undefined | Better HN

0 pointsbhaak4y ago0 comments

What you describe is indeed a viable threat in certain conditions.

It's called "Eclipse Attack". But it's a threat for single nodes not for the network as a whole.

0 comments

> But it's a threat for single nodes not for the network as a whole.

Indeed, but the same is true for attacks on "weak subjectivity" proof-of-stake. They're only a threat for nodes that have been disconnected for a long time (months) before they try to reconnect.

yanmaani4y ago

Except for the part where eclipse attacks can be resolved by simply feeding my node more data (it's not a problem if some of it is lies), while "weak subjectivity" requires recourse to an external authority.

bshanks4y ago

i don't know as much about this as you, but it seems to me that the attack you describe in the blog post would also require a successful eclipse attack?

My understanding is that the attack you describe involves a cabal of "evil" validators signing some alternate chain (call it the "fake" chain) long after their stake is withdrawn, creating a fork in the distant past. Before they did this, they pretended to be good validators, which meant they signed the "real" chain's blocks and then signed the withdraw transaction. So after the attack, there are two conflicting sets of signatures signed using the evil cabal's private keys; those on the fake chain, and those on the real chain. So anyone in possession of both of these sets of signatures can conclude that the validators in the cabal are "evil", and then they can see that once the cabal's support is removed from consideration, the real chain had more valid validator support (at the time of the fork, in the distant past). If this line of reasoning is correct, that suggests that anyone who is aware of both sets of signatures can identify the real chain?

1 more reply

j / k navigate · click thread line to collapse