Paper 2022/289

Two Attacks On Proof-of-Stake GHOST/Ethereum

Joachim Neu, Ertem Nusret Tas, and David Tse

Abstract

We present two attacks targeting the Proof-of-Stake (PoS) Ethereum consensus protocol. The first attack suggests a fundamental conceptual incompatibility between PoS and the Greedy Heaviest-Observed Sub-Tree (GHOST) fork choice paradigm employed by PoS Ethereum. In a nutshell, PoS allows an adversary with a vanishing amount of stake to produce an unlimited number of equivocating blocks. While most equivocating blocks will be orphaned, such orphaned `uncle blocks' still influence fork choice under the GHOST paradigm, bestowing upon the adversary devastating control over the canonical chain. While the Latest Message Driven (LMD) aspect of current PoS Ethereum prevents a straightforward application of this attack, our second attack shows how LMD specifically can be exploited to obtain a new variant of the balancing attack that overcomes a recent protocol addition that was intended to mitigate balancing-type attacks. Thus, in its current form, PoS Ethereum without and with LMD is vulnerable to our first and second attack, respectively.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
Ethereumattackproof-of-stake
Contact author(s)
jneu @ stanford edu
nusret @ stanford edu
dntse @ stanford edu
History
2022-03-07: received
Short URL
https://ia.cr/2022/289
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/289,
      author = {Joachim Neu and Ertem Nusret Tas and David Tse},
      title = {Two Attacks On Proof-of-Stake {GHOST}/Ethereum},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/289},
      year = {2022},
      url = {https://eprint.iacr.org/2022/289}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.