From liquid to balancer and from ravencoin to bitcoin gold
With gaining popularity, there come more risks. Cryptocurrencies are now used for buying cars (https://www.tesla.com), gambling (https://bitcoincasinos.reviews/) or loans (https://nebeus.com/). This all leads to hackers beeing more interested in finding security holes. A few of them will be discussed in this article.
Over the course of the last few weeks, there have been some interesting bugs and attacks on cryptocurrencies: In Ravencoin, a miner mines coins that shouldn’t exist, and in Bitcoin Gold fends off a 51 percent attack. Meanwhile, liquid sidechains unplannedly book Bitcoins under Blockstream’s control, while hackers get rich off weaknesses in DeFis Balancor and UniSwap. So we have a motley bunch of bugs.
Bugs happen every day. Where there is code and computers, there are bugs, sometimes exploited and sometimes just reported. But it gets special when there is a bug where there should not be one – in blockchains. And there is a lot to report about this from the last few weeks.
Ravencoin: Bug allows miners to collect more than the intended Coinbase reward
In cryptocurrencies, protocol regulates the creation of new coins by miners, who are usually allowed to credit them to themselves through what is known as a “Coinbase transaction.” This model, pioneered by Bitcoin, has been adopted by most cryptocurrencies, including Ravencoin, a rather uninteresting altcoin that is relatively similar to Bitcoin and has only changed small parameters such as block intervals or the mining algorithm. In early July, Ravencoin developers have now reported an “incident” (incident):
The team was notified of a “vulnerability” (Vulnerability) “that was used by unknown parties to mine RVN” – Ravencoin’s native tokens – “beyond Coinbase’s 5000 RVN per block.” The bug exploited a code change contributed from the community. Developers have been trying to close the bug without making it a big deal to prevent further incidents. The bug caused RVN coins to be mined “that shouldn’t exist” and therefore increased the total number of all RVN ever available.
The developers have informed the police and are working with them to solve the case. However, a fork that wipes out the coins again is out of the question. This is because “the RVNs were sent to an exchange and traded, so they are mixed with other RVNs and any attempt to burn them in agreement with miners and the community would cause irreparable harm to innocent victims.”
Liquid sidechain: error temporarily hands Blockstream control of 870 bitcoins
Blockstream’s Liquid sidechain is designed to help scale bitcoin by freezing bitcoins on the “mainchain” and reviving them on a blockchain other than L-BTC, which is run by a consortium of exchanges and other companies. There is a type of emergency program in place at Liquid that allows bitcoins to be recovered with emergency keys after a certain amount of time has passed. These emergency keys are owned by Blockstream.
Ethereum developer James Prestwitch accidentally stumbled upon that this mechanism had a flaw in late June. After a transaction became 2015 blocks old – the equivalent of a few days for Liquid – the emergency program started and “Liquid emergency operators can steal 870 bitcoin.” Prestwitch found this “just by accident” and therefore asks how often this usually happens.
Shortly after, Blockstream CEO Adam Back released a statement on the matter, saying that the problem was caused by an inconsistency in the timelocks of the various players in Liquid. Through it, timelocks are renewed after they have expired instead of before. Usually this is done for a short period of time, but it can happen, as it did recently, that it lasts for 40 minutes.
The problem was already known, but the fix was delayed because of Corona, he said. Finally, on July third, it was applied to the nodes of the Liquid Federation.
Bitcoin Gold: 51 percent attack through checkpoints
Bitcoin Gold (BTG) is a fork of Bitcoin that emerged fairly shortly after the fork of Bitcoin Cash (BCH). However, it is relatively insignificant compared to BCH and Bitcoin SV. Unlike those two more popular forks, it changed Bitcoin’s mining algorithm to allow miners to use graphics cards instead of Asics. This was supposed to make the Blokchain more decentralized and secure – but has already resulted in a 51 percent attack in the past.
