Cryptocurrency enthusiasts are keen on telling ordinary civilians how safe and secure the Blockchain protocols powering their favorite coins are. Indeed, major cryptocurrencies like Bitcoin and Ethereum have maintained their security quite well — better, arguably, than any other digital asset/payment system in history — which is pretty remarkable, considering that they are unbacked digital money free from any single party’s control with an effective multi-billion dollar bounty on their proverbial heads.
Many, however, will go a step further, and declare said cryptocurrencies to be literally “unhackable.” This is, at the very least, a tactical error, since the proliferation of the “unhackable” meme forces the enthusiast into some awkward positions when and if certain events unfold. Like, say, a hack.
In such an event, it seems that, if nothing else, an explanation is in order.
Last month, an as-of-yet unidentified attacker was able to severely compromise Verge, a relatively small, privacy-focused cryptocurrency. The mystery hacker managed to dominate the network on three occasions for intervals of several hours at a time over the course of April 4th-6th, preventing any other user from making any payments. Worse, in that interval, they were able to generate what is effectively counterfeit Verge at a rate of 1,560 Verge coins (roughly $80) per second, minting what amounted to over a million dollars worth of the currency.
No need to beat around the bush — this was a disaster. The thing was hacked to high heaven.
But who’s to blame? Is this a case of human error on the part of the Verge developers, an undermining of crypto fundamentals, or something in between? Could such a thing happen again, perhaps to larger currencies, and if so, what can be done to prevent it?