# EPF Cohort 5 - Week 18 Date: 14/10/2024 ### Updates 1. GossipSub score function modelling is of no use to us for two reasons - P1 to P4 are mesh based metrics and hence not directly relatable to rated list scoring or even the nature of simulation we are doing. P6 offers sybil resistance scores but is based on network characteristics(IP address) that the rated list doesn't care about. P7 is the only score category that can be loosely compared to the rated list scoring. - All scores are updated every second in GossipSub. The rated list works over slots. 2. The rated list however could be attached to GossipSub P5 score (Application specific scoring). This would enable memory for the scores (lasting more than a slot). If the sample distribution is done over gossipsub then the overall score would provide a good measure for both phases of DAS: distribution and sampling. 3. We finally started on the writing attacks (see below). We have written a few of them and have ideas for more. The initial tests are little off-putting IMO. 5. Closed [this](https://github.com/status-im/nimbus-eth2/pull/6598) without merging the fixes. The reason is detailed in the PR itself. 6. Applying a few changes for the reviews provides for [this](https://github.com/status-im/nimbus-eth1/pull/2704) PR. ### Poisoning Attacks Poisoning attacks are just sybil attacks where the adversary witholds the sample it custodies. Testing this attack against the rated list gives us a good idea about its robustness. We ran the attack at incrementing levels of poisoning, starting from 30% of the network being poisoned up until 90%. The logs attached below, present the performance of the rated list. Here, a positive outcome is for a malicious node to be evicted. Therefore, 1. True Positive is where a malicious nodes was rightly evicted (correctly marking positive). 2. False Positives is where a honest nodes was evicted (incorrectly marking positive). 3. True Negative is where a honest node was rightly NOT evicted (correctly not marking positive) 4. False Negative is where a malicious node was NOT evicted (incorrectly not marking positive) ``` Sybil Attack: Rate 0.3 3900 evicted nodes, 2760 false positives, 1140 true positives 6100 non evicted nodes, 4240 true negatives, 1860 false negatives Sybil Attack: Rate 0.4 3697 evicted nodes, 2212 false positives, 1485 true positives 6303 non evicted nodes, 3788 true negatives, 2515 false negatives Sybil Attack: Rate 0.5 4287 evicted nodes, 2171 false positives, 2116 true positives 5713 non evicted nodes, 2829 true negatives, 2884 false negatives Sybil Attack: Rate 0.6 2978 evicted nodes, 1220 false positives, 1758 true positives 7022 non evicted nodes, 2780 true negatives, 4242 false negatives Sybil Attack: Rate 0.7 1739 evicted nodes, 519 false positives, 1220 true positives 8261 non evicted nodes, 2481 true negatives, 5780 false negatives Sybil Attack: Rate 0.8 1958 evicted nodes, 424 false positives, 1534 true positives 8042 non evicted nodes, 1576 true negatives, 6466 false negatives Sybil Attack: Rate 0.9 1540 evicted nodes, 154 false positives, 1386 true positives 8460 non evicted nodes, 846 true negatives, 7614 false negatives ``` If observed closely, the false positive rate is higher when the poisoning rate is lower, which is counter-intuitive. There are various theories as to why this might be the case. Maybe the false positive rate goes down because there are less number of honest nodes to kick out to begin with (or the other way around). Secondly, the number of evicted nodes drops as the number of poisoned nodes increases. Again counter-intuitive. This might be due to the rated list node just trying to find "better of evils". The rated list is still far better than any traditional method in place today as it evicts trees and not individual nodes. I expect the counter-intuitive results to be a bug in the simulator but that can only be ascertained after checking everything again. ### Next Steps 1. The poisoning attack can have another metric, successful sampling. Which is really what we care for at the end of the day. For this we need to tune the querying mechanism a little. 2. Fix the eclipse attack and balancing attack. 3. Write the test case for the issue discussed in last week's update. And if it is really an edge case we need to update the scoring mechanism.