Double Spend Attacks on Exchanges

How to prevent double spending attack?

You are safe if you don’t receive coins from the attacker (or anyone you don’t know). Usually the targets attacks are Exchanges.

Otherwise you should:

  1. Be really careful about large transactions
  2. Wait for enough confirmations
  3. Watch the known attacker’s patterns and be prepared

What’s a large transaction?

It depends. The amounts of the observed double spending transactions are from ~8000 BTG to ~12000 BTG. So each time the attacker succeeds, the exchanges lose that amount.

The attacker needs to spend some money to to mine enough block to perform the 51% attack. In order to revert n blocks, the cost should be around (n+1) * 12.5 BTG, where n is the confirmations required by the exchange. A 21 block attack will cost around 262.5 BTG.

Besides the money stolen by the double spending, the attacker may also get back close to 90% of the cost after a successful attack because the mining rewards will belong to the attacker (and can be moved after 100 more blocks have passed.)

Given the cost of a (successful) attack is effectively (n+1) * 12.5 * 10% BTG (or 26.25 BTG for 20 confirmations) is relatively small, the definition of a “large transaction” is mostly up to the exchange.

However, the attacker also takes some risks. When the attack fails, all the cost to mine the private chain will be lost. That will be around (n+1)*12.5 BTG. If the exchange is aware of the attack, they may also freeze his account, so that all the funds will be locked inside the Exchange. A failed 21 block attack performed with a 10,000 BTG deposit where the Exchange freezes the account in time will result in a 10,262.5 BTG loss for the attacker.

How many confirmations should we wait?

The largest observed attack reverted 22 blocks. We advise raising confirmation requirements to 50 at this time, and for special attention to be paid to large transactions.

Higher confirmations don’t merely raise the cost of the attack, but also force the attacker to spend much more time, which means more time to detect the attack and to respond.

What’s the pattern of the attack?

We know the attacker’s address:

  • Funds: GTNjvCGssb2rbLnDV1xxsHmunQdvXnY2Ft
  • Receive mined coins: GXXjRkdquAkyHeJ6ReW3v4FY3QbgPfugTx

When an attack begins, the attacker goes through the following steps:

  1. Begins to mine his private chain, and send his coin to himself, using enough hashrate to keep the private chain longer than the public blockchain
  2. At the same time on the public blockchain, send the same coin to an Exchange
  3. Wait for enough confirmations for the Exchange to accept the deposit
  4. Quickly sell the BTG on the exchange for other coin(s) and immediately withdraw
  5. Wait for the withdrawal of other coins to be broadcast
  6. Release the private blockchain to the network, causing a re-org where the BTG were never sent to the Exchange in the first place.

Because the private blockchain is longer than the public one (which is possible with more than 51% of the hashpower), the existing blocks will be reverted, and replaced by the privately mined blocks. The deposit to the Exchange will never have happened, being replaced by the transaction to the attacker himself.

Be aware of any transaction related to the above known attacker’s addresses.

1 Like