ETC and PirlGuard Cybersecurity Plan
Last updated
Last updated
Security is paramount to Ethereum Classic. In response to the recent cyberattacks, we are developing a robust and strategic plan to move ETC forward. As custodians of a public blockchain, we are determined to protect the integrity of the ecosystem. We are investing more resources, human and financial resources to increase security, strengthen the network and ensure a bright future for ETC.
The cybersecurity plan includes (1) the immediate actions we are taking to prevent attacks; and (2) some long-term changes, currently in development, that could be rolled out in 3–6 months.
See also: Core Devs Presentation(Ethereumclassic): ECIP-1092 Pirlguard Presentation and Q&A
We are taking some immediate steps to guard against attacks. This provides new layers of security for the network. Including:
Defensive mining through cooperation with miners and mining pools to maintain a more stable hash rate and increase the hash rate as needed.
Advanced network monitoring to identify anomalies and spikes in excess hash rates and prices across mining pools.
Work closely with exchanges on whitelisting addresses and setting secure confirmation times.
Implement the “Permapoint” final arbitration system developed by ETC Core Team to actively prevent chain reorganization while maintaining consensus among nodes.
See also: https://coin68.com/ke-hoach-an-ninh-mang-cua-etc/
There are different types of proposals currently in development for permanent fixes, all of which require community consensus to proceed:
Increases attack resistance by 51%. This can be achieved with features like check-pointing or PirlGuard. These can be done through a hard fork about 3 months after the spec is complete.
Change the proof-of-work mining algorithm. The two alternatives under consideration are Keccak-256 or RandomX. These can be done through a hard fork in about 6 months, as long as the testing is completed successfully.
Support for making such changes, through MINERVOTE for example.
Introduce the treasury system, if community consensus is reached.
Increase resistance to attack
The community of Ethereum Classic is looking at several options to increase resistance to 51% attacks, which can be implemented in about 3 months. While these alone won't prevent attacks, they will be part of a series of upgrades on ETC. One option is PIRLGUARD, developed and recommended by the Pirl community (Source: PIRLGUARD — Innovative solution against 51% attacks). ECIP-1092 says that instead of automatically synchronizing with any pre-mined chain branches going offline, the new protocol will require peer-to-peer to propose a longer and heavier chain to mine some penalty blocks. The number of penalty blocks depends on the original number of blocks that will be reverted if the chain is reorganized and synchronized with the proposed reorganization. As a result, the cost of a 51% attack will increase dramatically as an attacker will not be able to publish their own branch without doubling their work by adding penalty blocks. This will protect the network from reverting all transactions from publicly mined forks.
Another suggestion is to augment the chain with checkpointing and timestamps (Source: Securing proof-of-work ledgers through checkpoints). This proposal would use a group of outside parties to securely run a support service that guarantees the properties of the ledger and can be trusted at times when hash power is already low. However, there is no specific proposal for the Ethereum Classic network yet. Any proposal will have to be carefully evaluated for its feasibility with ETC.