Latest update 8 June 2018 14:01 EDT. [FAQ section added]
The Zen network was the target of a 51% attack on 2 June at approximately 8:26 pm EDT (03 June 00:26 hrs UTC). The Zen team immediately executed mitigation procedures to significantly increase the difficulty of future attacks on the network.
Sequence of events:
- 6/2 (2026 EDT) – Received warning of potential attack from one of our pool operators
- 6/2 (2034 EDT) – Immediately initiated investigation and evaluated hash power distribution
- 6/2 In parallel, contacted exchanges to increase confirmation times
- 6/2 (2042 EDT) – Investigation showed that the suspect transaction was a double spend
- 6/3 – present – In progress: Additional forensics and jointly investigating with the affected exchange
- 6/3 (0900 EDT) – Released this official announcement about the attacks(edited)
- 6/4 (1150 EDT) – Released new finding on the investigation
- 6/6 (0946 EDT) – Co-founder, Rob Viglione, issued statement responding to the attacks and dispel misconceptions
A 51% attack or double spend is a major risk for all distributed, public blockchains. All Equihash-based networks are exposed to an influx of new Equihash power and therefore the best short-term mitigation strategy is to recommend that all exchanges increase their minimum required confirmations to at least 100.
WHAT WE KNOW SO FAR
At the time of the attack the Zen network hash rate was 58MSol/s. It is possible that the attacker has a private mining operation large enough to conduct the attack and/or supplement with rental hash power. Net hash rate is derived from the last mined block and therefore live hash rate statistics are not available.
The suspect pool address is
znkMXdwwxvPp9jNoSjukAbBHjCShQ8ZaLib. Between blocks 318165 and 318275, the attacker(s) caused multiple reorganizations of the blockchain, reverting 38 blocks in the longest reorganization. In block 318204 and 318234 the attacker(s) performed double-spend attacks.
Note: Bittrex had transaction confirmation of 150 prior to the attack and therefore was not the target of the attack.
1st Double Spend – 3,317.4 ZEN (new finding)
In orphaned block
Included in attacker block
2nd Double Spend – 6,600 ZEN (previously believed to be the first double spend)
In orphaned block
Included in attacker block
3rd Double Spend – 13,234.9 ZEN (previously believed to be 2nd double spend)
In orphaned block
Included in attacker block
The suspect exchange deposit address is
- Is my money safe?
Increasing required confirmations to 100 makes another attack highly unlikely, however, if you have any specific concerns about the general security of exchange platforms, please contact the exchange directly. As always, we recommend that users store their funds in wallets that they control such as cold storage with something like a Ledger Nano S or paper wallet.
- Did the ZenCash (ZEN) coin supply change due to the 51% attack?
No, the supply of ZEN remains 21 million. No additional ZEN was created as a result of this attack. The attacker effectively stole 23,000 ZEN from an exchange partner. The attacker effectively tricked the exchange into giving them $600,000 equivalent from the exchange for ZEN that they did not spend. The overall supply has not changed.
- Was ZenCash hacked?
No, ZenCash was not hacked. Computer hacking refers to the practice of modifying or altering computer software and hardware to accomplish a goal that is considered to be outside of the creator’s original objective. Proof-of-work is intentional design and proposed solution for double spend from creator of Bitcoin – Satoshi, with its weakness (51% attack) clearly explained. A 51% attack is possible with any PoW coin and some instances of PoS. Meaning all PoW coins are susceptible to this type of attack.
- What is a 51% attack?
A 51% attack is when a malicious miner acquires sufficient hash rate to inject fraudulent blocks to a blockchain. The typical attack profile is the criminal will privately mine a sequence of blocks, send a valid transaction of his own funds to an exchange, trade that cryptocurrency for another and withdraw funds, then inject the sequence of fraudulent blocks into the chain that invalidate his previous transaction. Key points here are that no new coins are created, and it is only the criminal’s own coins that he can manipulate by reversing a transaction. Everyone else’s coins are safe in that their private keys are secure and completely independent of this type of attack. The bottom line is that this type of attack is an instance of fraud against a specific victim that is conned into believe a transaction has occurred when it will simply be rescinded by the attacker.
