Lightning Labs team discusses Lightning Network in AMA with OKEx community
OKEx Responds to Ethereum Classic 51% Attacks, Reveals Its Hot Wallet System — Incident Report
Earlier this month, Ethereum Classic (ETC) experienced two separate 51% attacks that caused confusion in the ETC community and raised questions in the industry around the security of the network.
During the first attack, on Aug. 1, the attacker(s) used OKEx to perform several ETC trades. The ETC that the attacker(s) traded on OKEx became invalid when the attacker(s) accomplished a double-spend on the Ethereum Classic network. The lost ETC was reimbursed in full by OKEx — as is the exchange's user-protection policy in such cases — resulting in no losses to users.
Following the first incident, OKEx promptly halted deposits and withdrawals of ETC. This ensured that OKEx users and the exchange were not affected in the second attack on the network, which took place on Aug. 6. OKEx has suspended ETC deposits and withdrawals until the network is deemed stable again. The exchange also plans to increase confirmation time for ETC deposits and withdrawals accordingly, to avoid similar incidents in the future.
After a deep investigation into the nature of the attacks and OKEx's response to them, the exchange has created this detailed incident report to share with the community what exactly happened and how OKEx responded to prevent losses to users.
What is a 51% attack and double-spending?
In proof-of-work blockchains, like the Bitcoin or Ethereum Classic networks, the miners that provide the majority (>50%) of the mining power need to work in a decentralized way in order for the core features of the blockchain to function as expected. If a single malicious miner or group of miners were to gain control of more than 50% of the mining power on the network — in what is known as a 51% attack — then they would be able to alter historical blocks and reverse transactions that they initiated.
The attacker(s) could thus create a new chain of transactions stemming from the altered block in a process otherwise known as a “chain reorganization." If the blockchain is manipulated in this way, cryptocurrency can be, essentially, duplicated in what is known as a "double-spend."
On a highly robust, decentralized blockchain with a significant hash rate (like Bitcoin), this type of attack has been deemed virtually impossible, due to the prohibitive cost of such an endeavor. But blockchains with lower hash rates, like Ethereum Classic, are more vulnerable to such attacks.
What happened to the Ethereum Classic network and how was OKEx involved?
In order to provide full transparency around the first Ethereum Classic attack — during which the attacker(s) traded on OKEx — the exchange has documented the process in detail below.
Preparing for the attack: ZEC-ETC trade
According to OKEx's findings, from June 26 to July 9, 2020, the attacker(s) registered five accounts in preparation for double-spending ETC. All five accounts passed through OKEx's Know Your Customer protocols, passing to the platform's second and third KYC levels, which allow for increased withdrawal limits.
From July 30 to July 31, 2020, the five newly registered accounts deposited 68,230.02 ZEC onto OKEx in multiple transactions.
On July 31, the attacker(s) exchanged the full sum of deposited ZEC for ETC on OKEx's spot market.
ETC withdrawn from OKEx to external wallets
Next, the attacker(s) withdrew the newly purchased ETC from OKEx to multiple external ETC addresses, withdrawing a total of 807,260 ETC — worth approximately $5.6 million at the time.
The first 51% attack and double-spend
Below is a visual representation of how the attack on July 31–Aug. 1 took place, provided by community enthusiasts and verified by OKEx.
On July 31, after trading ZEC for ETC on OKEx and then withdrawing the ETC to external addresses, the attacker(s) began the 51% attack of Ethereum Classic's blockchain in full. The whole operation can be broken into three stages: 1) the creation of a "shadow chain" or a secret, alternate chain to ETC's mainnet, 2) the actual double-spend and 3) the deep chain reorganization that resulted in losses to OKEx.
Creating a shadow chain
On July 31 the attacker(s) — having purchased enough hash rate to gain majority control of the ETC network — began to mine blocks on the Ethereum Classic network from block 10904146, which was mined at 16:36:07 UTC. The attacker(s) did not broadcast the newly mined blocks to other nodes, creating a so-called shadow chain that only the attacker(s) knew about.
When the shadow chain was initiated, it included the 807,260 ETC that the attacker(s) had previously purchased on OKEx and withdrawn to external addresses. So, at this point, the transaction history on both the ETC mainnet and on the secret ETC shadow chain was the same.
