A researcher suggested that exchanges could “rollback” hacks by renting mining power from online marketplaces.
Speaking at Unitize virtual event, Coin Metrics researcher Lucas Nuzzi suggested that one way for exchanges to fight back against the hackers is by renting mining power from online marketplaces.
6 confirmations ticking countdown
Nuzzi conjectured that an exchange which has been hacked could rent enough hashpower through an online marketplace to force a favorable network reorganization:
“So it is essentially a technique to try and reorg yourself by renting mining power and doing that work where if you’re an exchange and you’ve been hacked, within those six work confirmations that the network is expecting to be considered final <...> But through mining, you could potentially, within those six blocks alter a transaction where your hot wallet has been drained. So that’s one of the approaches through mining.”
Nuzzi alluded to the fact that Bitcoin (BTC) transactions are not necessarily final prior to confirmation. It is generally assumed that they become final after six block confirmations, which typically take an hour. Thus, an exchange, either by renting the majority of hashpower or in coalition with mining pools could choose to accept a version of the chain where the hack did not happen.
CZ wanted to rollback Bitcoin after Binance hack
This scenario may sound unrealistic to most, at least, when it comes to Bitcoin. However, it was something that Binance (BNB) CEO Changpeng Zhao, or CZ, was seriously considering after an infamous Binance hack, which cost the exchange 7,000 BTC. Later, under the heavy criticism from the crypto community, CZ reconsidered the plan.
Nuzzi confirmed to Cointelegraph that this solution is impractical for bigger coins like Bitcoin, but could be used for smaller ones:
“It’d actually be impossible for exchanges, or any entity really to reorg BTC via NiceHash. This could, however, be an effective counterattack on smaller chains with more niche hashing algos, like lyra, or equihash.”
Nuzzi also pointed to the attack on Bitcoin Gold (BTG), where the community was able to repel the attacker to support his theory.