Verge (XVG) Mining Code Malfunctions: Developers Consider Proof of Stake (PoS) Move
The crypto market is filled with coins these days as a consequence of crypto explosion of 2017. What followed was an ICO trend which caused countless startups to appear with their own coin and offer it to investors.
As they were caught up in a crypto fever, many investors were willing to buy pretty much any coin, and while many of them were scams or weak projects, there were also numerous that were legitimate, or even rather good.
Verge (XVG) is an example of a coin that was considered to be quite good at the time, with a lot of potential in front of it. It did not hold an ICO, though, and it appeared as an open source project.
Furthermore, it integrates Tor in its wallets in order to protect users' IP addresses, and it also uses additional privacy and security measures to make transactions (and, in extent — users themselves) anonymous. By all accounts, Verge was a pretty good privacy coin, which is why many saw it as a potentially great cryptocurrency.
However, as it later turned out, the fault with the coin lied in its mining code, which left it open to 51% attacks and time warp. As soon as bad actors realized this, Verge was compromised, and its reputation was destroyed.
Attacks on Verge (XVG)
Verge's mining is actually multi-algorithm, so that different miners who use different equipment can have equal access. It includes X17, blake2s, myr-groestl, Scrypt, and Lyra2rev2. Due to the large variety of algorithms, every block is mined by using a different algorithm when the code functions properly.
The first big issue with the mining emerged in April 2018, when attackers changed block timestamps and forced the system always to use the same algorithm. As a result, the mining difficulty dropped, and they were able to strike a new block every second. This is called time warp attack, and Verge experienced three of them in total.
This was only the first one, and it resulted in hackers obtaining 20,000,000 XVG, or $1 million. After the attack, developers created a fix for the problem. However, it did not work, as attackers managed to perform another similar attack in the second half of May. On this occasion, they managed to force the system to switch only between Scrypt and Lyra2rev2.
They also manipulated the timestamps yet again, which allowed them to go through 25 blocks per minute. This time, they got away with 35,000,000 XVG ($1.8 million).
Developers attempted yet another patch, and this one also turned out to be unsuccessful in preventing further disruptions. Only a week later, Verge was attacked again, not only by another time warp attack but with a 51 percent attack as well. This allowed them to bypass the measures that prevent double-spending.
Meanwhile, developers refused to admit that the project suffered the third attack. There is also no confirmation that the issue has been fixed ever since, although this was the last time that Verge was attacked. Another interesting thing is that Verge failed even to mention attacks in its annual report, even though they were the biggest incidents that the project has ever experienced.
As 2019 arrived, Verge had an update on February 15th, in which developers stated that miners were reporting difficulties in setting up working mining environment due to the lack of timestamps in Coinbase transactions.
This is what finally led developers to considering a shift to PoS. While this would completely defeat the purpose of using different algorithms for providing equal opportunities to different miners, and it would even centralize the mining process, developers would gain more control regarding the project's future forks.
Consequences of moving to PoS
If the developers do decide to make the shift to PoS a reality, they would also change the blockchain halving schedule in order to make sure that miners are making a profit, at least until the change is complete. But, this also means that the inflation would get higher, which might mean a new set of problems for Verge.
However, if they do shift to PoS, that would mean that time warps and 51% attacks would never again be effective. The price of reaching this type of security is abandoning pretty much the entire mining community which made the coin popular in the first place.
Even so, this may be something that the project is willing to do, as three time warp attacks and one 51% attack already destroyed its reputation, the project does not have much left to lose.