The attacker(s) then deposited the 807,260 ETC back to OKEx again, a transaction that was confirmed on the ETC mainnet. However, the attacker(s) manipulated that same transaction on the shadow chain, making the destination of the 807,260 ETC a second shadow chain address of their own, instead of an address on OKEx.
The conclusion of this process was that the attacker(s) successfully completed a double-spend: the 807,260 ETC was both moved to OKEx on the ETC mainnet and remained on the second wallet address on the ETC shadow chain.
Deep chain reorganization
The attacker(s) then traded the mainnet ETC on OKEx for 78,941.356 ZEC, again via spot trading. They then withdrew the ZEC to multiple external addresses (see below).
Once the ZEC was withdrawn from OKEx and the transactions were confirmed, the attacker(s) broadcast 3,615 ETC shadow chain blocks to the ETC mainnet. These shadow chain blocks included the transaction of 807,260 ETC that had been sent to the personal address of the attacker(s), not the transaction sent to an OKEx address.
Because the attacker(s) held the majority of the ETC hash power at the time, they were able to mine new blocks quickly and the shadow chain had a height of 10907761, which was longer than the ETC mainnet.
After what appeared to be inefficient communication with other participants in the larger crypto community — including exchanges like OKEx, wallets and ETC miners — the ETC community at this point made the decision to move to mining the now-broadcasted shadow chain, given that it was longer than the original mainnet.
This directly caused the ETC on OKEx that the attacker had traded for ZEC to be rolled back. In this way, the attacker(s) completed the first 51% attack.
OKEx's response and next steps
As a result of the double-spend carried out by the attacker(s), OKEx suffered a loss of approximately $5.6 million in ETC, as this ETC was rolled back in the confusion around the existence of two competing ETC chains. The loss was fully borne by OKEx, according to its user-protection policy, and did not cause any loss to the platform's users. The ETC that users have deposited on OKEx remains safe.
OKEx's response to the attacks against Ethereum Classic can be broken into two phases: the immediate response and the long-term response. In terms of its immediate response, OKEx, again, reimbursed traders holding the rolled-back ETC to ensure that no user funds were affected. The exchange also suspended deposits and withdrawals of ETC to prevent further losses, as mentioned above.
In other proactive, immediate steps, OKEx has also blacklisted the addresses that the exchange identified as being used by the attacker(s). The exchange has also suspended the five accounts associated with the attack to prevent further incidents.
In terms of more long-term responses, OKEx will continue to independently investigate the five accounts associated with the ETC attack.
OKEx also plans to increase confirmation times for ETC deposits and withdrawals in the future in order to guarantee a more secure and smooth trading experience for its users.
Additionally — given OKEx's responsibility to protect users from similar incidents that threaten the security of their funds — the exchange will consider delisting ETC, pending the results of the Ethereum Classic community's work to improve the security of its chain.
Following the first incident and confusion in the media — which in some cases first reported the attack as an accident, following the lead of ETC developers — reports surfaced mentioning that OKEx wallets had been involved. As OKEx has clarified in the above report, the exchange was only involved in that the attacker(s) used the exchange to purchase and trade ETC.
As for why the attacker(s) chose OKEx in particular to purchase and trade their ETC, the most likely reason is liquidity. OKEx provides excellent ETC liquidity, seeing some of the largest ETC transaction volumes in the industry. This just means that the attacker(s) likely calculated that they would be able to relatively easily and promptly trade large amounts of ETC on OKEx.
OKEx reveals its hot wallet system
OKEx's mission is, first and foremost, to operate as a transparent and trustworthy blockchain service company, providing users with secure and diverse digital asset trading services. The exchange previously shared its cold wallet system, revealing that 95% of users' funds are stored in cold wallets.
Following the incident with Ethereum Classic, the exchange has decided to also reveal its hot wallet system to give users and the wider crypto community more transparency into how funds are stored and transferred on OKEx.
By deploying its Online and Semi-offline Risk Management systems, Semi-offline Multisignature services, big data risk management systems and other protection mechanisms, OKEx's hot wallet system has been running stably and smoothly for years. Below is a detailed depiction of how the hot wallet system works and descriptions of both deposit and withdrawal processes.
OKEx's hot wallet tracks all transactions on the blockchain via the Blockchain Gateway Service. When the system detects a transaction that includes OKEx addresses, it passes it to the Vault System, which records the transaction in a secure database and sends the user’s deposit information to OKEx's Online Risk-Management System to check the validity of the address.
