Paper 2021/782

On the deployment of FlyClient as a velvet fork: chain-sewing attacks and countermeasures

Tristan Nemoz and Alexei Zamyatin


Because of the everlasting need of space to store even the headers of a blockchain, Ethereum requiring for example more than 4 GiB for such a task, superlight clients stood out as a necessity, for instance to enable deployment on wearable devices or smart contracts. Among them is FlyClient, whose main benefit was to be non-interactive. However, it is still to be shown how a such protocol can be deployed on an already existing chain, without contentious soft or hard forks. FlyClient suggests the use of velvet forks, a recently introduced mechanism for conflict-free deployment of blockchain consensus upgrades – yet the impact on the security of the light client protocol remains unclear. In this work, we provide a comprehensive analysis of the security of FlyClient under a velvet fork deployment. We discover that a naive velvet fork implementation exposes FlyClient to chain-sewing attacks, a novel type of attack, concurrently observed in similar superlight clients. Specifically, we show how an adversary subverting only a small fraction of the hash rate or consensus participants can not only execute doublespending attacks against velvet FlyClient nodes, but also print fake coins – with high probability of success. We then present three potential mitigations to this attack and prove their security both under velvet and, more traditional soft and hard fork deployment. In particular, our mitigations do not necessarily require a majority of honest, up-to-date miners.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
BlockchainSuperlight clientsFlyClientVelvet forksCross-chain communicationChain-sewing
Contact author(s)
tristan nemoz19 @ imperial ac uk
alexei zamyatin17 @ imperial ac uk
2021-06-10: received
Short URL
Creative Commons Attribution


      author = {Tristan Nemoz and Alexei Zamyatin},
      title = {On the deployment of {FlyClient} as a velvet fork: chain-sewing attacks and countermeasures},
      howpublished = {Cryptology ePrint Archive, Paper 2021/782},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.