Preamble

Bitcoin Gold is a Bitcoin hard-fork that aims to be GPU-mineable by using the Equihash algorithm with parameters (144, 5) also known as “Zhash”. The Bitcoin Gold website claims Zhash “uses more memory than an ASIC can muster, but runs fine on many graphics cards”. Bitcoin Gold was previously 51% attacked in May 2018 when it was estimated that up to $18 million worth of BTG was double-spent.

The Attacks

Between Thursday and Friday we detected two deep reorgs on BTG, both of which contained double-spends. Their details are listed below. All times are GMT.

In both cases the attacker blocks were mined with the address GWrW5dTZf5XwGWoJuqRKdzkzZFkwtWSqaP in the coinbase transaction. We note that at the time of the attack, on Binance deposits of BTG were credited to one’s account for trading after six confirmations, and were available for withdrawals after twelve confirmations. A fourteen or fifteen block reorg would thus evade both of Binance’s escrow periods. Binance has since increased their withdrawal requirement for BTG to twenty confirmations. Based on Nicehash market price data for Zhash we estimate the cost of generating each reorg at around 0.2 BTC (~$1,700) and the attacker would have recouped around the same value in block rewards. Therefore, it is possible that the attacks were profitable if the double-spends succeeded at defrauding the attacker’s counterparty, or break-even if the double-spends were unsuccessful. This suggests that a confirmation requirement on the order of tens of blocks for BTG is still far too few to make the budget constraint to launch an attack significant.