Bitcoin Gold (BTG) 51% Attacked Again, $70,000 Doublespent

January 27, 2020 / by Crypto.IQ

Bitcoin Gold (BTG) is a fork of Bitcoin (BTC), with the difference being that Bitcoin Gold (BTG) is meant to only be mined with graphics processing units (GPUs) rather than application specific integrated circuits (ASICs). However, Bitcoin Gold (BTG) has been 51% attacked again, and is clearly inherently flawed.

On Jan. 23an attacker removed 14 blocks from the Bitcoin Gold (BTG) blockchain, and added 13 of their own blocks, coinciding with a double spend of $19,000. Several hours later the attacker struck again, removing 15 blocks and adding 16 blocks, coinciding with a double-spend of $53,000.

Essentially, if an attacker has a majority of the hashrate, they can send a transaction on the original blockchain while mining a separate blockchain.

Once the transaction is confirmed on the original blockchain, such as a transaction being deposited on an exchange, the attacker then trades for a different type of crypto and withdraws their coins.

After that, the attacker introduces the separate blockchain that they have been mining, and since it is longer than the original blockchain, the attacker’s blockchain becomes the official blockchain, replacing the original blockchain. In the attacker’s blockchain, the transaction was never sent, so ultimately the exchange loses the deposit, and the attacker gets the deposit back in addition to the coins they withdrew from the exchange.

This is not the first 51% attack on Bitcoin Gold (BTG), in May 2018 a 51% attack occurred and nearly $18 million of Bitcoin Gold (BTG) was doublespent.

It seems Bitcoin Gold (BTG) is inherently flawed since by blocking ASIC miners and having only GPU miners, their hashrate is too low. Apparently hashing power for Bitcoin Gold (BTG) can be purchased on Nicehash, and just $1,700 is needed to 51% attack the network for long enough to defeat Binance’s 12 confirmation deposit requirement for Bitcoin Gold (BTG).

Bitcoin Gold (BTC) is not secure, and crypto users should avoid it.