Zen is Antifragile: Beyond a 51% Attack
Zen was hit by a double spend, or 51% attack, this last weekend. Criminals were able to get away with just over 23,000 ZEN from an exchange. This is certainly not a good event, but there have been some big misconceptions about what it really means, what we’re doing about it, and what this means for the project in the long run.
Within the first hour of the attack, our early warning system was tripped, the response team spun up, and we worked throughout the night. We contained the damage, our exchange partners took mitigating actions, and our marketing team put out this comprehensive community update that same morning.
This is the response of a professional team that knows what it’s doing, will use this as an opportunity to improve the entire industry, and will continue to press forward aggressively on delivering our promises to the community.
Note: I’d like to correct some comments made on video late in the evening with Crypto Lark – BTG issued a response to their own 51% attack quickly via the forum and also have been collaborating with Horizen (ZenCash at the time) on the attacks, so my deep apologies for the inaccurate statement. We’d like to thank them for sharing their experiences with us.
Dispelling Misconceptions
Let’s get some facts straight about a 51% attack:
Let’s clarify some things about 51% attacks: 1) Coins aren’t created out of thin air so there’s no supply dilution, 2) these events are fraud against a specific victim (usually exchanges), and 3) your private keys you hold off exchange are perfectly safe
— Rob Viglione (@robviglione) June 5, 2018
Rob Viglione interview starts at 10:17
What We Are Doing About It
We are not the kind of team to lay down and quit. That’s just not in our DNA, so of course, we are going all out to make sure this doesn’t happen again to us, or to anyone.
Satoshi consensus imagined a more decentralized world than we have today in crypto. The vision was for every computer to be a miner and so the protection against 51% attacks back then relied on the assumption that it would be both hard to pull off and economically not the best strategy. Playing by the rules was the dominant strategy of that game.
Times have changed. Now we live in a world of ASICs, professional and well-capitalized mining farms, and with hash rate for hire services like Nicehash that can be used in lieu of spending a ton of money on your own farm to temporarily hijack a network. We’re seeing that it is now both technically feasible and economically beneficial to try your hand at a 51% attack. Success is still a stochastic outcome, so it is a gamble but as long as there’s a reasonable expectation of success, we’ll see a constant stream of unethical people trying their hands.
Double spends are not magic, they happen by attackers privately mining a sequence of blocks that they then inject into the chain all at once in a way that gives their version of “truth” higher proof of work, which then induces the rest of the network to build blocks upon the fraudulent chain. Again, this is not magic and there are some interesting ways to make private mining pointless.
Three solutions on the table currently are to
1) Require block hash pointers to n > 1 blocks whenever there are parallel blocks reported on the network.
2) Introduce a penalty metric for delayed block reporting (with a complementary option to dynamically adjust difficulty based on the penalty metric),
3) To use our node system as a sort of notarization service that effectively layers proof-of-stake on top of the current proof-of-work.
Putting It Into Perspective
Our exchange partner losing 23,000 ZEN is terrible, but the reality is that Zen has never been stronger. We have the industry’s second largest node network with almost 12,000 secure nodes, we are just over a month away from significantly increasing node rewards to 20% which will almost assuredly make Zen the hands down largest network in the industry.
We have our game theoretic voting system in prototype already, have significant core protocol upgrades ready for the next software upgrade in July, have a suite of new products readying to hit market, and are in process of designing an innovative sidechaining architecture that will open the system up as a platform to rival the biggest smart contracting systems. Also, we can’t forget about the groundbreaking blockDAG system we are working on with our IOHK partners.
The blockDAG would put our transaction throughput on par with the Visa network and involve a complete protocol rewrite; we will finally be able to stop calling ourselves a fork of a fork of a clone and acknowledge what Zen really is – a powerhouse of innovation led by a best-in-class team, supported by a passionate and devoted community.
Zen is not just a resilient system, we are antifragile!
I’m not just playing with words here. The way the team and community spun up and handled the situation was remarkable, but even better is that we learned a ton from this experience. It also has kicked off relentless engineering brainstorming to quickly and effectively kill this threat, hopefully for the entire industry.
This last year we’ve built an amazing network of human beings who have closed ranks and come together to support the project. Our partners, advisors, and those I’d simply call our friends have come forward in almost nauseating support (just kidding guys, we love you!).
Life will go on and we’re already stronger for it!
About the author
The Zen team will continue monitoring the network and conducting forensic analysis with the affected exchange. All information gathered will be provided to the appropriate authorities.
Horizen remains committed to ensuring the security of its customers’ funds and recommends that our users contact exchanges directly with any specific security-related questions. We also remains committed to providing timely customer service to our community and will provide regular updates on the situation as it develops. Please follow us on social media to receive the latest update on this ongoing investigation.