Bitcoin Gold (BTG) is a fork of Bitcoin that was created quite shortly after the fork of Bitcoin Cash (BCH). However, it is relatively insignificant compared to BCH and Bitcoin SV. Unlike those two more popular forks, it changed Bitcoin’s mining algorithm to allow miners to use graphics cards instead of Asics. This was supposed to make the Blokchain more decentralized and secure – but has already resulted in a 51 percent attack in the past.
A 51 percent attack is THE weakness of Bitcoin, so to speak: If a miner raises more than 51 percent of the hash power, he can secretly mine an alternative blockchain and then enforce it. This way, he can send Bitcoins to someone, but also transfer them back to himself after confirmation. This attack has long been known; Bitcoin’s security is based on the fact that more than half of its miners are honest.
On July 1, Bitcoin Gold suffered another such attack. Unlike last time, however, the developers reacted promptly to catch the hacker: they released a new version of the Node software on July 2 that sets a checkpoint: a block mined by a pool known to be honest on July 2 is considered binding. This means that an attacker can no longer replace it with another block, even if it was created with more hash power. The new version was distributed to exchanges and miners, who initially suspended deposits and withdrawals. However, since the new version was not public at first, the attackers continued to work on their alternative chain, which was already 1300 blocks long on July 10. Thus, they merely wasted resources without gaining anything from the attack.
Balancer liquidity pools lose more than $500,000
Balancer belongs to the Decentralized Finance (DeFi) family on Ethereum. It is an automated market maker that pools liquidity for other DeFis to pay interest to participants. In late June, exchange 1inch reported how two pools lost at least $500,000 due to a bug.
The exploits were each triggered by an Ethereum transaction that linked different actions to different smart contracts and were so complex that each of them consumed nearly 90 percent of the gas available for a block. If you don’t understand the following attack, it doesn’t matter – just about everyone does:
The hackers first took a loan of 104,000 WETH from the decentralized exchange dYdX. WETH are “wrapped” ethers. That means they are a token that can be used by some smart contracts. The hackers then used these WETH to exchange them for STA tokens 24 times in a row. This depleted the liquidity pool’s STA supplies, which was made possible by a flaw in the pool smart contract’s transfer mechanism.
After that, the attacker repeatedly exchanged the STA for WETH. Due to the pool’s transfer fees, the pool never received STA but released the WETH. Subsequently, the attacker repaid the loan of 104,000 WETH and drastically increased his share in the balancer pool by depositing STA tokens, and then finally, as a last step, exchanged the balancer pool tokens for 136,000 STA through Uniswap and exchanged them for 109,000 WETH. This is probably how he skimmed a profit of 5,000 Ether.
The attack is so complicated that it makes you dizzy. It’s hard to imagine how anyone could come up with something like this – and even harder to plan ahead and prevent it.
Attacker spams Ethereum network
The last of the bugs of the month is also about a DeFi: about Uniswap, which was already used in the wake of the Balancer bug. Whether this is actually a bug or “just” taking advantage of a special market situation is not entirely clear. Here’s what happened:
The founder of cybersecurity firm PepperSec, Roman Storm, tweeted that someone had made a million dollars in 30 minutes on UniSwap. This, he said, was made possible by three steps: First, Storm had been waiting for news that bZrX would be listed on Uniswap. bZrX is the token of the bZr network, which is also a DeFi protocol. Second, the attacker wrote a smart contract that buys the tokens on Uniswap. Third, he spammed the Ethereum network with transactions so that others could not trade along as their transactions failed. Shortly after, he sold the tokens again. Thus, after depositing 650 Ether, he managed to stand at 2680 Ether and 300,000 bZrX tokens within thirty minutes.
The attacker certainly didn’t quite play by the rules as they were meant to be played, and he got significantly rich in a very short time. But is this a bug? Or merely a protocol that has not quite matured yet? Or even just the clever exploitation of market mechanisms, as presumably happens all the time in the stock market?
Either way, like the Balancer attack, this one shows that the DeFis enable numerous extremely complex attacks that combine the highest technical complexity with economic scenarios and attacks on the entire Ethereum network.