Cryptology ePrint Archive: Report 2018/248

Stake-Bleeding Attacks on Proof-of-Stake Blockchains

Peter Gaži and Aggelos Kiayias and Alexander Russell

Abstract: We describe a general attack on proof-of-stake (PoS) blockchains without checkpointing. Our attack leverages transaction fees, the ability to treat transactions "out of context," and the standard longest chain rule to completely dominate a blockchain. The attack grows in power with the number of honest transactions and the stake held by the adversary, and can be launched by an adversary controlling any constant fraction of the stake.

With the present statistical profile of blockchain protocols, the attack can be launched given a few years of prior blockchain operation; hence it is within the realm of feasibility for PoS protocols. Most importantly, it demonstrates how closely transaction fees and rewards are coupled with the security properties of PoS protocols. More broadly, our attack must be reflected and countered in any future PoS design that avoids checkpointing, as well as any effort to remove checkpointing from existing protocols. We describe several mechanisms for protecting against the attack that include context-sensitivity of transactions and chain density statistics.

Category / Keywords: cryptographic protocols / blockchain, proof of stake

Date: received 5 Mar 2018, last revised 11 Jun 2018

Contact author: peter gazi at iohk io

Available format(s): PDF | BibTeX Citation

Version: 20180611:134423 (All versions of this report)

Short URL: ia.cr/2018/248

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]