Edan Yago is CEO and founder of Epiphyte, a startup performing FX funds settlement on the bitcoin blockchain for financial institutions.
In this opinion piece, Yago discusses one of the biggest theoretical attacks against bitcoin, and why he believes an upcoming software change fits its definition. Follow Edan Yago on Twitter.
In bitcoin's Necronomicon of possible attacks and weaknesses, one reigns supreme – the 51% attack.
If there is a fear that has played on people's minds as the end-of-days scenario for bitcoin, it is this. Attackers who hold more than 50% of hashing power could stop transactions from confirming and even reverse some transactions. They could undermine the whole project.
Bitcoin's design and its system of economic incentives has been set up specifically to combat the destructive potential of a 51% attack. And it has worked. The 51% attack has remained a hypothetical bogeyman. Until now.
By all indication, a coordinated 51% attack will begin on, or around, Nov. 16. That's when a consortium of miners representing substantially more than 50% of the network's hashing power and an allied group of blockchain startups will seek to increase the block size.
This will require a hard fork, which while controversial, is a legitimate desire. In itself, this is not an attack.
Where it goes wrong
Specifically, the developers involved have declined to introduce replay protection.
The 2x fork will create a situation where transactions performed on one fork, can be "replayed" on the second fork. In effect, users will have funds on both blockchains, but any transaction they perform on one blockchain could lead to a loss of funds on the other blockchain.
Replay protection is a fairly easy-to-implement method to protect users from this risk. Network attacks are those actions taken with the intention of disrupting the protocol’s normal functioning. The 2x change, bereft of replay protection, causes massive disruption. This is by design.
Without replay protection in place, a minority chain becomes less likely to survive.
Question of motives
The preferred outcome for the consortium is that the status quo chain ceases to exist, that its transactions fail to confirm.
This is the literal definition of a 51% attack. If it sounds a bit bizarre to call the consortium's effort an attack, that's because it is. The consortium comprises many real supporters of bitcoin, acting in what they believe is good faith. They don't mean to be attacking bitcoin.
However, without replay protection their efforts are like an autoimmune disease, having become overzealous and perverted.
So, bitcoin is finally coming to come face-to-face with the mother of all attacks. This is a watershed moment. The very worst outcomes are bad indeed.
Transactions could grind to a halt, faith in the system could be lost, bitcoin and by extension, the entire blockchain world could prove to be far more vulnerable to attack than we hoped.
We shall overcome
However, there is also another possible, even more likely, outcome.
Bitcoin could prove resilient to the consortium's attack and emerge battered but unbroken. In so doing, bitcoin will have proven itself resilient to even its greatest foe.
It is hard to overstate how important this will be to bitcoin's perceived reliability. Bitcoin has always been haunted by the risk that its rules might come to be dictated by special interest groups or hostile, state-sponsored parties.
This risk is never going completely away, but instead of the risk being a hypothetical bogeyman, it will become a much more prosaic thing: a successfully managed risk.
The 51% attack is bitcoin's boss level. I don’t think it's an exaggeration to say that we are now at the end of the beginning. If we successfully overcome this coming challenge, bitcoin will no longer be just an experiment, it will be a fact.
But don't expect less drama — we are now entering bitcoin's adolescence.
HODL on tight, things will get hairy.
Disagree? Have your say on the Segwit2x debate. Email CoinDesk managing editor Marc Hochstein at email@example.com to pen your rebuttal.
Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which helped organize the Segwit2x agreement.
Toy monster image via Shutterstock