After the European Ethereum AE suffered a 51% attack, the market value shrank by 98%

On December 30, the assets of two old projects, AE (Aeternity) and HC (HyperCash), will be delisted from Binance. On December 24, Binance announced that the reason for the delisting was that "when the token no longer meets the listing standards or there are major industry changes, Binance will conduct an in-depth project review and may delist it."

During this period, Bitcoin was in a period of market growth as it continued to break new historical highs, while the total market value of the two asset projects, AE and HC, shrunk by 98% and 91% respectively from their previous historical highs, with year-to-date declines of more than 20%.

It is worth mentioning that AE suffered a 51% attack on December 7, causing damage to many trading platforms. OKEx alone lost more than 16 million AE.

Liu Shao from AE Chinese Community said that small computing power currencies under PoW consensus are vulnerable to "51% attacks". Recently, ETC and Grin have both suffered such attacks. "If the project side and the exchange do not take precautions in time, exchanges that store a large amount of assets may become victims."

OKEx said that the exchange cannot control the 51% attack, but the platform still bears the losses caused by the AE attack, and user assets are not affected. In the near future, it will increase the review of related projects to prevent the attack from affecting the asset security of the trading platform.

After AE was attacked, Huobi, which was the first to close deposits and withdrawals, also stated that "51% attacks" are not easy to prevent. When preventing such attacks, exchanges should evaluate the number of deposit confirmations and, if necessary, increase the number of block confirmations and delay deposits. They also need to monitor computing power at the same time. If there are any abnormalities, they should immediately roll back to the correct state and close wallet deposits and withdrawals.

Both AE and HC were star projects in the last bull market of crypto assets. Before this year's bull market, assets in sectors such as DeFi and NFT became traffic stars and became the source of new listings for centralized exchanges. In contrast, old projects have not continued to develop in application scenarios, their assets have been losing ground in the secondary market, and the team's motivation to operate and maintain the project has become less and less, which has also left attackers with opportunities.

The market value of AE and HC shrank by 98% and 91% respectively

On December 27, the price of Bitcoin once again set a new historical record, breaking through $28,000, driving the crypto asset market to continue entering a long period of new market capitalization.

This inevitably reminds people of the last bull market from 2017 to 2018, when Bitcoin and various assets soared together. However, in this year's market, the top ten rankings of "various assets" by market value still include Ripple (XRP) and Litecoin (LTC), which were once called "mainstream currencies." Alcoin data shows that the DeFi sector's oracle project ChainLink (LINK) and the cross-chain network Polkadot (DOT) have also squeezed into the top ten in market value.

The old public chain EOS fell from the altar and ranked 16th. Some old projects are facing the risk of being delisted by exchanges. On December 24, Binance officially announced that it would delist the two projects AE (Aeternity) and HC (HyperCash) on December 30 because they no longer meet Binance's listing standards.

Binance said that it will regularly review the crypto assets listed to ensure a high level of currency quality. When a token no longer meets the listing standards or there are major industry changes, an in-depth project review will be conducted and it will be delisted if necessary.

Binance will delist AE and HC on December 30

Aeternity's asset AE is nicknamed "Auntie Coin" in the Chinese market. It was initiated in 2016 by Yanislav Malahov, a German computer scientist known as the "Godfather of Ethereum", and Zack Hess, a former core developer of Augur. It was once hailed by the market as the "European Ethereum".

HyperCash was benchmarked against Bitcoin in 2018, and its asset HC was known as a new generation of decentralized, open source, cross-system digital cryptocurrency at the time.

One of the two projects is benchmarked against Ethereum, and the other is benchmarked against Bitcoin, but neither of them has overthrown their opponents. At the moment when the market is looking good, AE and HC are like brothers in distress, and their market performance is disastrous.

As of 9:00 a.m. on December 27, AE was temporarily reported at $0.096, with a circulating market value of $30.71 million, a 98% decrease from its historical high of $1.15 billion, and a 26.3% drop so far this year. At the same time, HC was temporarily reported at $0.643, with a circulating market value of $27.92 million, a 91% decrease from its historical high of $274 million, and a 41.5% drop so far this year.

After Binance announced the delisting of AE, the project official did not disclose much information. The last update on AE's official Twitter was on November 28, when it was "Celebrating the 2nd Anniversary of the AE Genesis Block." In AE's Telegram group, users kept saying "Sell AE as soon as possible" and "Don't have any illusions."

AE suffered from "51% attack" and the exchange was affected

Binance’s delisting may be related to the “51% attack” on AE on December 7, which caused losses to AE assets on many exchanges. However, AE officials have not made a wide public response to the attack.

The "51% attack" is also called a double-spending attack. Blockchain networks that adopt the Proof-of-Work (PoW) mechanism are most often subject to this type of attack. That is, once a person or entity controls more than 51% of the mining power in the network, he can independently defeat the remaining power and reorganize or roll back the blockchain, resulting in "a sum of money being spent twice."

If the assets on a blockchain have been listed on an exchange, once the attacker transfers the fake assets on the "reorganized chain" to the exchange for trading, and does not attract the attention of the exchange, they can cash out other assets for profit. After the AE was attacked this time, some exchanges were indeed affected.

"The attacker was very skilled and spent a lot of money." Liu Shao, a member of the AE Chinese community, sorted out the signs and impacts before and after the attack. He said that the attack was initiated by an address starting with ak. Around December 3, the address began to collect a large amount of AE from the exchange, and after withdrawing the coins, they were deposited into three accounts that planned to carry out the "double-spending attack", with a total amount of about 29 million AE, and the largest amount of a single account was about 27.5 million AE.

During this period, the price of AE rose from $0.124 to $0.209 on December 6. It rose by 90% in 3 days, nearly doubling.

