Decentralized Lightweight Detection of Eclipse Attacks on Bitcoin Clients

Clients of permissionless blockchain systems, like Bitcoin, rely on an underlying peer-to-peer network to send and receive transactions. It is critical that a client is connected to at least one honest peer, as otherwise the client can be convinced to accept a maliciously forked view of the blockchain. In such an eclipse attack, the client is unable to reliably distinguish the canonical view of the blockchain from the view provided by the attacker. The consequences of this can be catastrophic if the client makes business decisions based on a distorted view of the blockchain transactions.In this paper, we investigate the design space and propose two approaches for Bitcoin clients to detect whether an eclipse attack against them is ongoing. Each approach chooses a different trade-off between average attack detection time and network load. The first scheme is based on the detection of suspicious block timestamps. The second scheme allows blockchain clients to utilize their natural connections to the Internet (i.e., standard web activity) to gossip about their blockchain views with other clients through contacted servers. Our proposals improve upon previously proposed eclipse attack countermeasures without introducing any dedicated infrastructure or changes to the Bitcoin protocol and network. We demonstrate the effectiveness of the gossip-based schemes through real-world implementation. The results of our experiments indicate that the protocol incurs a negligible overhead, detects eclipse attacks rapidly with high probability, and is well-suited for practical deployment. 1.

[1]  Vincent Gramoli,et al.  Impact of Man-In-The-Middle Attacks on Ethereum , 2018, 2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS).

[2]  Hubert Ritzdorf,et al.  Tampering with the Delivery of Blocks and Transactions in Bitcoin , 2015, IACR Cryptol. ePrint Arch..

[3]  Min Suk Kang,et al.  A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network , 2019, 2020 IEEE Symposium on Security and Privacy (SP).

[4]  Laurent Vanbever,et al.  Hijacking Bitcoin: Routing Attacks on Cryptocurrencies , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[5]  Alex Biryukov,et al.  Security and privacy of mobile wallet users in Bitcoin, Dash, Monero, and Zcash , 2019, Pervasive Mob. Comput..

[6]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[7]  Tom Ritter,et al.  Gossiping in CT , 2018 .

[8]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[9]  Usman W. Chohan The Double Spending Problem and Cryptocurrencies , 2017 .

[10]  Aggelos Kiayias,et al.  Non-Interactive Proofs of Proof-of-Work , 2020, IACR Cryptol. ePrint Arch..

[11]  Arthur Gervais,et al.  Ethereum Eclipse Attacks , 2016 .

[12]  Laurent Vanbever,et al.  SABRE: Protecting Bitcoin against Routing Attacks , 2018, NDSS.

[13]  Christian Decker,et al.  Information propagation in the Bitcoin network , 2013, IEEE P2P 2013 Proceedings.

[14]  Loi Luu,et al.  FlyClient: Super-Light Clients for Cryptocurrencies , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[15]  Vitaly Shmatikov,et al.  The Hitchhiker's Guide to DNS Cache Poisoning , 2010, SecureComm.

[16]  Adrian Perrig,et al.  Efficient gossip protocols for verifying the consistency of Certificate logs , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[17]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[18]  Ethan Heilman,et al.  Low-Resource Eclipse Attacks on Ethereum's Peer-to-Peer Network , 2020, IACR Cryptol. ePrint Arch..

[19]  Pawel Szalachowski,et al.  (Short Paper) Towards More Reliable Bitcoin Timestamps , 2018, 2018 Crypto Valley Conference on Blockchain Technology (CVCBT).

[20]  Angelique Faye Loe,et al.  You Shall Not Join: A Measurement Study of Cryptocurrency Peer-to-Peer Bootstrapping Techniques , 2019, CCS.

[21]  Christian Decker,et al.  A Fast and Scalable Payment Network with Bitcoin Duplex Micropayment Channels , 2015, SSS.

[22]  Pawel Szalachowski Towards More Reliable Bitcoin Timestamps , 2018, ArXiv.

[23]  Yonggang Wen,et al.  A Survey on Consensus Mechanisms and Mining Management in Blockchain Networks , 2018, ArXiv.

[24]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[25]  Vitalik Buterin,et al.  Fraud and Data Availability Proofs: Maximising Light Client Security and Scaling Blockchains with Dishonest Majorities. , 2018, 1809.09044.

[26]  Arno Fiedler,et al.  Certificate transparency , 2014, Commun. ACM.

[27]  Pawel Szalachowski,et al.  The Security Reference Architecture for Blockchains: Toward a Standardized Model for Studying Vulnerabilities, Threats, and Defenses , 2019, IEEE Communications Surveys & Tutorials.

[28]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[29]  Srinivas Devadas,et al.  Catena: Efficient Non-equivocation via Bitcoin , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[30]  Vitalik Buterin,et al.  Fraud Proofs: Maximising Light Client Security and Scaling Blockchains with Dishonest Majorities , 2018, ArXiv.