Enhancing blockchain security inspired by Ethereum

Abstract

With the rapid development of blockchain technology over the last decades, cryptocurrencies have become a focal point in both the technological and financial realms. Following the elegant approach to achieving permissionless consensus of Bitcoin, researchers have dedicated efforts to finding alternative solutions that do not rely on energy-intensive Proof-of-Work (PoW). Ethereum, as the second largest cryptocurrency, has recently transitioned its consensus protocol from PoW to a more energy-efficient approach using Proof-of-Stake (PoS). This construction, named Gasper, has a composite feature that aims to retain the benefit of both open blockchain as well as fast confirmation. However, the security of Gasper is not sufficiently proven and it is still unclear whether Gasper actually achieved its goal.

To understand the potential vulnerabilities of Ethereum in the real-world internet, we take a closer look at the working mechanism of Ethereum 2.0 and identify three potential vulnerabilities of Gasper's accountable safety property. Firstly, we illustrate a scenario where a coin can be double-spent while executing the Gasper protocol under a partially synchronous network, and no accountability is established before or after this safety breach. Secondly, we demonstrate a strategy that renders accountability ineffective in a partially synchronous network. Thirdly, we present a method to evade punishment even after a safety breach.

Inspired by Gasper, the ebb-and-flow structure mirrors this composite construction by combining a longest-chain style protocol and a BFT protocol in a provably secure manner. However, the construction exhibits limitations in terms of flexibility and liveness in certain scenarios. Thus, we introduce a flexible ebb-and-flow structure that not only preserves dynamic availability but also addresses liveness issues, enhances the corruption resilience of ebb-and-flow protocols, and achieves confirmation diversity.