According to Liu Shao's analysis, at 4 a.m. Beijing time on December 6, the attacker launched a "double-spending attack", starting from block height 353225, and forked out an undisclosed private chain; at 10 a.m. on December 7, when the block height reached 353838, the attacker's own longer private chain was broadcast, covering the shorter main chain's height of 353803.

After that, the hacker transferred more than 27,527,689 AE to his wallet at the height of 353,230 of the private chain, and transferred it to the exchange at the height of 353,227 of the new chain that was broadcasted; after all the money was transferred to the exchange, the transaction began. At the same time, the hacker began to withdraw coins from the attacked exchange to other exchanges for sale, and some exchanges with low confirmation numbers were affected.

Liu Shao said that the valuable assets successfully cashed out from the exchange were withdrawn by hackers. In addition, hackers also withdrew some real AE in some exchanges and sold them on other platforms, involving a total loss of about 39 million AE.

Huobi was the most timely to react to the AE attack. At 11 a.m. on December 7, less than an hour after the hacker broadcast the new chain, Huobi was the first to stop deposits and withdrawals, and contacted the AE community in a timely manner. The AE community also publicly stated that after discovering the abnormal tracking and confirmation, it notified all the exchanges it was in contact with around 2 p.m., and around 3 p.m., all exchanges stopped deposits and withdrawals one after another.

AE assets outflow from OKEx as counted by the AE community

According to statistics from the AE community, OKEx suffered the biggest loss this time, losing at least 16.87 million AE coins, which is equivalent to 2.3 million US dollars based on the AE price of $0.152 when the attack was launched. These funds flowed to exchanges such as ZB, Huobi, Gate.io, and Binance.

In this regard, OKEx also stated that the exchange cannot control the project being attacked by 51%, but the platform will bear the losses of AE. "OKEx will increase the review of similar projects in the future, strengthen risk control, prevent similar projects from being attacked by 51%, and ensure the safety of exchange assets."

Huobi, which took strong precautions, told Fengchao Finance that soon after the attack, the program automatically opened the firewall after discovering it. After receiving the alarm, the security department notified to close the deposit and withdrawal of the front desk. "After receiving the alarm, we immediately communicated with the AE team, but the project party failed to respond in time due to the time difference."

Huobi also disclosed the subsequent processing and said that the number of block rollbacks in AE was within the number of security confirmations of the exchange, and the recharged assets could not be withdrawn from the platform; after the block was rolled back, the wallet triggered the security mechanism and deducted the assets of the rolled back transaction as soon as possible.

According to the on-chain asset flow data, Huobi not only did not suffer any losses this time, but also intercepted 4.25 million double-spend AEs in the exchange.

Liu Shao said that it is still unclear where the hacker came from. When the attack was launched, the computing power increased by more than 10 times, and "I don't know where the computing power came from." The data on the chain shows that all the AE in the address that launched the attack has been transferred out.

Exchanges should be wary of small computing power coins

Recently, computing power projects based on the PoW consensus mechanism have often encountered 51% attacks. Among them, ETC and Grin have both encountered it, and ETC has been "double-spent" more than once.

On November 9, F2Pool officially announced that the Grin network was attacked by 51% from 9:10 to 10:47 on November 8, and Grin mining was seriously affected. F2Pool reminds users that if there are continued attacks, mining income will be affected. Please evaluate the risks yourself and participate in Grin mining with caution.

On November 29, ETC suffered a 51% attack. Kraken Exchange reported that ETC deposits were temporarily unavailable while the exchange was evaluating the stability of the chain. This was because another reorganization occurred on the chain, this time due to a malicious 51% attack.

As ETC has suffered 51% attacks many times, Ethereum founder Vitalik recently said on Twitter that 51% attacks are a basic property of blockchain, not something that only happens in the case of malicious code.

After AE was attacked this time, Huobi, which was the first to shut down deposits and withdrawals, said that "double-spending attacks" are actually difficult to defend against, and other chains have also been attacked in history.

Liu Shao also believes that, in theory, the damage to assets caused by the attack has nothing to do with the exchange, but is the responsibility of the project owner. He pointed out that small computing power coins are prone to 51% attacks, which has become a security incident that cannot be ignored. When exchanges list these assets online, they should have a sense of defense and do corresponding risk control.

After AE was attacked, Binance chose to remove AE. OKEx also stated that it will increase the review of similar projects in the future and strengthen the internal risk control of the platform.

Regarding how to deal with the "double-spending attack", Huobi said that it is necessary to evaluate the number of deposit confirmations, and if necessary, increase the number of block confirmations and delay the deposit; at the same time, it is necessary to monitor the computing power. If there is any abnormality, immediately roll back to the correct state and close the wallet deposit and withdrawal.

There are also teams in the industry that specialize in research and prevention of 51% attacks. In September this year, researchers from the MIT Digital Currency Initiative (DCI) believed that better monitoring of mining pools and computing power rental markets could prevent 51% attacks. It is reported that the group is developing monitoring tools with an eye on providing early warning systems for exchanges and other targets of such attacks.

Old projects like AE, which were dazzling in the last bull market, are declining, which is directly reflected in the security risk issue. Behind it is the weakening consensus, which makes them increasingly out of touch with the mainstream crypto asset market. Especially this year, the emergence of new sectors such as DeFi and NFT has made new assets a source of listing on centralized trading platforms. In the past, a batch of projects that focused on public chain scenarios and the new generation of Bitcoin have become increasingly outdated in the face of Ethereum.

When the original project plan failed, the price of the currency also fell in the secondary market, the team's motivation to operate the project became less and less, and the weakening network consensus and construction computing power also left opportunities for attackers. The attack on AE also sounded the alarm for trading platforms to increase security precautions for old projects.

Interaction time:

What other old projects are you following?