only tens of thousands of dollars, is to make use of market chain mining equipment safety margin cryptography currency dropped several orders of magnitude.
We have to assume that the future mining equipment is multi chain market will continue to grow, because this is the market force can make efficient use of mining equipment is higher, while allowing the mining equipment owner and miners and other groups to maximize the benefits.
However market is far less impact on the use of special equipment is mining cryptography currency, market advantage is that it can make many mining equipment chain owners do not need to consider what the most profitable dig cryptographic currencies and brains, and the use of special equipment for mining a machine cryptography currency, only dig this kind of cryptography money, it also means that even if the mill owners involved in the market has not what is excess returns.
From the perspective of game theory, a force in the market, there is another important aspect of factors need to be considered, when a miner to Multi Chain mining equipment to calculate market for leasing, his mining equipment may be used for rental to launch cryptography currency attacks, but its owner does not care his equipment has been used in attacks on cryptographic currencies or ordinary mining, because as long as the attacker is willing to pay a premium to the owner (the attacker and the rental of a number of the same mining equipment, mining equipment rental prices will rise), they are willing to rent their mining equipment, and even a kind of the cryptography currency is dug machine chain suffered a severe attack, does not affect the mine value, because many chain mining equipment not only can dig it a coin.
In contrast, the special mining equipment owner could only profit from it by digging only one currency in cryptography, special equipment for mining lease attacker is very risky, because of the success of an attacker to the cryptography currency will have a negative impact on the special machine very direct. Once the successful attack, all in special equipment rental market force mining the currency miners will risk losing the only source of income, so the special mining equipment owners have enough power away from the computing power market, so they dug the cryptography currency maintaining adequate margin of safety.
A large mine also reduced mining equipment to dig the Multi Chain cryptography currency safety margin, many large mines have more than 10 thousand GPU, many mines have more than 100 thousand GPU, even a few mines biggest has more than 500 thousand sets of GPU.
From a security perspective, a GPU mining money if there is no corresponding cryptography 50 million GPU operator, then in theory, it is likely to be the biggest attack several mines. A GPU mining 10 million GPU cryptography currency is not corresponding to the work force, not only may be a common field of attack, many large mines are able to independently to launch 51% attacks and cause “double”, and a cryptography currency if less than 1 million GPU corresponding to the work force, is very fragile and vulnerable to attack.
Many GPU mine are profit driven, almost no interest in the field of cryptography currency value pursuit, for these “mercenary” mine, as long as they can earn more profit, they will go to achieve through a variety of ways, even if the underlying cryptographic currencies ecological expense caused by break.
Special mining equipment to solve the problem of network attacks in two ways. First of all, professional mining equipment to dig cryptography currency, there may be only a maximum of 51% mines have the ability to launch attacks on the network basically, although it sounds not what great security, but the use of special machine cryptography currency only needs to trust such a mine. But this is most anti ASIC mining cryptographic currency in stark contrast, most anti ASIC mining cryptographic currencies at any time are likely to be a different attack.
The advantage of using special mining equipment of cryptography is the most important monetary incentive compatibility, for a profit (special machine) field, the network attack cryptography currency usually cannot profit, because that will cause the value of mine mining equipment decreased. Im a mine has a full network 51% of the work force, the mine has no incentive to perform 51% attacks, because the value of mining equipment and special attack attack can not exceed the profit losses, this is a “The loss outweighs the gain.” act.
Attack: more resources, higher complexity
Compared with 2017, in one of the most important cryptographic currencies change in 2019 is the industry have a higher value, more and more people begin to understand the related theory, experts are more.
In 2017, understand cryptography currency these vulnerabilities exist is not a lot of people. In addition, usually a cryptographic currency and no high market value, this also means that even if you know how to attack the cryptography currency, can not gain a lot of profit from.
While in 2019, know how to operate the cryptographic currencies become more people, know how to attack those who have significant defects in cryptography currency have also become more. At the same time, brought to a successful attack of cryptography currency returns rise, which means more capable of attacking people trying to attack. Higher returns also means that attackers will spend more time, money and resources, to launch an attack.