For transactions that are being deposited onto OKEx, the Online Risk-Management System then checks the validity of the funds, as well as deposit frequency and amount.
If the deposit transaction fails to pass the system’s risk-control checks, the funding to the given user's OKEx account will be delayed by the Treasury Service. If the transaction passes all of these checks, the user's account will be credited in near real time.
In regard to withdrawals from OKEx, the Online Risk Management System checks withdrawal frequency, as well as for abnormalities in profits and account behavior.
The withdrawal transactions that pass the above checks of the Online Risk-Management System will be sent to the Vault System. This system then automatically creates an unsigned transaction. This transaction is then sent to the Signature Task and then passed to the Semi-offline Multisig stage via a special network communication protocol for signatures.
This process is not an ordinary TCP/IP communication protocol. We define this communication as a semi-offline signature service, in which it is practically impossible for an attacker to obtain the private key on a semi-offline server via an online attack. On the other hand, the semi-offline servers cannot be compromised even if they are physically attacked, as the private key is stored in the server's RAM, making it impossible for hackers to access.
OKEx's hot wallet system also has a second layer of risk management: Semi-offline Risk Management. This second system will also examine the unsigned transaction to see if its frequency or amount is abnormal, according to the system's regularly updated database.
Only when the unsigned transaction in question passes all of the Semi-offline Risk Management checks will it be signed (multisig) and returned to the Vault System. Then, the now-signed transaction will be passed to both the Treasury Service and the Blockchain Gateway Service to be broadcast to the appropriate blockchain network.
If an unsigned transaction fails any risk checks, the Semi-offline Multisig stage will delay/refuse to sign the transaction and will send a report to the Online Risk Management System.
Via the above processes and protocols, the OKEx hot wallet system is able to suspend large withdrawals by malicious users within a short time span and prevents the platform from experiencing online system attacks.
A combination of the above checks via OKEx's Online and Semi-offline Risk Management systems is, in most cases, able to successfully thwart all online attacks. In the case of the ETC 51% attack, the system worked as designed, given that the security breach happened on the side of the Ethereum Classic blockchain.
Looking ahead: User protection and a safe blockchain ecosystem
The blockchain industry is developing at a relatively fast pace, with the total market capitalization of all crypto assets exceeding $360 billion, as of Aug. 12. Security issues in the emerging space have, naturally, accompanied the industry as it grows. These historical incidents have shown the community that blockchain-based infrastructure, like all technology, needs consistent upgrade and optimization to function properly and securely for their users.
A report from the United States Federal Trade Commission this January stated that overall losses from fraud in traditional finance amounted to more than $1.9 billion last year, up from more than $1.48 billion in 2018 — a 28% surge. As crypto is still very much a nascent industry, OKEx takes these early, relatively small-scale incidents very seriously and also sees them as an opportunity to learn, improve its systems and help push the industry forward.
Looking at the recent Ethereum Classic incidents in particular, it is evident that this breach in the blockchain's secure functioning was due to a common problem with PoW blockchains that have low global hash power. These networks are inevitably vulnerable to 51% attacks, as it is relatively inexpensive for a miner or group of miners to gain control of the network's hash power. This is certainly not limited to Ethereum Classic, which experienced a similar attack just last year. Other blockchains, such as Bitcoin Gold (BTG), have suffered such attacks in the past.
Though these types of attacks are an industry-wide problem that need to be addressed by the teams and communities behind each affected protocol, OKEx believes that digital asset exchanges play a major role in protecting users' assets in these types of incidents.
OKEx strives to provide a holistic, multi-asset trading platform while simultaneously protecting users from vulnerabilities that can arise in situations out of the realm of its control. The exchange will continue to do its best to ensure the security of users' funds, improve its security systems, and provide stable and safe trading services to all users.
Telegram group (English): https://t.me/OKExOfficial_English
Telegram group (Russian): https://t.me/okexofficial_ru
Disclaimer: This material should not be taken as the basis for making investment decisions, nor be construed as a recommendation to engage in investment transactions. Trading digital assets involve significant risk and can result in the loss of your invested capital. You should ensure that you fully understand the risk involved and take into consideration your level of experience, investment objectives and seek independent financial advice if necessary.