Network Attacks Against Blockchain Consensus: Feasibility and Mitigation
Access status:
USyd Access
Type
ThesisThesis type
Doctor of PhilosophyAuthor/s
Ekparinya, ParinyaAbstract
A blockchain system is a distributed ledger that typically maintains ownership of digital assets. Its popularity stems from its promises to automate critical services. A blockchain system operates as a distributed system of nodes and needs them to reach consensus on the current ...
See moreA blockchain system is a distributed ledger that typically maintains ownership of digital assets. Its popularity stems from its promises to automate critical services. A blockchain system operates as a distributed system of nodes and needs them to reach consensus on the current state. The blockchain consensus is still susceptible to the fallacies of distributed computing and in particular, the fact that the network is neither reliable nor secure. As we illustrate in this thesis, the delay of communication in blockchain network allows double-spending, the situation where the same asset could be used concurrently in two transactions or more. This research studies the feasibility of double-spending using network attacks against blockchain consensus, particularly in the context of proof-of-work (PoW) and proof-of-authority (PoA) Ethereum. We propose and experiment with the network attacks in controlled environments to emulate the Ethereum network in various settings. We implement an attacker, who could partition the network for some duration, to participate in the blockchain consensus. We then measure the success rate of double-spending. In addition, we consider the state and network topology of the public Ethereum to understand how this impacts double-spending. Our findings highlight that the Internet topology creates difficulties for an attacker to partition the public PoW Ethereum. For consortium and private PoW Ethereum, however, it is sufficient to partition the network for only 5 minutes to achieve about 50% chance of double-spending. As for the PoA Ethereum, the experimental results show that the attacker always succeeds for two protocols, Aura and Clique. Finally, we explore how to mitigate these attacks. We show that overlay networks could be used to avoid a network partition on the public Internet. We also discuss how to change the parameters of the blockchain consensus to lower the success rate of double-spending (PoW) or even eliminate such a risk (PoA).
See less
See moreA blockchain system is a distributed ledger that typically maintains ownership of digital assets. Its popularity stems from its promises to automate critical services. A blockchain system operates as a distributed system of nodes and needs them to reach consensus on the current state. The blockchain consensus is still susceptible to the fallacies of distributed computing and in particular, the fact that the network is neither reliable nor secure. As we illustrate in this thesis, the delay of communication in blockchain network allows double-spending, the situation where the same asset could be used concurrently in two transactions or more. This research studies the feasibility of double-spending using network attacks against blockchain consensus, particularly in the context of proof-of-work (PoW) and proof-of-authority (PoA) Ethereum. We propose and experiment with the network attacks in controlled environments to emulate the Ethereum network in various settings. We implement an attacker, who could partition the network for some duration, to participate in the blockchain consensus. We then measure the success rate of double-spending. In addition, we consider the state and network topology of the public Ethereum to understand how this impacts double-spending. Our findings highlight that the Internet topology creates difficulties for an attacker to partition the public PoW Ethereum. For consortium and private PoW Ethereum, however, it is sufficient to partition the network for only 5 minutes to achieve about 50% chance of double-spending. As for the PoA Ethereum, the experimental results show that the attacker always succeeds for two protocols, Aura and Clique. Finally, we explore how to mitigate these attacks. We show that overlay networks could be used to avoid a network partition on the public Internet. We also discuss how to change the parameters of the blockchain consensus to lower the success rate of double-spending (PoW) or even eliminate such a risk (PoA).
See less
Date
2021Rights statement
The author retains copyright of this thesis. It may only be used for the purposes of research and study. It must not be used for any other purposes and may not be transmitted or shared with others without prior permission.Faculty/School
Faculty of Engineering, School of Computer ScienceAwarding institution
The University of SydneyShare