Some observers are concerned about new security holes on the Ethereum blockchain which now operates on a “proof of stake” system. BFM Crypto takes stock.
While there have already been many attacks on Ethereum’s smart contracts before The Merge (transition from “proof of work” (PoW) to “proof of stake” (PoS) last week), the blockchain had remained intact so far. But Ethereum’s new way of working could change the rules of the game, making the blockchain more vulnerable.
In fact, new problems are starting to arrive on smart contracts that revolve around Ethereum. To simplify, if we take the example of a computer, Ethereum would be the operating system and smart contracts the software that revolves around it.
This Sunday there was an attack on a bridge that made the connection between Ethereum 2.0 (then passed in “proof of stake”) and a blockchain deriving from a hard fork of Ethereum, Ethereum PoW. In fact, by refusing to switch to PoS, some miners have decided to launch Ethereum Pow (and its ETHW token) to keep the old blockchain protocol in PoW.
However, thanks to the gateways this creates, the hackers were able to duplicate their transactions on both environments at the same time: the new and the old. BlockSec, a company specializing in blockchain security, alerted the attack by identifying an error in the smart contract of the “Omni Bridge” that connects the two blockchains. As a reminder, each network has a chain identifier called ChainId which is specific so that the nodes in the network can communicate with the correct network.
“Most of the attacks come from bridges”
“Normally, the bridge allows the passage of assets between PoW and PoS, and there the bridge does not take into account the chain identifier. As soon as there is a fork, there is always the risk of a” replay “attack ( an attack that consists in repeating or “reproducing” a data transmission from a network from a pirate, ed), we must be careful not to use too many bridges because most of the attacks come from them., on the whole, we will need of an intermediary such as bridges to switch from one chain to another, otherwise we have to go through centralized platforms, “Abdelhamid Bakhta, former Ethereum Core Dev and Ecosystem Lead at StarkWare, explains to BFM Crypto.
Between the lines, what we understand is that other attacks could take place on bridges linking Ethereum to blockchain hard forks. If there was already an old fork of the blockchain, called Ethereum Classic, others are starting to emerge from The Merge, such as Ethereum Fair.
But the attacks could also take place through other prisms. Long before The Merge’s transition, some observers had indicated impending governance problems on the network. In fact, almost 2 thirds of the ethers (63%) are “staker” through some centralized platforms (according to the calculations of the Nansen cryptographic data analysis platform), in particular the Lido protocol which concentrates 32% of the ethers, Kraken (8, 5%), Coinbase (7.2%) or Binance (6.7%).
“The risk is that centralized platforms will submit to regulation and allow censorship,” said Abdelhamid Bakhta. In late August, Coinbase chief Brian Armstrong said on Twitter that its platform would rather suspend staking than comply with state censorship requirements.
“With the move to PoS, we have moved to a bit more centralized control of the chain. This affects the potential resistance to censorship, which is lower,” explains Gilles Cadignan, founder of the cybersecurity start-up. Woleet is known within the ecosystem for its maximalist Bitcoin stance.
Taking stock of such an issue, the Ethereum developers hope that the staking activity will gradually decentralize. In fact, in the coming months (the date is not yet known), it will be possible for users to withdraw their share to deposit it elsewhere. If users can become “lonely” validators (meaning they have more than 32 ether in their wallet), they could also go through so-called decentralized staking solutions, such as Rocket Pool.
The question of time
Another dimension to consider is that of the issue of time for validators. Recall that the transition from PoW to PoS implies that there are no longer miners on the Ethereum blockchain, but validators (which are now more than 430,000) to secure the network by validating transactions thanks to a deposit system (“stake”) of 32 ethers in a common vessel.
“The PoS blockchain can be attacked on the question of time”, warns Abdelhamid Bakhta. In fact, in PoS on Ethereum, extreme synchronization between validators is required as the PoS is timed based on time, with a block issued every 12 seconds. But today, a computer uses so-called NTP servers to synchronize its clock.
“An attacker could pretend to be a legitimate NTP server, thus becoming a gateway for attacks,” worries the former Ethereum Core Dev.
Typically, an attacker could take control of a clock, which would penalize the validator who has to validate the transaction. To cope with this potential threat, roads are now being studied, such as using other solutions to no longer depend on NTP servers – such as radio, GPS or even so-called BFT Clocks, which would be distributed as if the servers were decentralized. .
Another potential attack expected, those on “layer 2” which are additional layers on the Ethereum blockchain aimed at solving blockchain scalability problems.
“We must ensure that it does not introduce new attacks: for example, the solutions that will allow you to move from a layer 1 to 2, can lead to new attacks”, warns the latter.
“Security doesn’t like complexity”
In general, there is a principle that all blockchain developers agree on: the more complexity a system has, the more vulnerable it can be.
“I’m not sure if the switch to PoS can be said to create security problems, but because PoS is more complex to implement than PoW, there is more chance that there is a problem,” points out Gilles Cadignan.
For example, the Ethereum developers have launched a “punishment” function for validators who are not online when called, called slashing. “These are complex new rules that can pose new potential problems,” the latter believes.
For him, the more attack surfaces there are, the more ways there are to exploit them. “It’s also okay because the network will test its resilience. There are attacks that have already been anticipated but it is impossible to anticipate all scenarios, I think there will be new ways to abuse the protocol, ”he adds.
“Security doesn’t like complexity. PoS has added many lines of code for this new type of consent, so less security. Less security means, for example, we can find a way to attack Ethereum nodes to stop everything is a real risk. even if low ”, he concludes.