Skip to main content

Game Theoretic Modelling of a Ransom and Extortion Attack on Ethereum Validators

Bhudia, Alpesh, Cartwright, Anna, Cartwright, Edward, Hurley-Smith, Darren, Hernandez-Castro, Julio (2023) Game Theoretic Modelling of a Ransom and Extortion Attack on Ethereum Validators. In: ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security. . ACM ISBN 979-84-00-70772-8. (doi:10.1145/3600160.3604985) (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided) (KAR id:102497)

The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided. (Contact us about this Publication)
Official URL:
https://doi.org/10.1145/3600160.3604985

Abstract

Consensus algorithms facilitate agreement on and resolution of blockchain functions, such as smart contracts and transactions. Ethereum uses a Proof-of-Stake (PoS) consensus mechanism, which depends on financial incentives to ensure that validators perform certain duties and do not act maliciously. Should a validator attempt to defraud the system, legitimate validators will identify this and then staked cryptocurrency is ‘burned’ through a process of slashing.

In this paper, we show that an attacker who has compromised a set of validators could threaten to perform malicious actions that would result in slashing and thus, hold those validators to ransom. We use game theory to study how an attacker can coerce payment from a victim, for example by deploying a smart contract to provide a root of trust shared between attacker and victim during the extortion process. Our game theoretic model finds that it is in the interests of the validators to fully pay the ransom due to a lack of systemic protections for validators. Financial risk is solely placed on the victim during such an attack, with no mitigations available to them aside from capitulation (payment of ransom) in many scenarios. Such attacks could be disruptive to Ethereum and, likely, to many other PoS networks, if public trust in the validator system is eroded. We also discuss and evaluate potential mitigation measures arising from our analysis of the game theoretic model.

Item Type: Conference or workshop item (Proceeding)
DOI/Identification number: 10.1145/3600160.3604985
Subjects: Q Science > QA Mathematics (inc Computing science)
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
SWORD Depositor: JISC Publications Router
Depositing User: JISC Publications Router
Date Deposited: 18 Aug 2023 14:09 UTC
Last Modified: 21 Aug 2023 13:19 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/102497 (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.