This period Finalized Committed to recent contextualization Published papers Three possible attacks on the Ethereum proof-of-stake algorithm are described.
These are serious attacks that have been formally analyzed and technically simple mitigation measures.The fix and will not Delay the merge timeline.
Forkchoice attack, mitigation measures and timeline
Recently there has been a lot of chatter about a new Published papers Written by a team from Stanford University and some EF researchers.This article discloses three active and reorganization attacks on the beacon chain consensus mechanism No Provide any mitigation measures or any context on what this means for the upcoming merger upgrade of Ethereum. The publication of this paper is to better facilitate review and collaboration before the fix is introduced on the mainnet. However, it failed to provide background information on the impact and mitigation measures. This leaves room for uncertainty in subsequent discussions.
Let us understand it in depth.
Yes, these are serious attacks ⚔️
First let us make it clear that these are Serious If the problem is not alleviated, it will threaten the stability of the beacon chain. For this reason, repairs are essential before the beacon chain takes over the security of the Ethereum execution layer at the merge point.
But there is a simple fix 🛡
The good news is that two simple fixes to forkchoice have been proposed-“Proposer Boost” and “Proposer View Synchronization”.Researchers at Stanford University have formally analyzed the proposer promotion (coming soon), and Specified since April, Even already Implementation In at least one customer. Proposer view synchronization It also looks promising, but it was earlier in its formal analysis. As of now, researchers expect that the proposer promotion will be included in the specification because of its analytical simplicity and maturity.
At a high level, the paper’s attack is caused by over-reliance on signals from proofs—especially a small number of adversarial proofs that tilt honest views in one direction or the other.There are good reasons for this dependence-it proves to be almost completely eliminated afterwards Block reorganization in the beacon chain-but these attacks show that this requires a high price- beforehand Recombination and other active attacks. Intuitively, the above solution adjusts the power balance between proofs and block proposals, rather than living on one extreme or the other.
Caspar did a great job explaining the attack and the proposed fix concisely.Check This twitter thread For the best tl;dr you will find.
What about the merger? ⛓
Make sure to fix it in place before merging Absolutely must. But there is a fix, and it is very simple to implement.
This fix is only for forkchoice, so it is consistent with the merge specification written today. Under normal circumstances, forkchoice is exactly the same as it is now, but in an attack scenario, a fixed version helps to provide chain stability.This means that rolling out the fix does no The introduction of major changes may require a “hard fork.”
Researchers and developers expect that by the end of November, the proposer upgrade will be formally integrated into the consensus specification and will be launched on the Merge testnet before mid-January.
Finally, I would like to extend my warm congratulations to Joachim Neu and Nusret Taş, they are Xie Lab At Stanford University, just like them priceless Not only to identify but also correct the key issues discussed above 🚀