How Eth2.0 mitigates specific PoS (Proof of Stake) attacks

Written By Dmitri Kaslov

In December 2020, ETH2.0 Beacon Chain launched. This Phase 0 launched forms part of a multi-year process that will see ETH1.x transform from a PoW (Proof of Work) to a PoS (Proof of Stake) blockchain.

This is an exciting period in Ethland and is the product of years of research of optimal solutions to ensure Ethereum remains secure and decentralized despite a change of consensus mechanism. its been a long held belief that PoW has the most security guarantees unlike, say, PoS.

I have previously covered some forms of attacks against Proof of Stake chains and so, with Ethereum moving to PoS, let’s see how it intends to defend against these PoS attacks or if any are applicable at all!

  1. Nothing at stake attack - This attack relies on the assumption of "cheap" (almost nothing) mining on forks of the same PoS (Proof of Stake) chain. Multiple forks couldn’t be detected or discouraged.

  2. Long range attacks - this attack occurs when an adversary creates a branch/fork on the blockchain starting from the Genesis block (or thousands of blocks in the past) and overtakes the main chain, thus rewriting history.

Eth2.0’s security model is making attacks extremely expensive by putting up economic value-at-loss i.e. security relies of penalties, not rewards.

Eth2.0:

  • solves 1) (nothing at stake) by making use of a punitive proof of stake algorithm where validator rewards are withheld if they sign blocks on competing forks. This was called Slasher and introduced by Vitalik in 2014.

We have indeed already seen a validator get slashed ~0.25 ETH:

An ETH2.0 validator slashed due to a violation

An ETH2.0 validator slashed due to a violation

  • solves 2) (long range attacks) by accepting “weak subjectivity”, which is one of the root causes of long range attacks. Weak subjectivity relates to new nodes and offline nodes that come online after a significant amount of time. These nodes would not be able to immediately distinguish which of the branches it received is the main chain. With Proof of Work, it's easy to determine the main chain as it is the one with the most proof of work, whereas in Proof of Steak, since there is no 'work' done, it's easier for such nodes to be deceived, at least for a time.

Eth2.0 Beacon Chain uses weak subjectivity checkpoints, which is a similar concept to “genesis block”, in that it’s a block that is agreed upon by the entire network as the “real” chain.

The Eth2.0 research work went a step further to determine a weak subjectivity period - which is defined as the number of recent epochs within which there must be a weak subjectivity checkpoint so that an attacker who takes control of the validator set at the beginning of the period is slashed at least a threshold amount in case a conflicting finalized checkpoint is produced.

The Ethereum re-engineering from PoW to PoS has been defined as "trying to change an airplane engine mid-flight”. It could be disastrous if it all goes wrong, but so far, all the research work and planning that went into this is moving along nicely.

I will be eagerly watching, and researching, this progress over the next 12-18 months!

Dmitri Kaslov https://tkmatima.com
Previous

Software supply chain integrity
Next

Insurance taking center stage in Cyber - improving and maturing it?