This situation will become more and more serious. Now the 51% attack is popular because of its high returns brought with extreme ease. However, many mainstream dApp exist fatal flaw, and as their value growth, the attacker also got more experience, these vulnerabilities will further be attackers use. I am particularly worried about these problems (worry degree from high to low): consensus algorithm, block chain relates to the new governance mechanism, Oracle, stable currency, market forecast and some other concepts of cryptography currency project. Generally speaking, the core concept is not itself has openings to exploit specific design pattern, but their problems and implementation plan. This industry is currently a lack of peer review; many have been deployed high visibility project did not experience the full review, so they may have significant vulnerabilities are not repair.
The hardware market
The hardware bear whether or using special hardware to use multi chain hardware cryptographic currency will have an impact. If its value drops to make mining unprofitable, the attacker will be able to access the hardware at a low price. Because cryptography is currently in the currency market. The number of its value plummeted, that is to say, money for cryptography to resist the attack force is less effective now, also means that attackers can be more cost-effective to buy or rent trade hardware to attack.
GPU market is suffering from another effect: there are now dedicated to the Ethernet and Zcash mining ASIC fang. Before the two currency is driven GPU cryptography’s main force, and now this part force is gradually transferred to the ASIC force, which makes the hire GPU to attack the lower value of the currency greatly reduced the cost of cryptography. As ASIC gradually occupied the high value of the money market originally used GPU cryptography, it is not difficult to see that this situation will be intensified, at the same time, 51% attacks will become more common, more low cost. Even if the emergence of new anti ASIC means, I don’t think this trend will ease or stagnation.
In the face of hardware bear market, bitcoin is not immune. It is estimated that a sale of up to one-third of bitcoin is force is already bankrupt. Today, S9 and its price has been far lower than the manufacturing cost, although it seems not as bitcoin security risks, if prices continue to fall in this range of 2 to 4 times, it will be suspended in the bitcoin head a Damocles Damour.
Effect of manufacturers bear cause more serious. It is estimated that the mainland, core technology, dynamic bit TSMC, Samsung and even for the sudden drop in hardware prices suffered heavy losses, so in the future we are unlikely to see the company’s excessive production: we now know that the risk of a lot of production is very high, and now bitcoin hardware high risk to many companies unwilling to bear the. I think bitcoin is now in the history of the most serious hardware market.
However, the use of other special hardware cryptographic bitcoin currency has not so big, so the hardware manufacturers may be more willing to bear the risk of excessive production of this kind of machine, which makes the currency prices suddenly fell through cryptography or other unrest caused by the hardware market.
Effect of block reward
Due to the hardware acquisition and operating costs are very high, “double” cryptography currency attack depends largely on the block of reward. The number of attacks against cryptographic currency ability and mining hardware is proportional, therefore, if the block is low to no reward for a lot of hardware of the currency of the mining, protection of the currency will become very little.
In short, when it comes to the safety of cryptography currency, we must consider launching a 51% attack to the dollar cost. If the total value of all machine a cryptography currency is $one million, so obviously, any more than $one million of transactions are very vulnerable to 51% attacks, because the opponent only need to spend $one million to buy or manufacture machine, you can launch a “double” attack.
The total value of its extremely difficult evaluation of a cryptography currency, a manufacturing assessment is also true enough to launch 51% attacks the hardware cost, but according to the general experience, the cost should be equal to 6 to 24 months of block reward. Usually its open market competition will ensure that its value in this range.
This experience will help us to determine the maximum security transactions cryptography currency, but before the determination of this value, we need to talk about “double”. In fact, there may be more double the maximum multiple of three flowers, four flowers and even the attacker may reach the. Single double attack can be simultaneously in multiple different exchanges launched. Therefore, in response to the double attack, only consider a transaction in fact is not enough, we also need to consider other possible attacks at the same time.
The maximum safe turnover of actual currency and usually seen in cryptography, and depends on multiple factors including block reward. But according to the general experience, the use of special machine cryptography currency, more than a month blocks the reward value of the Fair makes me feel uneasy, but for large computing power market cryptographic currencies, maybe one hour blocks the reward value of the transaction is enough to lead the attack.
Cryptography short currency
Essentially, short is lending. When you are short of a cryptographic currency, you are actually borrow some tokens, and these tokens are needed in the future to repay you equal (usually, maybe with some interest). Generally speaking, when someone is short of a currency, they will immediately sell these borrowed tokens, and pray for the subsequent cryptography currency devaluation, so that they can then buy and pay off the loan, so as to benefit from.
