Author: Mike Brooks 2020-10-10 01:26:07
Published on: 2020-10-10T01:26:07+00:00
The article discusses the vulnerabilities of the Nakamoto Consensus, which is a process that determines the valid transactions in a blockchain network. The author explains how an adversary can create a hard fork by eclipsing honest hosts on the network and disrupting the normal flow of messages. This can cause disagreements between miners and lead to a split in the blockchain, thereby undermining the security guarantees needed for a decentralized untrusted payment network to function.The article proposes a solution called Floating-Point Nakamoto Consensus, which makes it increasingly more expensive to replace the current winning block. This added cost comes from a method of disagreement resolution where not every solution block is the same value, and a more-fit solution is always chosen over a weaker solution. Any adversary attempting to have a weaker chain to win out would have to overcome a kind of relay-race, whereby the winning team’s strength is carried forward, and the loser will have to work harder and harder to maintain the disagreement.Additionally, the author argues that any solution to Byzantine fault-injection or the intentional formation of disagreements must be fully decentralized. In most cases, Floating-Point Nakamoto Consensus will prevent a re-org blockchain from ever going past a single block, thereby expediting the formation of a global consensus. Floating-Point Nakamoto Consensus cements the lead of the winner and greatly incentivizes the network to adopt the dominant chain no matter how many valid solutions are advertised, or what order they arrive.The article concludes by saying that all nodes are incentivized to support the solution with the highest fitness value- regardless of which order these proof-of-work were validated. Miners are incentivized to support the dominant chain, which helps preserve the global consensus.In a recent email thread discussing the Floating-Point Nakamoto Consensus, Lord James HRMH responded to James' suggestion of selecting the highest-work chain by recommending adding more bits of precision to avoid confusion. James had previously mentioned that the network should adopt the longest chain with the highest proof of work in case of a contentious tip being built on, which is why waiting for two confirmations for a transaction and six for it to be considered 'final' are necessary. However, if the network were to decide immediately without waiting for a chain to be further extended, then accepting the higher proof of work with the greater precision proof is the solution. Currently, there is no method of comparison to determine which block is correct when two blocks are received as alternates extending the same chain tip.The email also discussed the threat model of an eclipse attack conducted by a malicious miner who possesses knowledge of an unpatched DoS vulnerability. In order for an honest node to prove that a dishonest node is lying, they would need to form a connection to a segment of the network that isn't entirely suppressed. If a network's maximum capacity for connection handlers 'k' is the sum of all available worker threads for all nodes in the network, establishing 'k+1' connections by the pidgin-hole principle will prevent any new connections from being formed by honest nodes, thereby creating a perfect eclipse for any new miners joining the network would only be able to form connections with dishonest nodes. An attacker can expedite the transmission of one solution while slowing another, making sure the disagreement in the network is balanced for as long as needed. The attacker needs to keep the disagreement open until their transactions have been validated on the honest chain, at which point they will add more nodes to the dishonest chain to make sure it is the ultimate winner, thus replacing out the honest chain with the one generated by dishonest miners.The article discusses how Floating-Point Nakamoto Consensus can improve consensus generation in blockchain networks by adding a fitness test. This is important for transactions on the network as the most recently formed block, with the highest local fitness score at the time of its discovery, is preferred. In a worst-case scenario created by Byzantine fault injection, the weaker group and dominant group produced competing proof-of-work solutions.Traditional Nakamoto Consensus sees both forks as authoritative equals, creating a divide in mining capacity. However, in Floating-Point Nakamoto Consensus, any nodes receiving both forks would prefer to mine on the chain with an overall fitness score, making it harder for the weaker chain to find miners to compete in any future disagreement, thereby eroding support for the weaker chain. A soft fork can be used to implement Floating-Point Nakamoto Consensus as both patched and non-patched nodes can co-exist. The article concludes that any blockchain using Nakamoto Consensus can be modified to use a fitness constraint such as the one used by Floating-Point Nakamoto Consensus. An example implementation has been submitted as a PR to the bitcoin core which is free to be adapted by other networks. Links to the complete implementation of Floating-Point Nakamoto consensus and the paper discussing it are provided.
Updated on: 2023-06-14T15:35:04.932961+00:00