Try   HackMD

Attack mitigation

To mitigate entire class of attacks exemplefied by Bonnie, simple fix:

  1. Relay does not deliver payload until it directly witnesses x% of attestations for its signed header
  • In eclipse scenario, attacker ends up waiting forever
  • In practice, proposer is incentivized to help deliver attestations to Relay, because it will speed up delivery of payload

Paper structure:

  1. Explain the above
  2. Show how it can be extended to fit ePBS

Distributed Erasure Coding Approach

upon receiving signed header, the relay (or whatever):

  1. Immediately broadcast block in 32 (= num attestors) chunks, which are
    1. Wrapped in erasure codes, allowing reconstruction of full block with 0 < n <= 32 chunks
    2. Chunks + codes are encrypted with corresponding pubkey of attestor n

Advantages:

  • does not require round-trip, request-response, survey-response
    • Can be emitted closer to slot boundary
  • defeats bonnie attack

General statement:

The problem is that ETH 2 is a commit/reveal protocol, with attestation. A proposer commits to a block, the committee attests to that commitment, and then the block is revealed to all.

There is a class of attacks (including Bonnie) that attacks the order in which these steps take place. In particular, they make revelation happen before attestation. [ For example, in Bonnie ]

The general solution to this class of attacks is to combine attestation and revelation into a single atomic operation. This way, there is no ordering to attack. In $DANBAND2 this is achieved through reliance on distributed erasure coding. The act of attestion is defined as the decryption of the CHUNK message delivered to the attestor over pub sub. The act of revelation is defined to be the publishing of a chunk, with its erasure codings, over pubsub. Clearly, one cannot publish a decrypted message without first decrypting it, thus proving that the ordering is atomic.

Misc. notes

Goldfish 4 proposes a view-merge operation that sounds suspiciously like a set union operation. There's a relationship with our idea involving erasure codings that we should flesh out.

Last changed by 
Louis Thibault
0
99

Read more

Wetware Cluster Membership

Mar 29, 2024
[ ]

[ ]

Nov 14, 2023
WASM-Based Precompiles for SUAVE

This memo is intended to summarize preliminary work on supporting WebAssmebly-based pre-compiled contracts in Flashbots’ SUAVE implementation. Two separate features have been undertaken:

Oct 4, 2023
Wetware

Decentralized Cloud architecture for Web3.

Sep 8, 2023
Read more from Louis Thibault
Published on HackMD