Short transactions require the two party. One of the parties to borrow another loan. For cryptographic currencies, the borrower and the Lender Borrower may exist contradiction: use the money to attack the cryptography money itself, the price collapse. The attack may be of different types: double attack, or refuse to attack servers (the attacker has been hollowed out block). According to the type of cryptographic currency, the attacker may also launch other more advanced attacks.
There are two reasons why I put forward the topic of short. The first reason is to warn the exchange and market participants, against the bear market. If you are borrowing money you may provide cryptography, is to provide funding for the attackers, causing you to recover after the depreciation of assets. Compared with the traditional market, the risk of short lender money market for cryptography is much higher.
Another reason is that the risk of large bear market may increase the other depends on the security of cryptography currency participants. If a cryptography has a large currency bear market, potential attackers have sufficient resources to raise funds for the attack, and once the attack is successful, they need to repay the funds will be greatly reduced. Therefore, the exchange and the user should caution or avoid holding a large bear market cryptography currency.
Shortcomings of existing defense methods
Increase the shortcomings of long recognition
Increase the charging confirmation long to deal with cyber currency fluctuations, which in most situations effectively, can significantly reduce the risk of certain types of. But other times, this method is useless, unable to provide effective protection.
When the fluctuation appears in the P2P network, increase recognition long is one of the most effective measures. When the block transmission slow, network node bifurcation, temporarily buckle block attacks or routing layer attacks etc., very effective confirmation number. To confirm the time extended from 60 minutes to 24 hours, have more time to the most stable, long chain branching, repair or solve routing attacks.
Confirm the increase in length, also can effectively deal with the selfish mining and finally force less than 50% of the fraud. When the selfish mining serious, or mining excavation non normal block, block probability of large-scale restructuring will greatly increase. Different and usually 2-3 blocks of restructuring, large-scale reorganization of the block number may reach ten. Of course, if not 51% attacks, restructuring is unlikely to exceed the number of block dozens. At this time, the blockchain will still probably keep the single direction of growth rate.
However, when subjected to real 51% attack, confirmation time effect is less significant. To confirm the length from 60 minutes to 6 hours, the attacker must hire more computing power, or the need to attack the mine waste more time, but only limited to this, it is only when a currency attack attack threshold is high enough, this strategy (school note: by increasing the computing power of rent cost or growth time attack no attack will be effective).
A very important point, when crypto currency 51% attacks, the attacker will have dug block rewards in the bag. If the currency prices fell after the attack, the attacker to profit by these wars. This is why to rely on GPU mining of the small size of the currency, one of the key reasons is the length of the method of confirming effect increased. If the currency of smaller or lower block rewards the attacker may only need to rent, a few hours of work force, will be able to get a full week block award.
Address deficiencies blacklist
Before the exchange had emergency method to add a blacklist to prevent attacks. The attacker need to mention currency double implementation, usually will be transferred to other currency transactions for subsequent transactions, therefore, the exchange between can notify each other of those involved in the problem of double address, and they will be included in the blacklist, in order to prevent theft of coins and flowers to recoup their losses.
Although the address blacklist sometimes is very effective, but the attacker will gradually master the way to deal with. These methods include the use of anonymous coins, leading to multiple currency transfer stolen wallet and then initiate honeysuckle, or use to the center of currency exchange. The complex attack means the address blacklist this protective way too.
Of course, this is not the exchange from address list, once recovered from a loss point of view, this is a good way. But now is not completely dependent on it to recover the attack suffered losses, after all, in most cases it will be in vain.
Some suggestions on lowering the risk of
Despite the terrible situation, especially those exchanges, we can still take some measures to reduce the risk of large scale and Multi Chain ore mining currency. However, with the attack complexity and infrastructure (such as to the center of the exchange and the operator to the center of power market) improvement, ultimately these measures may fail. Therefore, the only solution is to let all the once and for all, the use of proprietary encryption currency machine, and their algorithm must be unique and can use ASIC. However, before solve the problem in the local root, can rely on some measures of risk reduction for time.
A measure, its global availability monitoring
One of the measures is the use of monitoring every kind of encryption currency and its exchange, to help control risk. The rate of a currency by turning machine, can better predict the security situation of the currency.
The use of special vehicle currency, only need to focus on whether mining and mining machinery market is bearish reward. For example, when a currency because the mining profits are too low, resulting in the vast majority of machine shutdown, the attacker will attack the cost is relatively low, because the purchase of its attack with low cost. In addition, the relative safety of this type of currency in the face of an attack force.
