Some observers are concerned about new security flaws in the Ethereum blockchain, which now operates on a “proof of stake” system. BFM Crypto takes stock.
If there have already been many attacks on Ethereum smart contracts before The Merge (change from “proof of work” (PoW) to “proof of stake” (PoS) that took place last week), the blockchain had kept intact until now. But Ethereum’s new way of working could be a game changer, making the blockchain more vulnerable.
In fact, new problems are starting to emerge in smart contracts revolving around Ethereum. For simplicity, if we take the example of a computer, Ethereum would be the operating system and smart contracts the software that revolves around it.
This Sunday there was an attack on a bridge that served as a link between Ethereum 2.0 (because of what happened in “proof of participation”) and a chain of blocks resulting from a hard fork of Ethereum, Ethereum PoW. In fact, refusing to switch to PoS, some miners decided to launch Ethereum Pow (and its ETHW token) to keep the old blockchain protocol in PoW.
However, thanks to the gateways this creates, hackers have managed to duplicate their transactions in both environments at the same time: the new and the old. BlockSec, a company specialized in blockchain security, warned about the attack by detecting a bug in the smart contract of the “Omni Bridge” that links the two blockchains. As a reminder, each network has a chain identifier called ChainId that is specific so that nodes on the network can communicate with the correct network.
“Most attacks come from bridges”
“Normally, the bridge allows to pass assets between PoW and PoS, and there the bridge did not take into account the identifier of the chain. As soon as there is a fork, there is always the risk of “replay” attack (an attack consisting of to reiterate or “replay” a data transmission over a network by a hacker, editor’s note), care must be taken not to use too many bridges because most attacks come from them. In general, we are going to need an intermediary, like bridges to switch from one chain to another, otherwise we have to go through centralized platforms,” Abdelhamid Bakhta, former Ethereum Core Dev and Ecosystem Lead at StarkWare, explains to BFM Crypto.
Between the lines, what we understand is that other attacks could take place on the bridges that connect Ethereum to the hard forks of the blockchain. If there was already an old fork of the blockchain, called Ethereum Classic, others are beginning to emerge from The Merge, such as Ethereum Fair.
But the attacks could also take place through other prisms. Long before The Merge transition, some observers had pointed to upcoming governance issues on the network. In fact, almost 2 thirds of the ethers (63%) are “staken” through some centralized platforms (according to calculations by the Nansen crypto data analysis platform), in particular the Lido protocol that concentrates 32% of the ethers , Kraken (8.5%), Coinbase (7.2%) or Binance (6.7%).
“The risk that hangs around is that centralized platforms submit to regulation and allow censorship,” said Abdelhamid Bakhta. In late August, Coinbase boss Brian Armstrong said on Twitter that their platform would rather suspend engagement activities than comply with state censorship requirements.
“With the switch to PoS, we have moved to a slightly more centralized control of the chain. This affects the potential resistance to censorship, which is lower,” explains Gilles Cadignan, founder of the cybersecurity startup Woleet and known within the net. ecosystem for his position as a Bitcoin maximalist.
Taking stock of such a problem, Ethereum developers hope that staking activity will gradually decentralize. In fact, in the coming months (the date is not yet known), it will be possible for users to withdraw their participation to deposit it elsewhere. If users can become validators “alone” (meaning they have more than 32 ethers in their wallet), they could also go through so-called decentralized staking solutions, such as Rocket Pool.
the question of time
Another dimension to consider is the issue of time for validators. As a reminder, the transition from PoW to PoS means that there are no longer miners on the Ethereum blockchain, but validators (now over 430,000) to secure the network by validating transactions thanks to a deposit system ( “participation”) of 32 ethers in a common pot.
“Blockchain in PoS can be attacked around the question of time,” warns Abdelhamid Bakhta. In fact, in PoS on Ethereum, extreme synchronization between validators is required, as PoS is clocked by time, with a block issued every 12 seconds. But today, to synchronize its clock, a computer uses so-called NTP servers.
“An attacker could impersonate a legitimate NTP server, thus becoming a gateway for attacks,” the former Ethereum Core Dev worries.
Typically, an attacker could take control of a clock, which would penalize the validator that is supposed to validate the transaction. To deal with this potential threat, ways are now being studied, such as using other solutions to no longer depend on NTP servers, such as radios, GPS or even so-called BFT Clocks, which would be distributed as if the servers were decentralized.
Another potential attack anticipated, those at “layer 2”, which are additional layers in the Ethereum blockchain intended to solve the scalability issues of the blockchain.
“We must be careful not to introduce new attacks: for example, the solutions that will allow us to go from layer 1 to layer 2 can give rise to new attacks,” warns the latter.
“Security doesn’t like complexity”
Generally speaking, there is one principle that all blockchain developers agree on: the more complex a system is, the more vulnerable it can be.
“I’m not sure if we can say that the move to PoS creates security issues, but since PoS is more complex to implement than PoW, there is more chance of a problem,” says Gilles Cadignan.
For example, the Ethereum developers have released a ‘punishment’ feature for validators who are not online when prompted, called slashing. “These are new complex rules that can pose new potential problems,” considers the latter.
For him, the more attack surfaces there are, the more ways there are to take advantage of them. “It’s also good because the network will test its resilience. There are attacks that have already been anticipated but it is impossible to anticipate all the scenarios, I think there will be new ways to abuse the protocol”, he adds.
“Security doesn’t like complexity. PoS has added a lot of lines of code for this new type of consensus, so there’s less security. Less security means, for example, that we can find a way to attack Ethereum nodes to stopping everything is a real risk, even if it is low”, he concludes.