Verge (XVG) Has Lost 94 Percent of Its Value After Three Time Warp Attacks and a 51 Percent Attack in 2018, Now Mining Code Is Malfunctioning and Developers May Fork to Proof of Stake (PoS)

February 28, 2019 / by Zachary Mashiach

The War On Shitcoins Episode 13: Verge (XVG). The war on shitcoins is a Crypto.IQ series that targets and shoots down cryptocurrencies that are not worth investing in either due to their being scams, having serious design flaws, being centralized, or in general just being worthless copies of other cryptocurrencies. There are thousands of shitcoins that are ruining the markets, and Crypto.IQ intends to expose all of them. The crypto space needs an exorcism, and we are happy to provide it.

Unlike most shitcoins, Verge (XVG) had a legitimate launch with 0 percent premine, no initial coin offering (ICO), and open source code. Further, Verge (XVG) integrates Tor in all of its wallets to obfuscate IP addresses, provides I2P tunneling to ensure anonymity, uses dual-key stealth addressing to make transactions more anonymous, and has a built-in encrypted message system. Essentially, Verge (XVG) had everything needed to be a top-notch privacy coin. However, Verge’s (XVG) mining code left it prone to time warp and 51 percent attacks, ultimately compromising its reputability and immutability.

Verge (XVG) mining is multi-algorithm in order to provide equal access to a variety of mining equipment. The algorithms include Scrypt, X17, Lyra2rev2, myr-groestl, and blake2s. If the code is functioning correctly, every next block must be mined by a different algorithm.

In April 2018, attackers set block timestamps to one hour in the past and struck blocks with the same algorithm. Also, with this method, mining difficulty dropped to the lowest level possible, resulting in the hacker striking a block every second. This is known as a time warp attack. During this first attack, the hacker profited 20 million Verge (XVG) worth $1 million.

Verge (XVG) developers implemented a fix that did not work, and around May 22, 2018 attackers were able to alternate between Scrypt and Lyra2rev2 and send blocks with manipulated timestamps in order to lower difficulty to the lowest possible level, at which point the attackers were manufacturing 25 blocks per minute. 35 million Verge (XVG) worth $1.8 million was generated in a few hours.

Another patch from the devs proved to be insufficient, and another attack occurred only a week later. There was some evidence of a 51 percent attack in addition to the time warp attack. Indeed, an attacker mining blocks rapidly during a time warp attack could easily perform a double spend by sending a transaction and then submitting a new longer chain where the transaction did not exist.

The Verge (XVG) development team actually denied the third attack, and it is unclear if the code was ever fixed although no attacks have been reported since June. The Verge (XVG) annual report for 2018 did not mention the attacks at all, even though the attacks were the biggest news of the year for Verge (XVG).

In the latest Verge (XVG) update on Feb. 15, the developers mention that miners are having a difficult time setting up a working mining environment due to non-existing timestamps in Coinbase transactions.

To remedy this, the Verge (XVG) developers are considering completely abandoning proof of work (PoW) mining and transitioning to Proof of Stake (PoS). This would defeat the purpose of Verge (XVG) mining being available to multiple types of mining rigs and also would centralize mining into the hands of people who hold the most Verge (XVG). Additionally, PoS gives the Verge (XVG) developers more control to fork in the future.

In addition to transitioning to PoS, the Verge (XVG) developers would alter the block halving schedule to ensure that miners make enough revenue until the PoS transition is complete. This would lead to higher inflation and also shakes the confidence of Verge (XVG) investors since clearly the developers can change the coin supply at will.

The one positive thing about PoS is that Verge (XVG) will not be 51 percent or time warp vulnerable again, although this comes at the expense of abandoning the entire mining community, which has been essential to Verge’s (XVG) popularity.

Ultimately, the repeated time warp attacks and 51 percent attack on Verge (XVG) have caused investors, traders, and miners to question the security, reputation, and immutability of Verge (XVG). This is reflected in the collapse of Verge’s (XVG) market cap from $1.6 billion in April 2018 just after the first attack to $90 million, a 94 percent loss.

Verge (XVG) actually had a strong rally in April 2018 despite the crypto bear market due to its partnership with PornHub and other porn websites. If the attacks had not happened, Verge (XVG) might have continued to rally and could have been a top 10 cryptocurrency today. By August 2018, Pornhub teamed up with Tron (TRX), likely due to the Verge (XVG) reputation being so shaky.

The Verge (XVG) saga is a good example of how time warp attacks and 51 percent attacks can destroy the reputation and destiny of a cryptocurrency, no matter how solid the premise and partnerships of a cryptocurrency are. A cryptocurrency must be immutable and secure in order to gain adoption and value.

At this point, privacy coin users are better off using Monero (XMR), Zcash (ZEC), or Dash (DASH), which have strong reputations, rather than Verge (XVG), which has a history of repeated attacks and a constantly changing codebase.