418 research outputs found
Smart contracts for bribing miners
We present three smart contracts that allow a briber to fairly
exchange bribes to miners who pursue a mining strategy benefiting the
briber. The first contract, CensorshipCon, highlights that Ethereum’s
uncle block reward policy can directly subsidise the cost of bribing miners.
The second contract, HistoryRevisionCon, rewards miners via an
in-band payment for reversing transactions or enforcing a new state of
another contract. The third contract, GoldfingerCon, rewards miners
in one cryptocurrency for reducing the utility of another cryptocurrency.
This work is motivated by the need to understand the extent
to which smart contracts can impact the incentive mechanisms involved
in Nakamoto-style consensus protocols
Bribes to Miners: Evidence from Ethereum
Though blockchain aims to alleviate bribing attacks, users can collude with
miners by directly sending bribes. This paper focuses on empirical evidence of
bribes to miners, and the detected behaviour implies that mining power could be
exploited. By scanning transactions on Ethereum, transactions for potential
direct bribes are filtered, and we find that the potential bribers and bribees
are centralized in a small group. After constructing proxies of active level of
potential bribing, we find that potential bribes can affect the status of
Ethereum and other mainstream blockchains, and network adoption of blockchain
can be influenced as well. Besides, direct bribes can be related to stock
markets, e.g., S&P 500 and Nasdaq
Timelocked Bribing
A Hashed Time Lock Contract (HTLC) is a central concept in cryptocurrencies where some value can be spent either with the preimage of a public hash by one party (Bob) or after a timelock expires by another party (Alice). We present a bribery attack on HTLC\u27s where Bob\u27s hash-protected transaction is censored by Alice\u27s timelocked transaction. Alice incentivizes miners to censor Bob\u27s transaction by leaving almost all her value to miners in general. Miners follow (or refuse) this bribe if their expected payoff is better (or worse). We explore conditions under which this attack is possible, and how HTLC participants can protect themselves against the attack. Applications like Lightning Network payment channels and Cross-Chain Atomic Swaps use HTLC\u27s as building blocks and are vulnerable to this attack. Our proposed solution uses the hashpower share of the weakest known miner to derive parameters that make these applications robust against this bribing attack
Impact of Geo-distribution and Mining Pools on Blockchains: A Study of Ethereum
Given the large adoption and economical impact of permissionless blockchains,
the complexity of the underlying systems and the adversarial environment in
which they operate, it is fundamental to properly study and understand the
emergent behavior and properties of these systems. We describe our experience
on a detailed, one-month study of the Ethereum network from several
geographically dispersed observation points. We leverage multiple geographic
vantage points to assess the key pillars of Ethereum, namely geographical
dispersion, network efficiency, blockchain efficiency and security, and the
impact of mining pools. Among other new findings, we identify previously
undocumented forms of selfish behavior and show that the prevalence of powerful
mining pools exacerbates the geographical impact on block propagation delays.
Furthermore, we provide a set of open measurement and processing tools, as well
as the data set of the collected measurements, in order to promote further
research on understanding permissionless blockchains.Comment: To appear in 50th IEEE/IFIP International Conference on Dependable
Systems and Networks (DSN), 202
He-HTLC: Revisiting Incentives in HTLC
Hashed Time-Locked Contracts (HTLCs) are a widely used primitive in blockchain systems such as payment channels, atomic swaps, etc. Unfortunately, HTLC is incentive-incompatible and is vulnerable to bribery attacks. The state-of-the-art solution is MAD-HTLC (Oakland\u2721), which proposes an elegant idea that leverages miners\u27 profit-driven nature to defeat bribery attacks.
In this paper, we show that MAD-HTLC is still vulnerable as it only considers a somewhat narrow set of passive strategies by miners. Through a family of novel reverse-bribery attacks, we show concrete active strategies that miners can take to break MAD-HTLC and profit at the loss of MAD-HTLC users. For these attacks, we present their implementation and game-theoretical profitability analysis.
Based on the learnings from our attacks, we propose a new HTLC realization, He-HTLC (Our specification is lightweight and inert to incentive manipulation attacks. Hence, we call it He-HTLC where He stands for Helium.) that is provably secure against all possible strategic manipulation (passive and active). In addition to being secure in a stronger adversary model, He-HTLC achieves other desirable features such as low and user-adjustable collateral, making it more practical to implement and use the proposed schemes. We implemented He-HTLC on Bitcoin and the transaction cost of He-HTLC is comparative to average Bitcoin transaction fees
- …