eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2021/299

HashSplit: Exploiting Bitcoin Asynchrony to Violate Common Prefix and Chain Quality

Muhammad Saad, Afsah Anwar, Srivatsan Ravi, and David Mohaisen

Abstract

The safety of the Bitcoin blockchain relies on strong network synchrony. Therefore, violating the blockchain safety requires strong adversaries who control a mining pool with 51% hash rate. In this paper, we show that the network synchrony does not hold in the real world Bitcoin network, which can be exploited to amortize the cost of various attacks. Towards that, first we construct the Bitcoin ideal world functionality to formally specify its ideal execution model in a synchronous network. We then develop a large-scale data collection system through which we connect with more than 36K IP addresses of the Bitcoin nodes and identify 359 mining nodes. We contrast the Bitcoin ideal functionality against real world measurements to expose network anomalies that can be exploited to optimize the existing attacks. Particularly, we observe high block propagation delay in the Bitcoin network causing weak network synchronization: on average, in 9.97 minutes, only 39% nodes have the up-to-date blockchain. Through a fine-grained analysis, we discover non-uniform block propagation delay among the mining nodes showing that the Bitcoin network is asynchronous. To realize the threat of asynchronous network, we present the HashSplit attack that allows an adversary to orchestrate concurrent mining on multiple branches of the blockchain to violate common prefix and chain quality properties. We also propose the attack countermeasures by releasing a Bitcoin Core version that closely models the Bitcoin ideal functionality. Our measurements, theoretical modeling, pro-posed attack, and countermeasures open new directions in the security evaluation of Bitcoin and similar blockchain systems

Note: Updated revision with a few terminology fixes

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MAJOR revision.
Keywords
BlockchainConsensus
Contact author(s)
srivatsr @ usc edu
History
2021-10-21: revised
2021-03-09: received
See all versions
Short URL
https://ia.cr/2021/299
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/299,
      author = {Muhammad Saad and Afsah Anwar and Srivatsan Ravi and David Mohaisen},
      title = {HashSplit: Exploiting Bitcoin Asynchrony to Violate Common Prefix and Chain Quality},
      howpublished = {Cryptology ePrint Archive, Paper 2021/299},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/299}},
      url = {https://eprint.iacr.org/2021/299}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.