Defending Against Malicious Reorgs in Tezos Proof-of-Stake
@article{Neuder2020DefendingAM,
title={Defending Against Malicious Reorgs in Tezos Proof-of-Stake},
author={Michael Neuder and Daniel J. Moroz and Rithvik Rao and David C. Parkes},
journal={Proceedings of the 2nd ACM Conference on Advances in Financial Technologies},
year={2020}
}Blockchains are intended to be immutable, so an attacker who is able to delete transactions through a chain reorganization (a malicious reorg) can perform a profitable double-spend attack. We study the rate at which an attacker can execute reorgs in the Tezos Proof-of-Stake protocol. As an example, an attacker with 40% of the staking power is able to execute a 20-block malicious reorg at an average rate of once per day, and the attack probability increases super-linearly as the staking power…
Figures and Tables from this paper
3 Citations
The Governance Problem in Distributed Ledgers: An Analysis Focusing on Tezos
- Computer Science
- 2021
It is proved that the Tezos governance system is not Pareto efficient, and that in the latest state of supply distribution it is feasible for community division to be the most optimal outcome for stakeholders.
NC-Max: Breaking the Security-Performance Tradeoff in Nakamoto Consensus
- Computer ScienceProceedings 2022 Network and Distributed System Security Symposium
- 2022
This work identifies and experimentally proves that the crux resides with the pro-longed block propagation latency caused by not-yet-propagated transactions, and proposes NC-Max, a two-step mechanism to confirm only fully-propAGated transactions that removes the limits upon NC’s performance imposed by its security demands, realizing NC's untapped potential.
Low-cost attacks on Ethereum 2.0 by sub-1/3 stakeholders
- Computer ScienceArXiv
- 2021
We outline two dishonest strategies that can be cheaply executed on the Ethereum 2.0 beacon chain, even by validators holding less than one-third of the total stake: malicious chain reorganizations…
References
SHOWING 1-10 OF 24 REFERENCES
Majority is not enough
- Computer Science, MathematicsCommun. ACM
- 2018
This work shows that the Bitcoin mining protocol is not incentive-compatible, and proposes a practical modification to the Bitcoin protocol that protects Bitcoin in the general case, and prohibits selfish mining by a coalition that command less than 1/4 of the resources.
Selfish Behavior in the Tezos Proof-of-Stake Protocol
- Computer ScienceCryptoeconomic Systems
- 2020
This work proposes and analyzes a simple change to the Tezos protocol which significantly reduces the profitability of this dishonest behavior, and introduces a new delay and reward scheme that is provably secure against length-1 and length-2 selfish endorsing attacks.
Formal Barriers to Longest-Chain Proof-of-Stake Protocols
- Computer Science, MathematicsEC
- 2019
The main results of this paper are several formal barriers to designing incentive-compatible proof-of-stake cryptocurrencies (that don't apply to proof- of-work).
Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin
- Computer ScienceCCS
- 2017
A novel attack called a fork after withholding (FAW) attack is proposed, which is usable up to four times more often per pool than in BWH attack, and does not suffer from practicality issues, unlike selfish mining.
Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol
- Computer Science, MathematicsCRYPTO
- 2016
“Ouroboros” is presented, the first blockchain protocol based on proof of stake with rigorous security guarantees and it is proved that, given this mechanism, honest behavior is an approximate Nash equilibrium, thus neutralizing attacks such as selfish mining.
Bitcoin: A Peer-to-Peer Electronic Cash System
- Computer Science
- 2008
This work proposes a solution to the double-spending problem using a peer-to-peer network, where the network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof- of-work.
Secure High-Rate Transaction Processing in Bitcoin
- Computer Science, MathematicsFinancial Cryptography
- 2015
The GHOST rule is addressed, a modification to the way Bitcoin nodes construct and re-organize the block chain, Bitcoin’s core distributed data-structure, to address security concerns over high transaction throughput.
Analysis of Hashrate-Based Double Spending
- Computer Science, MathematicsArXiv
- 2014
A look at the stochastic processes underlying typical attacks and their resulting probabilities of success in Bitcoin.
Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack
- Computer Science2016 IEEE European Symposium on Security and Privacy (EuroS&P)
- 2016
This paper expands the mining strategy space to include novel "stubborn" strategies that, for a large range of parameters, earn the miner more revenue, and shows how a miner can further amplify its gain by non-trivially composing mining attacks with network-level eclipse attacks.
Casper the Friendly Finality Gadget
- Computer Science, MathematicsArXiv
- 2017
Casper is a partial consensus mechanism combining proof of stake algorithm research and Byzantine fault tolerant consensus theory, which provides almost any proof of work chain with additional protections against block reversions.