Responding to numerous 51% attacks on the Ethereum Classic blockchain, ETC Labs said that it's time to bring regulation to hashpower rental marketplaces, citing the fact that at least two of the attacks were perpetrated by renting hash power through NiceHash — a claim that has been confirmed by both NiceHash and ETC Labs.
ETC Labs CEO Terry Culver also shared with Cointelegraph that according to the information that was provided by CipherTrace, which was hired to investigate the attacks, the attackers used proceeds from the first attack to rent hashpower for the second attack. The latter cost crypto exchange OKEx $5.6 million in damages — the company had to reimburse its users.
The idea of using a hashpower broker to conduct an attack on a proof-of-work blockchain is not new. For instance, at a recent Unitize virtual conference, there was a panel dedicated to this topic and an earlier attack on Bitcoin Gold was discussed.
In order to learn about NiceHash’s response to the problem, we interviewed the company’s chief marketing officer Andrej Skraba. He told us that while NiceHash’s crypto exchange is a regulated entity and as such follows all proper Know Your Custome or KYC and Anit-Money Laundering procedures or AML, its hash rental business is unregulated and its users are not required to disclose their identity. We asked if the company would consider instituting such procedures in response to the attacks, Skraba responded:
This will depend totally on the European Union, what they will decide in this regard.
He also pointed out that a good analogy for NiceHash would be an Internet Service Provider, or ISP, that simply delivers data packets:
NiceHash can deliver packets of data to mining pools and these packets of data can be described as hash power. <...> So if we really want to be built a truly decentralized world, we cannot impose limitations on this traffic.
He added that it is very difficult for a broker like NiceHash to detect such attacks as they happen. It be even more challenging to prevent them from happening in the first place. Skraba admitted that instituting proper KYC and AML would help reduce the risks. However, in his opinion, it would not solve the issue:
You can always use fake KYC. So it would help, but it would not stop. It would not stop at all.
Currently, ETC’s hashrate stands at 1.4 Th/s. Meanwhile, NiceHash marketplace has almost 10 Th/s available for rental, which is seven times the current amount of hashpower protecting the network.
ETC hashrate. Source: BitcoinCarts.
Skraba said that NiceHash has introduced ETC Labs to their platform. Though they were not previously familiar, ETC Labs now intends to use their services for defensive mining:
We have introduced them to our service because before they were not aware of how NiceHash works. And they have also publicly stated that they will use defensive mining.
The idea behind defensive mining is to use a broker like NiceHash to increase the network’s hashrate in order to make potential attacks prohibitively expensive.
Although regulation may reduce the likelihood of future attacks, this is more of a long-term plan. Not only does it take time for the appropriate legislators and regulators to come up with a proper framework, but in the case of hashpower brokers, it would have to be global to be effective. For example, NiceHash is based in Slovenia. If the local government or the EU enacted a regulatory framework affecting its business, the company could easily relocate to an unregulated jurisdiction. The decentralized and virtual nature of the business makes physical location irrelevant.
Other solutions that are being discussed by the ETC community include a checkpointing system (that would manually prevent future attacks), switching to a different hashing algorithm, and finally, strategic moves like the institution of a decentralized treasury.
Some believe that the last attack was conducted by ETH miners. As the two forks use the same DaggerHashimoto hashing algorithm, and ETH enjoys a considerably higher hashrate, it would be rather easy for ETH miners to attack the less fortunate fork. Tomorrow’s ETC developers’ call will be dedicated to discussing the checkpointing system proposed by IOHK.