[Resource Topic] 2022/1020: Uncle Maker: (Time)Stamping Out The Competition in Ethereum

Resource Attacks and cryptanalysis
#1

Welcome to the resource topic for 2022/1020

Title:
Uncle Maker: (Time)Stamping Out The Competition in Ethereum

Authors: Aviv Yaish, Gilad Stern, Aviv Zohar

Abstract:

We present an attack on Ethereum’s consensus mechanism which can be used by miners to obtain consistently higher mining rewards compared to the honest protocol. This attack is novel in that it does not entail withholding blocks or any behavior which has a non-zero probability of earning less than mining honestly, in contrast with the existing literature.

This risk-less attack relies instead on manipulating block timestamps, and carefully choosing whether and when to do so. We present this attack as an algorithm, which we then analyze to evaluate the revenue a miner obtains from it, and its effect on a miner’s absolute and relative share of the main-chain blocks.

The attack allows an attacker to replace competitors’ main-chain blocks after the fact with a block of its own, thus causing the replaced block’s miner to lose all transactions fees for the transactions contained within the block, which will be demoted from the main-chain. This block, although ``kicked-out’’ of the main-chain, will still be eligible to be referred to by other main-chain blocks, thus becoming what is commonly called in Ethereum an uncle.

We proceed by defining multiple variants of this attack, and assessing whether any of these attacks has been performed in the wild. Surprisingly, we find that this is indeed true, making this the first case of a confirmed consensus-level manipulation performed on a major cryptocurrency.

Additionally, we implement a variant of this attack as a patch for geth, Ethereum’s most popular client, making it the first consensus-level attack on Ethereum which is implemented as a patch.
Finally, we suggest concrete fixes for Ethereum’s protocol and implemented them as a patch for geth which can be adopted quickly and mitigate the attack and its variants.

ePrint: https://eprint.iacr.org/2022/1020

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .