Open in app

Sign in

Write

Sign in

Conceal-Keeper: 51% Attack Protection on $CCX chain

Conceal Network
2 min readAug 3, 2019

--

Conceal-Keeper

The purpose of a 51% attack is often to use an alternate chain that the attacker is mining in private, to double-spend or cancel an existing transaction to an exchange. The attacker runs a private chain that has more than 51% of the current network hash rate and reveals the chain to the public after spending spent funds again or removes a deposit transaction to an exchange, in an attempt to get all nodes to use the alternate chain. To that end, we use a multi-pronged approach to prevent the success and the viability of a 51% attack. The four layers of protection are as follows:

Increased confirmations for exchange deposits

Since an attacker will use a 51% attack to send money to an exchange and undo that transaction in an alternate chain he is mining, the longer the exchange confirmation window, the longer the alternate chain will need to be in order to be able to replace the chain. That means n confirmations at an exchange, will need a privately mined chain larger than n to succeed.

Limit chain reorganizations to the mined money unlock window

To make the above restrictions more effective, we also restrict chain reorganizations to the mined money unlock window, which at present is 10 blocks. Now any node will not switch to an alternate chain that is longer than 10 blocks. With almost all exchange confirmations at higher levels than this, if an attacker attempts to switch to a chain that is longer, both chains, the main and the alternate chain will remain in a permanent split, with the attacker’s private chain remaining split from the main chain.

Ensure that the alternate chain contains all transactions in the main chain

Another protection is that, regardless of the length of the alternate chain, the node will not switch to the alternate chain if it does not contain all the transactions of the main chain. This also prevents switching to an attacker’s chain that is trying to undo a transaction on the main chain. This check comes into effect if the alternate chain is larger than the regular reorganization of two to three blocks.

DNS Checkpoints

We also use DNS Checkpoints to ensure that all nodes are on the correct main chain, in the event of a chain split as a result of an attack. All nodes load checkpoints from DNS during startup or whenever there is an attempt to switch to an alternate chain.

We will follow up this article with an in-depth look at how each of these components work, along with the risks and mitigation. A special thank you goes to Aiwe from Karbo who pioneered some of the techniques described in this document and took the trouble to answer all my persistent questions.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Bitcoin
Cryptocurrency
Cyrpto

--

--

Conceal Network
Conceal Network

Written by Conceal Network

461 Followers
3 Following

Privacy-protected DeFi & Encrypted Communications

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech