Early this month, privacy-focused cryptocurrency platform ZenCash suffered what’s known as a 51 percent attack. Attackers absconded with hundreds of thousands of dollars’ worth of its (ZEN) coins from an exchange. But the company is not taking it lying down.

Instead, ZenCash has released a white paper it claims provides a strategy for the entire industry to prevent such attacks, which are considered to be a significant vulnerability of blockchain technology. The paper may signal a more proactive approach to combating 51 percent attacks, which some blockchain observers expect to proliferate in light of the ZenCash event and two other, recent attacks and the relatively low cost of waging such attacks.

For those unfamiliar with the arcane lingo of the crypto world, a 51 percent attack is when malicious miners take control of more than half the nodes, or half the computing power, on a blockchain network. These bad actors can’t change existing blocks of data on a blockchain, but they can disrupt the recording of new blocks. That can halt the authentication of transactions or reverse them, making it appear that these miners still possess coins they have spent, something known as double-spending.

ZenCash’s white paper advocates an adjustment to what is known as the longest chain rule, or Satoshi Consensus, named for bitcoin’s developer.

Husam Abboud, a researcher at Brazil’s FECAP University and co-founder of PDB Capital, an investment firm focused on cryptocurrency, also writes in a 2017 study that such events can generate denial-of-service attacks “against specific transactions or addresses including other miners or pools.”

Based on a complex set of calculations, Abboud noted in his paper that someone could “profitably attack a $2 billion cryptocurrency network like ethereum classic (ETC), with as little as $1.5 million.”

ZenCash Isn’t the Only Victim

Other coins that have been hit by 51 percent attacks include verge (XVG), bitcoin gold (BTG) and krypton (KR). Such attacks inspired an episode of the TV show “Silicon Valley and have raised calls to reform the industry.

ZenCash’s white paper spells out the common method for performing a double-spend attack. It also proposes an adjustment “that makes it exponentially more costly, and hence unlikely, to launch such attacks for any proof-of-work mineable cryptocurrency system.”

“Proof-of-work refers to the kind of blockchain system underlying many popular cryptocurrencies including bitcoin (BTC). In this system, miners on the blockchain compete against one another to solve complicated mathematical problems. That’s the “work.” Miners who successfully solve a problem add a new block of data to the chain and are rewarded with fresh cryptocurrency.

ZenCash’s white paper advocates an adjustment to what is known as the longest chain rule, or Satoshi Consensus (for Satoshi Nakamoto, the name used by bitcoin’s still-unknown developer). As The CPA Journal notes, this rule means that when a blockchain is refreshing, blocks that don’t receive sufficient confirmations to be considered valid drop from the chain. Only the longest chain is left.

Old Rules No Longer Apply

“The longest chain rule, or Satoshi Consensus, worked well in the relatively decentralized environment in which it was introduced in 2009,” ZenCash’s white paper says. “Mining resources have since concentrated and dropped in cost for lease, such that the original dominant strategy of playing by the rules no longer holds for all proof-of-work (PoW) blockchains that rely on the longest chain rule.”

ZenCash’s white paper suggests introducing a penalty in the form of a “block acceptance” delay related to the amount of time that a block has been hidden from the public network. This would be measured in block intervals, not temporally.

The company says this would complicate a 51 percent attack because it would require the attackers to have significantly more resources. It would also give honest miners and a cryptocurrency’s developer an additional opportunity to react before a double-spend is finalized.

Ross Snel and James Rubin contributed to this report.
Dan Butcher
Dan Butcher is a New York-based financial writer and editor who has worked at the FT's Ignites and FundFire, SourceMedia's Financial Planning, Crain's InvestmentNews and eFinancialCareers. He got his B.A. at the University of Colorado at Boulder and his M.A. at New York University.