Komodo, an independent, scalable, and fully interoperable blockchain ecosystem that provides end-to-end blockchain infrastructure announced today its development team has added a new feature to its Proof of Work (dPoW) security mechanism that allows the security status of any particular transaction(s) to be easily verified.
The adjustments to the Komodo code base have been made in such a way that crypto exchanges can integrate this double-spend prevention mechanism with no major code changes. If an exchange has previously been monitoring the number of confirmations from the Komodo daemon before considering a transaction secure, then this new feature can be easily used.
The Komodo Delayed Proof of Work (dPoW) security mechanism leverages the large hashrate of the Bitcoin network to help protect smaller Proof of Work blockchains from 51% attacks.
dPoW Confirmation
For instance, some exchanges have a wait time of 120 block confirmations before allowing KMD coins to be traded. Other exchanges have a wait time of only 30 confirmations before KMD funds become available.
Now, with the ability to verify delayed Proof of Work (dPoW) notarizations, exchanges can simply wait for the confirmations to return a value greater than 1 before releasing funds to a trader. It’s a quick and simple way to ensure protection against double-spending.
This is true for not just the KMD chain, but also for any independent blockchain built on Komodo Platform. In addition, in the near future, the notarization confirmation tool will be added to any external blockchain that adopts dPoW protection.
Currently, there are three external projects using dPoW security: Bitcoin Hush, GAME Credits, and Einsteinium. The Komodo team reports that several others are either in the process of being integrated or are now in discussion to adopt dPoW.
Confirmation Logic
The confirmations: output will produce one of the following three results: a value of 0, a value of 1, or a value that is greater than 1. Each of these three values represents a different security status.
If confirmations: returns a 0, then the transaction in question has not yet been confirmed.
If confirmations: returns a 1, then the transaction is confirmed but has not yet been notarized to the BTC ledger via dPoW.
If confirmations: returns a value >1, then the transaction is confirmed and has been notarized, meaning the transaction is protected with BTC-level security.
This new feature makes it easy to know when a particular transaction has received maximum security. Essentially, confirmations have been made dPOW aware, as they will never go above 1 until a transaction is notarized. There is a slight delay, hence the name of the security feature, but it ultimately guarantees a transaction is immutable once confirmations: returns a value greater than 1.
dPoW Deterred A 51% Attack
On October 7, 2018, a Reddit user posted in the r/CryptoCurrency subreddit to ask a simple question: “If I live streamed the setup and execution of doing a 51% attack against the testnet for the sake of education would anyone watch?” The post quickly gained much attention, eventually receiving more than 1.5K upvotes.
The Reddit user, who goes by the name GeoCold, said that they were “considering doing a live stream of all the setup and execution of doing a 51% attack … so that people can see how it works in real life, not in theory.”
GeoCold’s motives did not appear to be malicious. Instead, GeoCold stated that the intention was to educate the blockchain industry and to analyze “the security implications and how some coins go about preventing such attacks, the pros and cons of such tactics, etc.”
Although the original idea was to attack the Bitcoin testnet, GeoCold later decided “to attack the coin Einsteinium on their main net.”
However, it later came to GeoCold’s attention that Einsteinium uses Komodo’s security services. As a result, GeoCold chose to not attack EMC2 and instead opted for a different Proof-of-Work blockchain with a low hashrate.
The fact that Komodo’s security service prevented a potential attack— despite the attack being publicly announced in advance and intended to be educational in nature, still demonstrates the power of the security service itself.
Deterring attackers from ever launching an attack in the first place is much preferred to an unsuccessful attack taking place. Even a failed attack can cause disruptions. It will also force a project’s development team to spend many hours fending off the attack and repairing any damage that the unsuccessful attack may have caused.
dPoW Defended Against A 51% Attack
Later, after GeoCold got cold feet and decided against attacking the dPoW-protected EMC2 chain, a second white hat hacker took the stage.
Like GeoCold, Forkwitch intended to launch a 51% attack for educational and security-minded purposes. But, unlike GeoCold, Forkwitch decided to carry out the attack on EMC2. In the end, Komodo’s dPoW security mechanism functioned precisely as designed.
Forkwitch was able to fork the EMC2 chain and create a private chain that was longer than the main EMC2 chain. However, a notarization to the BTC ledger via Komodo’s dPoW security prevented this private chain from being accepted by the EMC2 network. This means that the attack failed and there was no possibility of any funds being spent twice.