To the Firo Community,
As you have probably heard, the Firo network suffered a 51% attack on January 18th, 2021. This attack replaced about a day’s worth of blocks, with the primary goal being to defraud exchanges out of their money.
Firo is not the only coin to suffer such an attack, Ethereum Classic, Horizen, Bitcoin Gold, Grin and Beam all experienced it and it shows the increasing difficulty of bootstrapping a pure proof-of-work coin in this day and age. The irony of this attack happening on the cusp of activating chainlocks, which would have prevented this situation entirely, is not lost on us.
The team moved swiftly and put out several emergency updates. The first of which freezes the attacker’s funds so they can’t be moved and also implemented a max re-org depth of 5, and the second will activate chainlocks within a week (at time of writing). The Firo development team is confident in our work, and hope that this activation will be successful and prevent any further attacks similar to this one.
That said, there were real, monetary damages to exchanges and its users as a result.
Description of Attack
To dispel any FUD let me preface it with these:
- No inflation occurred
- This was not a bug, but a nature of Proof of Work consensus
- Hashrate was not easily rentable as Nicehash doesn’t support MTP and other sites do not have sufficient hashrate.
The attacker deposited a huge number of coins into Binance, sold them for other coins (most likely BTC, ETH and USDT) and withdrew the proceeds to a personal wallet. This was done with 3 unique KYCed IDs in batches of 10,000 FIRO to 40,000 FIRO totaling 865,951.9714 FIRO.
Through his own pool, the attacker then revealed his secret mined chain which had more accumulated work on it. This chain rolled back over 300 blocks which also reversed his deposits (and other users’ deposits) into Binance. This meant that the FIRO that were sold on Binance were no longer on Binance and had reverted to the attacker despite him already selling them and withdrawing his BTC/USDT/ETH proceeds.
Attacker consolidated all his FIRO in one address totalling 867,652 FIRO which includes his coinbase rewards he earned from mining the chain. The attacker did not take any steps to anonymize or spread out his funds.
According to Binance, they have suffered losses of 906,771.4373 FIRO. This includes funds of innocent users who also had their deposits reversed. This figure might change as legitimate deposits are rebroadcasted and confirmed. Binance’s security team is still in the midst of investigations.
Indodax has also reported losses of 82,741.37718628 FIRO. We are unsure if these are knock on effects of legitimate users withdrawing from Binance to Indodax which are now subsequently reversed. It is possible that once Binance is made whole, Indodax losses would be made good as well.
Other exchanges did not report any losses or only very minor ones.
What was done to mitigate the attack
The attack was done at a time where most of our team was asleep and we were first made aware at 6:50 AM UTC+8.
We immediately informed all exchanges and pools. Exchanges shut down deposits and withdrawals. We then issued our emergency switch to temporarily disable Lelantus to prevent the attacker from anonymizing funds.
We then rolled out updates that locked the attacker’s proceeds and also limited reorg to 5 blocks in depth. We briefed all exchanges and pools on this along with releasing the code publicly.
We also then made an additional release deploying chain locks which is scheduled to activate on block 341100 (Approximately Jan 28 2021, 11:00 UTC). This was meant to have been deployed in a few weeks but we decided to rush this to ensure exchanges are comfortable this won’t happen again.
Interesting additional information
From tracing the source of the funds of the attack (which weren’t anonymized), many could be traced from Binance’s wallets from the 16th-18th January. This meant that he had purchased these funds from Binance during this period which may explain the massive run up in price in the time period. This would have required millions of USD.
Similarly the timing of the deposits into Binance that were double spent also corresponds to the time slightly prior to when we were seeing a continuous selling activity.
We can’t be absolutely sure if the price movements are correlated to the attack but there is a strong circumstantial evidence to suggest this.
Given the way the attacker has behaved especially in not utilizing our privacy features and consolidating his proceeds into a single address (making it trivial to blacklist) while undertaking immense financial risk does beg the question whether the attacker was financially motivated. A double spend attack is only profitable if you get back the funds you sold but the scale, the amount of resources required and the lack of care in hiding the proceeds may indicate someone who is just out to discredit the project just as Lelantus was launched and chainlocks were due to be released.
We also spoke to a pool operator who reached out to us to tell us that they were approached by someone on Discord who wanted to have his own Firo MTP pool on 12 Jan. He mined a single block on it and then removed access to it and hasn’t been heard from since. We are unsure if this has any relation to the attack.
What should we do?
Binance in particular has asked about the possibility of reimbursement for their losses, and, though the team does receive a modest sum from the protocol in the form of a development fund, the Firo team has nowhere near the funds necessary to cover these damages. Our options are limited, but we would like to present them here for community discussion. Firo is, after all, first and foremost, a coin of the community, and we would never act on something so substantial without first receiving community input.
Our first option is to utilize the locked attacker’s funds to make reparations to the exchanges and its users. This Firo would be ‘mined’ on a new block and sent to a wallet controlled by the Firo development team to disperse to the exchanges that request reimbursement. It’s important to note that this will not change the max supply of Firo as the attacker’s funds have been effectively lost forever under the new protocol rules, so the newly minted Firo would cancel this out.
This approach does have drawbacks however. The centralization and subverting the proof-of-work is not something to be taken lightly, and some may see this as a dangerous precedent set for the future. But some may see it as a necessary growing pain as we install technology that will protect us from the shortcomings of proof-of-work especially as a newer coin.
Our second option is to not mint the Firo, effectively asking the exchanges to eat the losses. This seems unfair to the exchange, but a 51% attack is not the fault of the developers or project. There was no bug, exploit, or failure of the protocol that allowed this to happen, and it can happen to any proof-of-work coin.To ask Firo, as a project and as a community, to backtrack on decentralization and proof-of-work is a heavy ask, and we’re not sure an exchange should have the power to ask this of a coin that is trying to be real money for people.
This approach also has drawbacks, as if the exchanges do not receive reimbursement, there is a real risk of delisting. We hope this would not be the case, and hope that the exchanges consider, with the activation of chainlocks, 51% attacks would be significantly harder to pull off given it would also require masternode control.
Within the second option also lies an additional choice, should the attacker be able to keep his 867,652 FIRO which he initially legitimately obtained, sold but then got it back through his double spend attack? Blockchain purists might argue that the attacker was entitled to the funds as he acted as allowed by the protocol but it also might mean death for the project given that ~7.6% of circulating supply is now in the control of someone who obviously has malicious intent for the project despite him spending significant sums of money.
We bring these options to you, the community, for discussion and recommendation. Each option has pros and cons, and we, the Firo team, want to do right by everyone. Please make your voice heard and opinion known.
- Keep attackers’ funds locked and use it to reimburse exchanges
- Keep attackers’ funds locked but no reimbursement to exchanges
- Don’t lock attackers’ funds and no reimbursement to exchanges
It is important that we take this decision seriously and also highly recommend people to not only vote in the poll but also post in the thread. The last thing we want are sock puppet accounts with no history suddenly coming out of the woodwork to vote so we will be taking this into account.