Bitcoin Gold is a Bitcoin hard-fork that aims to be GPU-mineable by using the Equihash algorithm with parameters (144, 5) also known as "Zhash". The Bitcoin Gold website claims Zhash "uses more memory than an ASIC can muster, but runs fine on many graphics cards". Bitcoin Gold was previously 51% attacked in May 2018 when it was estimated that up to $18 million worth of BTG was double-spent.
Between Thursday and Friday we detected two deep reorgs on BTG, both of which contained double-spends. Their details are listed below. All times are GMT.
- Thu, 23 Jan 2020 18:01:32 - 14 blocks removed, 13 blocks added
- 1,900 BTG double-spent (~$19,000).
- 1,900 BTG originally sent to
GgmzUSgXrXpDxiY34bG6SxaDVi2rQ1zU8Q
in TXID 3a17157994502a749a1827883a670d822f8ee95dae94064631770faeec1e8443 was redirected toGNH5cUEg5LZZP5HfLgaLvTE9ApKAf76aBf
in TXID 6e05e8253b2ce7f1acf6f0684898e13141c0e9b893e1a5e44d215d8ebe4d28b4. - The majority of the coins were sent from an output owned by the address
GK6HuN964f3XFScY5CPGg1oZ1gFRq52nf5
.
- Fri, 24 Jan 2020 00:24:08 - 15 blocks removed, 16 blocks added
- ~5,267 BTG double-spent (~$53,000).
- ~1,947 BTG originally sent to
Gg4YDMrMuqit6eJAYKaBxmK17zPFnpLt5w
, 1,850 BTG toGfRdNzHJan8sfW9wxozAYhRPL9fFLD9A9m
in TXID 481d608591f4d6a7013ac1b879c2caf1e2c0a2bb30b5346b2c876deb43873b2b and 1,470 BTG toGfWUNAdW3aEXfQWshApFLf2ZNtMV9MC6VQ
in TXID 37c8a8d59f61879cc0da9fa197ed72dbc967c796800d4015cafd47c7be467201 was redirected toGPTH48Z3diz4zwBGchXmzW3kDnmHVxyX2V
in TXID a0dc721fff0948732679638f4b4bb713686786826971c3f9a30eb15f5694a0ea. - The majority of the coins were sent from outputs owned by the address
Gdc4ANNdqyGBadobzUDZNydBgDHAYdMeAb
.
In both cases the attacker blocks were mined with the address GWrW5dTZf5XwGWoJuqRKdzkzZFkwtWSqaP
in the coinbase transaction. We note that at the time of the attack, on Binance deposits of BTG were credited to one's account for trading after six confirmations, and were available for withdrawals after twelve confirmations. A fourteen or fifteen block reorg would thus evade both of Binance's escrow periods. Binance has since increased their withdrawal requirement for BTG to twenty confirmations. Based on Nicehash market price data for Zhash we estimate the cost of generating each reorg at around 0.2 BTC (~$1,700) and the attacker would have recouped around the same value in block rewards. Therefore, it is possible that the attacks were profitable if the double-spends succeeded at defrauding the attacker's counterparty, or break-even if the double-spends were unsuccessful. This suggests that a confirmation requirement on the order of tens of blocks for BTG is still far too few to make the budget constraint to launch an attack significant.
I didn't have time to thank you earlier - so, thanks for the work and contribution of information.
Note, this part has an error:
1,900 BTG originally sent to GgmzUSgXrXpDxiY34bG6SxaDVi2rQ1zU8Q in TXID 3a17157994502a749a1827883a670d822f8ee95dae94064631770faeec1e8443 was redirected to GgmzUSgXrXpDxiY34bG6SxaDVi2rQ1zU8Q in TXID 6e05e8253b2ce7f1acf6f0684898e13141c0e9b893e1a5e44d215d8ebe4d28b4.
Should read:
1,900 BTG originally sent to GgmzUSgXrXpDxiY34bG6SxaDVi2rQ1zU8Q in TXID 3a17157994502a749a1827883a670d822f8ee95dae94064631770faeec1e8443 was redirected to GNH5cUEg5LZZP5HfLgaLvTE9ApKAf76aBf in TXID 6e05e8253b2ce7f1acf6f0684898e13141c0e9b893e1a5e44d215d8ebe4d28b4.