For those who use ASIC or other special machine but have the same algorithm currency, you need to pay attention to each currency is force and the force of the machine finally accounted for. Generally, when a currency is accounted for more than 70%, I think it is safe; if the force accounted for between 10% and 70%, you may need to confirm the time extended to 24 hours security. Because even force accounted for 70% of the mines is likely to launch an attack and success, and confirm the 24 hour long, will attack the feasibility of greatly reduced; if a kind of encryption currency accounted for less than 10%, it is not safe. Whether to stop the currency exchange charge, depends on their ability to resist risks and other factors, but I suggest only when this kind of currency to mining algorithm is more secure, it allowed.
The use of GPU for mining the currency risk management is dependent on the computing power of operation market and mining knowledge.
Although not a lot of rigorous research, but according to my estimate, the current market size of the GPU force between 100 million -2.5 million. The key point of this figure, it is to be able to show that a currency is vulnerable to 51% attacks. Of course, not only concerned about the market force is not enough. It has been reported that some large mines had launched 51% attacks on some small currency. In particular, at least one GPU is the size of the force is about 10 million -1 billion dollars in mine, was willing to participate in the attack.
In conclusion, I suggest the hardware cost between $250 million to $50 million in currency GPU mining, 24 hour long transaction confirmation. For those smaller currencies, should prohibit charging money, because when the hardware cost is lower than 50 million, the difficulty and the cost of their attack is not very high.
With the evolution of encryption currency ecological, mining and power market will change, the risk analysis for different size and type of encryption algorithm can also change the currency. They only follow the change of the exchange, in order to make risk analysis more accurate and appropriate business decisions.
Two measures, and the mines and keep good relationship with market force
The exchange and the mines and main is to maintain good relations of force market, help to reduce the overall risk.
Hashrate trading market is the source of most of the attacks. The center is characteristic of the market, it can help reduce the risk of small scale currency attacks. Means of reducing the risk of single rental including restrictions is total, or through KYC and other means to obtain user information, especially in large-scale procurement is user information. The worst case is when the market perceives force for large-scale assault force is buying a currency, can timely exchange of warning.
Of course, experienced by the attacker, witch attacks or stolen account, to avoid monitoring market. As the center is monitoring the market deeply, also will drive users to find solutions to the center, in order to avoid monitoring. Therefore, most monitoring is only a temporary solution, but in cryptocurrencies find a better solution, it might be able to win enough time.
Also, and the mines to establish relations also be of great advantage. At least, by understanding the current situation of mining different currency exchange, can predict whether they are vulnerable to attack. Reduce risk from the point of view, I believe this good relationship with.
Automatic stop trading and address list
When the exchange detected encryption currency will be major reorganization, the encryption currency transactions should be stopped automatically when it detects double transactions, the relevant address should be automatically blacklisted. More exchanges to implement such measures as possible, not only in the implementation of the exchange transaction by double attack.
Despite the temporary cease trading help stolen funds facts, but it greatly reduces the choice of the attacker handling stolen funds. At the same time, an attacker can always predict the trend of the price of money through a massive attack, and according to the trend of large-scale trading profit. If the transaction is frozen, will reduce the potential benefits from the attacker.
Address blacklists have similar effects: it reduces the attacker’s choice. Reduce the attacker more choice means that we have more opportunities to recover the funds, also means that even if an attacker can avoid all control, they are reluctant to attack.
According to our experience, the attacker is not so skilled, also will make a big mistake. Even theoretically, when you face a perfect attacker is incapable of action, but the reality is that the attacker is not perfect. Actively hunting for the attackers to force them to commit serious errors may be very effective.
Scorched earth counterattack
Now there is a more advanced and more risky choice to deal with double attack, that attack. When an attacker creates a double encryption when trading in the currency, the affected exchange can extend the original chain through the purchase of certain computing power (that is, theoretically correct chain have enough computing power to become the “longest chain”), in order to maintain the original transaction by the attacker cover.
Of course, the attacker can attack this attack, through to extend the attack chain to deal with the exchange for the extension of the original chain. The difficulty here is that for each time point, the exchange cost more money to extend the original chain and the attacker spend more money to extend the attack chain is significant. Even if the cost exchange and the attacker has exceeded the value of the stolen money, they still need to extend the chain of their own to take money.
