Researchers Say They Discovered Consensus Level Attack On Ethereum — Miners Cheating The System To Earn More
A analysis paper revealed by The Hebrew College in Israel stories having found the “first proof of a consensus-level assault on a significant cryptocurrency.” The paper is presently awaiting peer assessment however makes use of publicly obtainable on-chain knowledge and Ethereum’s open supply codebase to affirm its conclusions.
Researchers Say They Discovered Consensus Level Attack On Ethereum — Miners Cheating The System To Earn More
At its core, the paper highlights a difficulty the place miners can change the timestamp associated to a mined block to keep away from elevated issue on the community. On-chain knowledge seems to assist the declare as Aviv Yaish, one of many paper’s authors, highlighted F2Pool’s block timestamps being artificially altered to enhance rewards.
Researchers Say They Discovered Consensus Level Attack On Ethereum — Miners Cheating The System To Earn More
(9/12) Each time F2Pool’s block timestamps attain the purpose the place mining issue is meant to lower, they artificially set them to be one second earlier. F2Pool has been executing this assault over the previous two years, and the proof has been hiding in plain sight! … pic.twitter.com/mDEG2UqXZh
Researchers Say They Discovered Consensus Level Attack On Ethereum — Miners Cheating The System To Earn More
— Aviv Yaish (@yaish_aviv) August 5, 2022
Researchers Say They Discovered Consensus Level Attack On Ethereum — Miners Cheating The System To Earn More
Uncle Maker
Ethereum is maintained by way of a proof-of-work consensus mechanism, which shall be moved to proof-of-stake this September. Nonetheless, thus far, the community seems to be vulnerable to the assault recognized in by The Hebrew College.
The consensus-level assault is known as an Uncle Maker assault throughout the paper in reference to the “uncle” blocks used within the exploit. Blocks throughout the Ethereum blockchain act as a set of information which can be checked, distributed, and verified throughout your complete community. Uncle blocks are legitimate blocks which have been faraway from the primary chain however nonetheless obtain rewards.
“The assault permits an attacker to switch rivals’ main-chain blocks after the very fact with a block of its personal, thus inflicting the changed block’s miner to lose all transactions charges for the transactions contained throughout the block, which shall be demoted from the main-chain.”
Miners can set a block’s timestamp inside “a sure affordable certain,” sometimes inside just a few seconds. One mining pool that was singled out within the analysis was F2Pool, which “prior to now two years, F2Pool didn’t have even a single block with a timestamp” that matched the anticipated end result. F2Pool is likely one of the largest Ethereum swimming pools working with a hashrate of 129 TH/s and producing roughly 1.5K ETH in day by day rewards.
The paper additionally highlighted that F2Pool’s “founder has made a comparatively properly publicized condemnation of competing mining swimming pools, blaming them for attacking his personal mining pool” whereas, in actuality, “F2Pool are attacking different mining swimming pools.”
The financial affect of the assault has not but been formally recognized, however CryptoSlate reached out Yaish who advised us,
“For every profitable occasion of the assault, F2Pool earned 14% extra from block rewards, and as well as earned all of the transaction charges contained inside.
We’re presently trying to present concrete estimations for each of your questions utilizing real-world knowledge, which shall be revealed instantly when now we have them!”
The Hebrew College has “concrete fixes for Ethereum’s protocol” and created a patch for consideration. Yaish said in a weblog publish that the data was “responsibly disclosed to the Ethereum Basis” earlier than publication.
Get an Edge on the Crypto Market 👇
Turn out to be a member of CryptoSlate Edge and entry our unique Discord group, extra unique content material and evaluation.
On-chain evaluation
Worth snapshots
Extra context
Be part of now for $19/month Discover all advantages
Source
