Bhudia, Alpesh, Cartwright, Anna, Cartwright, Edward, Hurley-Smith, Darren, Hernandez-Castro, Julio (2023) Game Theoretic Modelling of a Ransom and Extortion Attack on Ethereum Validators. In: ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security. . ACM ISBN 979-8-4007-0772-8. (doi:10.1145/3600160.3604985) (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided) (KAR id:102497)
The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided. (Contact us about this Publication) | |
Official URL: https://doi.org/10.1145/3600160.3604985 |
Abstract
Consensus algorithms facilitate agreement on and resolution of blockchain functions, such as smart contracts and transactions. Ethereum uses a Proof-of-Stake (PoS) consensus mechanism, which depends on financial incentives to ensure that validators perform certain duties and do not act maliciously. Should a validator attempt to defraud the system, legitimate validators will identify this and then staked cryptocurrency is ‘burned’ through a process of slashing.
In this paper, we show that an attacker who has compromised a set of validators could threaten to perform malicious actions that would result in slashing and thus, hold those validators to ransom. We use game theory to study how an attacker can coerce payment from a victim, for example by deploying a smart contract to provide a root of trust shared between attacker and victim during the extortion process. Our game theoretic model finds that it is in the interests of the validators to fully pay the ransom due to a lack of systemic protections for validators. Financial risk is solely placed on the victim during such an attack, with no mitigations available to them aside from capitulation (payment of ransom) in many scenarios. Such attacks could be disruptive to Ethereum and, likely, to many other PoS networks, if public trust in the validator system is eroded. We also discuss and evaluate potential mitigation measures arising from our analysis of the game theoretic model.
Item Type: | Conference or workshop item (Proceeding) |
---|---|
DOI/Identification number: | 10.1145/3600160.3604985 |
Subjects: | Q Science > QA Mathematics (inc Computing science) |
Divisions: | Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing |
SWORD Depositor: | JISC Publications Router |
Depositing User: | JISC Publications Router |
Date Deposited: | 18 Aug 2023 14:09 UTC |
Last Modified: | 05 Nov 2024 13:08 UTC |
Resource URI: | https://kar.kent.ac.uk/id/eprint/102497 (The current URI for this page, for reference purposes) |
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):