$1.5m Double Spend on BCH Shows the Dangers of Forks
Bitcoin Cash was recently the victim of a sophisticated attack in which 3,392 BCH appear to have been double-spent, equivalent to $1.5m. According to a research report released by BitMex on 24 May, the Bitcoin Cash blockchain experienced a number of issues following its planned hardfork on 15 May.
‘The 15 May 2019 Bitcoin Cash hardfork appears to have suffered from three significant interrelated problems. A weakness exploited by an “attack transaction”, which caused miners to produce empty blocks. The uncertainty surrounding the empty blocks may have caused concern among some miners, who may have tried to mine on the original non-hardfork chain, causing a consensus chainsplit. There appears to have been a plan by developers and miners to recover funds accidentally sent to SegWit addresses and the above weakness may have scuppered this plan. This failure may have resulted in a deliberate and coordinated 2 block chain re-organisation. Based on our calculations, around 3,392 BCH may have been successfully double spent in an orchestrated transaction reversal. However, the only victim with respect to these double spent coins could have been the original “thief”.’
The episode – which was not a 51% attack – illustrates at least two things.
Firstly, when this kind of issue occurs, it is going to be hard to sell blockchain-based money to the public and financial institutions. ‘It’s absolutely secure – except when it’s not’, is the message. Worse, ‘We don’t know where the vulnerabilities lie’. Cryptocurrency is still very much in its infancy and – even if, in this case, the only victim was the original thief – it’s not much consolation when something unexpected happens. People don’t like the unpredictable when it comes to their money. They want stable and boring – or if there’s going to be risk, they want it on their own terms.
Fork infrequently, fork carefully
The second thing it shows is that hard forks should not be undertaken lightly. They are by definition a change in the rules, and change always opens up uncertainty. In this instance, it allowed a miner to attack the chain. It does not appear that the consequences were particularly severe but, once again, this won’t be much consolation to those who use Bitcoin Cash and know that it could have been much worse.
Integrity and immutability are core benefits of blockchains. Remove these and, at a stroke, you dramatically diminish their value. A hard fork, especially a badly-planned and executed hard fork, is open season for attackers.