51% attack

[Little Mouse]

Recently Firo, former Zcoin had a 51% attack and it was possible to change/tamper data of 306 blocks(or so). What exactly is that? Is it like the guy who had control of 51% of the network had overwritten the block? How does anyone get benefitted from such an attack? What's the step to prevent such attack?
https://cointelegraph.com/news/privacy-focused-firo-cryptocurrency-suffers-51-attack

[Ucy]

I think 51% was originally meant to be 51% of the total number of network participants with full nodes and the ability to make changes to top blocks through network consensus, for the good of the network and users.
Unfortunately, the 51% can be hijacked by single/few users with greater consensus power than the network majority.   Attackers can for example buy something worth 1 million dollars and transfer coins to seller , when the transaction get confirmed, they use their power to reverse transaction.
In my opinion, part of the solution to this is to have a clear rule that must be agreed to and followed before the 51% changes can be possible. Before changes to blocks can possible, it's important to stick to one full node per voter so that 51% of the votes will actually be from individual votes of most/all network participants.

[hatshepsut93]

Recently Firo, former Zcoin had a 51% attack and it was possible to change/tamper data of 306 blocks(or so). What exactly is that? Is it like the guy who had control of 51% of the network had overwritten the block? How does anyone get benefitted from such an attack? What's the step to prevent such attack?

51% attack is done by mining on top of some earlier block, which means that all transaction after that block become unconfirmed, and another transaction that spends the same inputs could be confirmed instead. In worst case, the coins that you have received in a block that was reversed will never appear in your wallet again. As its name suggests, 51% attack is done by having more than 51% of network hashrate, because it allows you to create a longer chain, or chain with more combined hashpower, which forces nodes to switch to it as per protocol rules.

In this case, the hackers have profited by sending coins to exchanges, selling them, withdrawing the money, and then reversing the deposit transaction, so they can sell these coins again. This is known as double spending.

To prevent it, you need to adjust the required confirmation time to network's hashpower. With Bitcoin 1-3 confirmations is enough for most purposes, with smaller altcoins you need to wait thousands or even tens of thousands of confirmations to be truly safe. IMO exchanges will realize that this is not worth the risk and will start delisting shitcoins with low hashpower in the future.

[qwizzie]

Recently Firo, former Zcoin had a 51% attack and it was possible to change/tamper data of 306 blocks(or so). What exactly is that? Is it like the guy who had control of 51% of the network had overwritten the block? How does anyone get benefitted from such an attack? What's the step to prevent such attack?
https://cointelegraph.com/news/privacy-focused-firo-cryptocurrency-suffers-51-attack

That is mentioned in the article :

For the Firo team, the attack was only possible because the project was yet to deploy Chainlocks on the mainnet. A Chainlock is a secondary validation layer that reportedly
mitigates a 51% attack.

According to Yap, with Chainlocks activated, an attacker would need to control at least half of all Firo master nodes in addition to the usual 51% mining hash rate dominance.

Firo has reportedly completed the testing protocols for Chainlocks and is primed for its full deployment in the next few weeks. When integrated, Chainlocks will be the latest protocol
feature added to the project after activating the Lelantus upgrade.

What the article fails to mention is that ChainLocks has been developed by Dash, has been active on the Dash network for some time now (since July 2019) to protect the Dash network
against 51% attacks.

Firo (Zcoin) announced way back in June 2019, that they were planning to implement Dash's ChainLocks feature into their codebase (together with two other Dash features)
Strange that it took them this long to implement ChainLocks (still a few weeks to go, according article).

https://dashnews.org/zcoin-to-copy-dashs-chainlocks-51-attack-proofing/
https://dashnews.org/dash-activates-chainlocks-51-attack-protection-becomes-most-secure-decentralized-currency/#  
https://dashnews.org/andreas-antonopoulos-calls-dash-chainlocks-a-smart-way-of-preventing-51-attacks/

Firo could have had protection against 51% attacks, if they just implemented and activated Dash's ChainLocks feature on their Firo Mainnet sooner.
Either Firo devs gave it a low priority to implement, or ChainLocks is more difficult to copy from Dash code base, adjust and activate on their own Firo Mainnet.