Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Discuss reasons why PoW security assumptions might not hold #157

Open
daira opened this issue Jan 19, 2024 · 0 comments
Open

Discuss reasons why PoW security assumptions might not hold #157

daira opened this issue Jan 19, 2024 · 0 comments
Assignees
Labels
content improvement A content improvement less substantial than a design suggestion

Comments

@daira
Copy link
Collaborator

daira commented Jan 19, 2024

For example, the Prefix Consistency and Prefix Agreement properties of Π bc might not hold because:

  • There is a consensus divergence between node implementations (including versions of the same implementation) due to a bug, platform difference, or nondeterminism in consensus rule implementations.
    • This can potentially be provoked by the adversary, even if it is a corner case that would not normally happen.
    • In general the validity checking of snapshots made by Π bft is also affected by the same divergence/nondeterminism. But the checking of whether one bc-block is a descendant of another is less likely to be incorrect/divergent than the rest of the consensus implementation, because it is much simpler and only depends on the parent fields and the block hash implementation.
      • If the block hash implementation has divergence/nondeterminism, all bets are off even if Π bft is safe.
      • If the validation of proof-of-work and difficulty adjustment has divergence/nondeterminism, then there is no longer any bound on how quickly bc-blocks can be produced, and so the BFT protocol will be exposed to DoS attacks that were not otherwise possible.
  • The adversary has more than 50% of mining power, or less than 50% mining power but has been lucky in finding bc-blocks quickly.
    • Perhaps the adversary knows of a way to knock existing mining nodes offline, make them less efficient, or make their blocks less likely to be accepted, so that it has a larger proportion of the remaining mining power.
      • This includes partitioning some mining nodes from the rest of the network, exploiting a crash bug, or using a DoS attack to slow them down.
      • Partitioning attacks can be facilitated by weaknesses or exploitable inefficiencies in the peer-to-peer network protocol, or in Internet routing infrastructure and node discovery (BGP, DNS-based seeders, etc.)
    • Perhaps the adversary is exploiting an improved way of solving the proof-of-work.
@daira daira added the content improvement A content improvement less substantial than a design suggestion label Jan 19, 2024
@daira daira changed the title Discuss reasons why security assumptions might not hold Discuss reasons why PoW security assumptions might not hold Jan 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
content improvement A content improvement less substantial than a design suggestion
Projects
None yet
Development

No branches or pull requests

2 participants