In August 2020, the Ethereum Classic network experienced three separate chain reorganization (51%) attacks over a period of approximately two weeks. The incidents prompted immediate security responses and longer-term protocol improvements.
The Attacks
- August 1: A reorganization of approximately 3,693 blocks, with an estimated double-spend of 807,260 ETC.
- August 6: A second reorganization of approximately 4,000 blocks.
- August 29: A third reorganization of approximately 7,000 blocks.
In each case, the attacker acquired sufficient hashrate to produce a longer competing chain, replacing confirmed blocks on the canonical chain with the attacker's blocks containing double-spend transactions.
Immediate Responses
- Exchanges increased ETC confirmation requirements — some to 10,000+ confirmations
- Mining pools increased payout confirmation thresholds
- The community began developing ECBP-1100 (MESS)
ECBP-1100: MESS
Modified Exponential Subjective Scoring (MESS) was activated in October 2020. MESS penalizes deep chain reorganizations by requiring exponentially more work to replace recent blocks, making 51% attacks significantly more expensive without introducing centralized checkpoints.
Long-Term Resolution
The most effective security improvement came in September 2022, when Ethereum's transition to proof-of-stake caused GPU miners to migrate to ETC. Network hashrate increased from ~25 TH/s to over 200 TH/s, making the economic cost of a 51% attack prohibitively expensive. MESS was subsequently deprecated, as the hashrate increase provided sufficient natural protection.
Lessons
The 2020 attacks demonstrated that proof-of-work security is directly proportional to hashrate, and that low-hashrate PoW chains are vulnerable to rental attacks. ETC's response was pragmatic: implement a short-term defense (MESS), and benefit from the long-term hashrate growth that the Merge delivered.