Fee Spike on Ethereum Classic Raises Fears of More Exchange Attacks

ethereum-classic--e1547501425138
14 January 2019

A sudden surge in transaction fees on the ethereum classic blockchain has some developers speculating whether cryptocurrency exchanges could be at risk of attack, a development that follows last week’s 51% attack in which more than $200,000 was stolen from at least one exchange.

Over the last 24 hours, average transaction fees on the blockchain rose to $6.10, up nearly 800 percent from $0.71 the day prior, the largest spike in transaction costs in the history of the blockchain according to data source BitInfoCharts.

As such, ethereum classic miners made as much as 844 ETC (or roughly $3,600) verifying transaction blocks Sunday, an unusual occurrence for the network that continues to run the original software instance of the ethereum project.

However, the uptick is one of several clues leading developers to think this may be evidence an attacker is using a known exploit to target certain cryptocurrency exchanges.

Starting as early at 11:15 AM (UTC) Sunday, one user on the ethereum classic Discord channel reported a near doubling of the hash power, or total computer power, being put toward verifying transactions and mining new blocks, a figure corroborated on blockchain analytics sites such as CoinWarz.

Another data source, GasTracker, said ethereum classic mining pool 2miners accounted for a large majority of the additional hashrate hitting up to 3,054.29 GH/s from a rough average shortly beforehand of 160 GH/s.

Though no one is able to identify who exactly is sending transactions with such high fees, there is speculation over this individual’s motives.

Tweeting out a link identifying a known vulnerability in ethereum gas tokens, Burns posits that the sender of these transactions is looking to take advantage a loophole that enables gas token creation through exchanges free of cost.

As background, GasToken is an application created last year that allows users to store and sell “gas” – the fees charged by the network for all operations, such as computing smart contracts. This comes in handy for users looking to save on costs for operations by enabling them to tokenize gas and store it when network fees are low or sell them when prices are high.

An exploit discovered by smart contract development startup Level K last October revealed that cryptocurrency exchanges who don’t place a limit on gas usage may end up being drained of funds by attackers minting new gas tokens.

Burns explained to CoinDesk:

“An exploit was found a few months ago where exchanges were paying [gas] for the exchange withdrawal. Unknown users were using this to withdraw and minting gas tokens for free [by] having the exchanges pay large amounts of gas.”

Mystery Continues

Some experts, including ethereum classic developer Yaz Khoury, agree with Burn’s analysis that this may be a GasToken exploit. But others aren’t so sure.

Speaking to CoinDesk, Anthony Lusardi explained that from a glance at Sunday’s incident, it looks to him as though “someone bought some hashrate to mine blocks and then other addresses made very high-value transactions.”

He added it’s unclear at the moment whether any money actually moved through exchanges, suggesting the activity may not be indicative of any GasToken exploit.

Similarly, founder and CEO of Bitfly – which runs the ethereum classic mining pool Ethermine – Peter Pratscher told CoinDesk:

“I don’t think the high transaction fees are related to the GasToken exploit … It is unknown if this was a mistake or an intentional measure to subsidize ETC mining pool and prevent further 51% attacks.”

This meaning that the hike in transaction fees could be thought of as a positive to the overall security of the network should they continue and actually attract more miner support to the network. Pratscher added that from the transactions he’s analyzed thus far, all “are standard A to B value transfers that do not interact with a [smart] contract.”

Indeed, the ethereum classic community is still left with many questions to answer after events last week caused massive block reorganizations.

One of the most harmful consequences of last week’s attack is that cryptocurrency exchanges have reported lost funds.

Yet, on an optimistic note, exchange Gate.io reported this weekend that about half of the money (about $100k worth) lost was returned. Since then, Gate.io says it’s taking extra precautions to secure users funds.

After having raised block confirmation times to 500 last Tuesday, the confirmation number now is 4,000 indicating a significantly longer wait period for users sending ethereum classic funds through the exchange.

Ethereum classic coin via Shutterstock