The team behind VeriBlock Blockchain has published details of a critical security vulnerability in Ethereum Classic’s MESS protocol, which it disclosed to ETC developers in October 2020, prior to the activation of the consensus technology on the mainnet.
The VeriBlock Blockchain project extends Bitcoin’s Proof-of-Work (PoW) security to the world’s blockchains in a decentralised, trustless, transparent and permissionless (DTTP) manner.
The team intentionally omitted one detail from the disclosure to give ETC devs and their community additional time to deactivate the vulnerable technology before it is exploited in the real world. The viability of the attack can be demonstrated without this detail, and the team will provide a version of the disclosure including the omitted detail to any Ethereum Classic developers who want to investigate the vulnerability further.
Following a successful 51% attack against Ethereum Classic in January of 2019 and three consecutive attacks in August of 2020, which resulted in the theft of over $5M worth of cryptocurrency, the Ethereum Classic community adopted the Modified Exponential Subjective Scoring (MESS) consensus technology on October 11, 2020, in an attempt to prevent future 51% attacks on the network.
MESS builds on a subjective scoring solution originally proposed in 2014 and expanded upon in 2016 by Ethereum Founder Vitalik Buterin.
However, the subjective nature of MESS introduced a much more damaging vulnerability, VeriBlock Co-Founder and CTO Maxwell Sanchez explained.
He said: “Subjective scoring means two different nodes can permanently disagree on the correct state of the blockchain. Our disclosure explains how an attacker could exploit this subjectivity to permanently fracture the network into disjoint partitions, rendering the blockchain unable to achieve global consensus and perpetually preventing the confirmation of transactions.”
As the VeriBlock team’s security disclosure demonstrates, an attacker can not only fracture the network but also stabilize the attack over a period of several hours to fabricate a state where Ethereum Classic can no longer converge on a single global blockchain state.
The team also noted that the vulnerability is not due to an implementation mistake or incorrect parameterisation of the protocol, but rather the fundamental nature of technologies like MESS.
Sanchez said: “At the time of discovery last October, the exploit would have cost somewhere around $10K to execute using hashing power readily available on hashrate marketplaces like NiceHash. Today, we estimate the attack could still be executed for less than $50K, and sufficient hashrate is currently available for rental to successfully pull off the attack.”
In addition to publishing the vulnerability disclosure, the VeriBlock team has also open-sourced their simulation environment, allowing anyone to run a demonstration of the attack themselves to understand how the exploit works.
Shachez explained: “While the economic motivation of a bifurcation attack is much more nuanced than a 51% attack, the existence of derivative markets where attackers could short ETC certainly provide sufficient financial incentive for this type of attack.”
The VeriBlock team also proposed VeriBlock PoP as a 51% attack protection mechanism for ETC approximately six weeks prior to the activation of MESS on ETC Mainnet, and are internally testing a testnet of Ethereum Classic using their own Bitcoin-based Proof-of-Proof security technology (in lieu of MESS) for the ETC community to test, and invites any Ethereum Classic developers interested in further understanding the exploit or anyone interested in helping test VeriBlock-Secured Ethereum Classic to reach out to firstname.lastname@example.org.
Want to learn more from executives at the heart of this space? The Blockchain IoT Solutions Congress, on November 2 2021, will explore the convergence of these two technologies and the use cases and industries that will benefit.