The ZenCash chain experienced a 51% attack, which is a legacy threat from proof-of-work consensus. What happened was the attacker sent a transaction mined from a private chain onto the legitimate chain, then isolated their own attack chain where they double spent the same inputs. This attack chain was then mined longer than the legitimate chain, and once they had a long enough chain, released the attack chain. Due to consensus rules, inherited from bitcoin, it was the longest chain so it became the new chain and all of the blocks mined on the previous legitimate chain were orphaned. This is not a hack, but more of the way the inherited bitcoin consensus works. We are looking to change this.
- Was new ZEN created during the attack?
No, no additional ZEN was created as a result of this attack. See question #2 for more details.
- Were my private keys hacked as a result of the attack?
No, your private keys are safe. At no point during this attack were anyone’s private keys at risk of being compromised. The ZEN blockchain was not hacked, the attacker simply exploited the consensus mechanism that we share with Bitcoin (BTC) in order to trick an exchange into handing over a large volume of currency in exchange for ZEN that they fraudulently represented as deposited.
To put it simply, one of our exchange partners was robbed.
- Is ZenCash considering PoS?
We would be irresponsible not to consider proof-of-stake (PoS), but as of now have no design plans in works. If we were to ever go down this architectural path, we’d want extensive R&D, community feedback, prototyping, and rigorous testing. We’re quite a bit away from that at the moment.
- What steps are being take to mitigate another 51% attack？
Three solutions on the table currently are to
1) Require block hash pointers to n > 1 blocks whenever there are parallel blocks reported on the network.
2) Introduce a penalty metric for delayed block reporting (with a complementary option to dynamically adjust difficulty based on the penalty metric),
3) To use our node system as a sort of notarization service that effectively layers proof-of-stake on top of the current proof-of-work.
- Why was there a successful attack if ZenCash is so decentralized?
This attack is possible against proof-of-work (PoW) coins, no matter how minable. The ease of acquiring Equihash mining power recently has drastically reduced the cost of this attack. To be clear, we are typically the second or third most heavily mined Equihash coin, so it’s not like we are a tiny project with no hash rate. The cost of executing these attacks has simply collapsed to the point where they’re increasingly feasible for what were previously thought to be acceptable block confirmation intervals. In the near term, we have to encourage industry practices to increase minimum block confirmations before considering transactions immutable, but in the intermediate term we should be looking to improve Satoshi consensus to make these attacks technically infeasible.
- Why did ZenCash not prevent the attack?
ZenCash were aware of an increased risk of a 51% being carried out against an Equihash coin due to the huge volume of cheap hash power that is available from sites like NiceHash. The attacker mined in private which meant that they were undetectable until they started broadcasting their illegitimate chain to our network. As soon as the attack was recognised, our entire team sprung into action and immediately notified all of our exchange and business partners in order to make another double spend considerably more difficult to accomplish.
11. If ZenCash has such a large secure node network, why it was still attacked successfully?
Secure nodes aren’t meant to protect against 51% mining attack, they add different stakeholder group to new coin emission which reduces 51% attack on our stake voting system. We are also building sidechains running on nodes, and layered TLS into them for added privacy.
If you still can’t find your answer, please ask your question in the comment section below.
The Zen team will continue monitoring the network and conducting forensic analysis with the affected exchange. All information gathered will be provided to the appropriate authorities.
ZenCash remains committed to ensuring the security of its customers’ funds and recommends that our users contact exchanges directly with any specific security-related questions. ZenCash also remains committed to providing timely customer service to our community and will provide regular updates on the situation as it develops. Please follow us on social media to receive the latest update on this ongoing investigation.