I was not feeling too well yesterday. With some effort, I put on my shoes and I went to buy some aspirin at a small local supermarket. I go to the gym with the owner, so I stuck around to chat a bit. A man approached the counter, and he took out some cash from his wallet. The €50 bill he gave her looked incredibly new. I remember thinking it almost looked fake. He seemed to be in a hurry, and was out of the store before we knew it. We didn't really think ill of it. Were we wrong?
Turns out it wasn't all good. She called me the same evening, saying the bank didn't accept the bill. It turned out it was a fake. I find myself in a tough dilemma. Who is actually responsible? The person who paid with a fake? The person who created the fake (who may even be the same person)? The government, for making forgeable bills? The lady, because she didn't check well enough?
We are in this situation right now with a large number of cryptocurrencies. Users command exchanges quickly accept their deposits without any hassle (pressure), exchanges don't check deposits as well as they should (opportunity) and there's low hashrate networks combined with attack-rent services like NiceHash (means). Combined, these factors create the perfect mix for a double-spend cocktail.
What can you do?
Everyone involved can do something to minimize risk and protect our industry. It doesn't matter if your favorite project is "immune". It's about protecting the exchanges that give you your capacity to trade. It's about finding solutions for tough problems that benefit us all and most of all, it's about protecting the idea behind and image of our industry.
I personally believe the biggest part of the solution (the quick-fix if you wish) lies with the exchanges. They are also the usual targets, which is why I will start with them.
Exchanges
Exchanges play a big role in making cryptocurrency available to the world. Although many tactics we've seen over the years could be considered a bit questionable, they undoubtedly have an important role. I want to ask all exchanges to move forward very carefully and think about the good of our industry. Your image, behaviour and fame are directly tied to the image of the cryptocurrency industry (and subsequently your long-term profit too).
I want to address the confirmation requirements. Most exchanges (if not all), allow crypto deposits with very unsafe confirmation requirements. I have seen confirmation requirements of just a couple of blocks on networks where double-spending on a couple of blocks would be rather trivial. This became more of an issue recently, with NiceHash allowing for attacks on smaller networks. It doesn't necessarily just have to do with the security of those cryptocurrencies involved, but rather with how you handle deposits as an exchange. Cryptocurrencies with larger networks simply need fewer confirmations, making them faster for your use-case. Smaller cryptocurrencies will need more confirmations to get the same level of security.
Security and speed are not some magical quality of cryptocurrencies that you can turn on by writing some code (or leaving some out). Security is a direct result from the energy spent on that network. That's a feature of most cryptocurrencies. Simple as that.
how should you handle deposits?
I encourage exchanges to increase to confirmation requirements for most coins on most exchanges. I personally wouldn't mind waiting a bit longer for a safer exchange. You can for example set a standard high amount of minimum confirmations. Bittrex recently did this by setting confirmations to 300 for Vertcoin. This is however a bit extreme for tiny deposits.
A much more customer-friendly way to secure deposits can be achieved by creating a relative increase in confirmations needed depending on the amount deposited and the cost to attack the network. Here's an equation by Vertcoin's James Lovejoy that shows how that would look in practice.(x / c) * y + b
x = Value of deposit
c = Cost of owning the network for 1 hour
y = Number of blocks per hour
b = Base
The cost of owning the network comes from the available hashrate that you can rent through services like NiceHash. If there is enough hashrate available, the cost can be calculated by looking at the cost to rent a majority hashrate share for an hour. This is dynamic process that requires re-evaluation in real-time.
You can set the base (minimum number of confirmations) depending on the network size, so smaller network mean a higher base. This value is completely subjective, and could be left out if you please. However, the base helps protect you from large volumes of transactions that may be related to a double spend, whereas the rest helps you scale the number of confirmations for protection against double-spend attempts with bigger transactions.
Furthermore, you can keep an eye out for a high volume of smaller transactions in the network, especially if they are directed at the same account. It is also important to keep an eye out for when a lot of low activity or new accounts accounts are suddenly making a lot of deposits at the same time.
No doubt, securing an exchange is much harder than it seems. But in the end, these basic measures take you a long way in protecting yourself against double-spends.
What about the users?
Everyone in the community holds some responsibility for this. Why do you think exchanges choose these incredibly insecure confirmation requirements?
Exchanges allow for low confirmation requirements because it gives them business. We, as users, are simply looking for the fastest exchanges with the lowest fees and the most volume. Sure, the exchanges may lose a couple of grand in some attack, but they'll make up for that with the business their amazing speedy system provides. It's in the nature of the free market to pick the best solution right? The problem is that we may be evaluating "best" with the wrong variables!
or security?There is no complex answer here. We can all help protect the network by mining. We should also stop demanding deposit speed as an essential requirement for the use of an exchange or the trading of a currency. Demand security. Help them keep up the immutable name of crypto!
"Rent an attack" services
This is an issue that has come up more often lately. NiceHash, a hashrate marketplace, has been used to facilitate attacks on a wide variety of networks. Some argue these attacks are an effect of the free market, others say NiceHash is facilitating the participation in illegal activity (hacking). It's probably a bit of both. Either way, we should certainly look at NiceHash very critically here. What they are doing is very questionable. I hope honestly hope this doesn't happen but I wouldn't be at all surprised if their approach is going to get them (or their customers) to end up in a courtroom soon.
NiceHash should focus on how they can prevent attacks on networks. NiceHash argues that such an approach would be against their open-marketplace idea. I however think that it totally fits the idea of a free market. Problems arise, thus we create solutions.
versus longterm
So what could they do? I believe NiceHash should focus on ways that encourage people to spread out their hashrate to multiple pools. Maybe they could even enforce KYC for large orders. Their service is meant as a way for users without equipment to be able to mine some crypto, and for people with equipment to rent it out and get a higher return on investment. It was never meant as a way to create attacks on cryptocurrencies and exchanges. It should therefore stop catering to that idea.
It's clear we can all do a little something. We should stop demanding speed over security. We should focus services on real people, not on making money from attacks. Every service should strive to add value to the cryptocurrency market, not remove it.
Help secure our networks and most of all, help give crypto the immutable image it deserves.