The attacker spent $10000 to buy the proof of work stress, stole $50000 from the exchange. At this time the attacker earned $40000, a $50000 loss on exchange. This is also the best exchange measures will cost $10000 for the recovery of the original chain long chain, so the attacker turned into a loss of $10000, and the exchange is also a loss of $10000. If we continue, we get the following results:
Round: the attacker exchange
The first round of attack: +$40000 -$50000
The first round of Defense: -$10000 -$10000
The second round of attacks: +$30000 -$60000
The second round of Defense: -$20000 -$20000
The third attack: +$20000 -$70000
The third round of Defense: -$30000 -$30000
The fourth round of attacks: +$10000 -$80000
The fourth round of Defense: -$40000 -$40000
The fifth round of attacks: +$0 -$90000
The five round of Defense: -$50000 -$50000
The six round of attacks: -$10000 -$100000
The sixth round of Defense: -$60000 -$60000
When the attacker in the attack is no longer profitable, the exchange also has lost the same amount as will not attack and face losses. With this strategy, at any time will exchange losses, but will more and more loss.
Also, this game is actually not the end state. At any time, each party has the motivation to continue trying to take back the original $50000, because every time you spend $10000 to recover $50000. This is why this strategy is called “scorched earth” – no one will win, but also accompanied by a lot of money to be destroyed.
This strategy is the value, at least in theory, exchange can prevent attackers (to) make money. If the attackers know in advance exchange will implement a scorched earth strategy, then the attack will become meaningless, but after the exchange in the affected by the initial several attacks will not be attacked.
This strategy is quite a big pain point. The attacker has great advantages in terms of preparation. An attacker can take weeks or months to prepare for an attack, but the exchange must almost immediately attack response. And, if the attacker is willing to exchange and this war, probably because the attacker has a great advantage. For example, if an attacker to optimize your code, make each round only need to spend $5000, but each round of exchange or to spend $10000. In this case, the exchange can not determine whether the attacker has the advantage.
If more than one exchange while using this strategy, there could be a problem. The exchange may end with each other (not an attacker) caused a hashrate war, according to the different exchange budget, the cost could be very high.
The last is a consideration of this strategy, which may cause huge collateral damage to the ecosystem. A lot of money and can’t really deal with the continuous cryptography of recombinant. Nodes may be down, other transactions may be lost or in (stress) may occur in the double transaction, war in general, users may face greater risks in the scorched earth war.
To sum up, I do not recommend the use of exchange strategies to resist double attack.
Developers of decision
Finally, I put forward a strategy is the developer decision, because it had been successful in some currency attacks against encryption. When the event occurred stealing coins, developers can always a hard to recover the stolen coins bifurcation. Highly centralized but this will lead to developers, and because the developer is not perfect, they may be deceived cause wrong judgment of the attack, the final error on the legitimate user account will not be returned to the attacker token token theft.
You can also sign on the block. Once a block by the developers signed, this block is permanently established, and block trading may not be double transaction. This is the history of numerous cryptographic currencies proved, but the practice itself is very dangerous. If the developer key is stolen, will happen a lot of problems. And in fact, once the developer can decide which transactions can be on the chain, they also will be affected by financial regulators relentless supervision.
Developers should keep in such things very carefully, because if a developer made a wrong decision in time to retrieve assets, signed a wrong block or allow a known terrorist organization transactions, will lead to serious legal consequences. Especially now regulators in this area quite seriously, I do not recommend this approach, as for the center of the concerns I also do not mention the.
With the continuous development of encryption currency field, we will see more complex attacks. In the next 6-12 months, most of the attacks are likely to focus on the proof of work and security is weak encryption currency double attack, but I think the attacks will increase with the development of the emerging vulnerabilities. Very difficult to design secure encryption currency, most encryption monetary and dApp are unable to ensure the safety of their project.
Because of its work force chain attacks caused millions of dollars worth of money stolen events we have deep feeling, but these are just on the first wave of large-scale community encryption currency attack.
In order to prevent further losses, we need to take measures in the short term to prevent exchange by multi chain machine is force attack. In some cases, will confirm the time increases to 24 hours is effective, while in other cases, I suggest to lock the account balance, until the encrypted currency can bifurcation to a safety chain. In the long run, the exchange needs to take a more conservative measure of risk model of encryption currency, and to exchange tokens for further investigation.
Special thanks to Ethan Heilman for review and feedback.