Vitalik Buterin: Ethereum (ETH) 2.0 against attackers

Thu 22 Jul 2021 ▪ 21h41 ▪ 8 min read — by Clément Cauffet

The Ethereum 2.0 update is on everyone’s mind as the Ethereum Community Conference (ETHCC) is in full swing in the 5th arrondissement of Paris. Vitalik Buterin, co-founder of the Ethereum blockchain, posted a document on Twitter aiming to address concerns around the security of Ethereum. Let’s get down to brass tacks!

Vitalik Buterin Eth2

The postulate

Decentralised finance, or DeFi, is an essential branch of the blockchain ecosystem. These protocols enable handling financial assets so as to generate competitive interest rates. This tempting profitability inevitably catches everyone’s eye… including that of hackers. Indeed, DeFi protocols are a prime target for the most experienced hackers.

Recent discussions have been revolving around the possibility of cryptocurrency miners adopting a modified Ethereum client to perform a reorganisation (the word “reorg” will be used for the remainder of the document) of the Ethereum chain, with the aim to attack DeFi protocols: we speak of “reorg attacks”.

Vitalik Buterin and Georgios Konstantopoulos, researcher at Paradigm, explain how and why this type of attack will be more difficult to carry out after implementing ETH2.

How does reorg work?

The reorg mechanism intervenes in a Proof of Work blockchain, a consensus currently in place on the Ethereum blockchain that allows for two blocks to be mined simultaneously. The network is distributed over the entire planet, with no fixed time-zone; mining rigs run 24 hours a day all over the world. The consequence of this globalisation is that two blocks can be created within very short timeframes. (To dig deeper, I suggest you go read my latest article on halving which explains the mining mechanisms that validate blocks.) Also, as you may already know, a miner who successfully mines a block in a network must have it validated by their peers. In this specific case, two versions of the blockchain will exist for a brief period of time.

Résolution de deux chaînes de blocs, Source : 2miners.com
Solving two blockchains, Source: 2miners.com

These two chains will now compete in the network to be validated. The algorithm establishes that the chain with the most hash power will be selected by the network. In the example above, the bottom chain is validated by the network. The block named Orphan becomes, as its name suggests, an orphan, and all the blocks that go after it have no value.

Reorgs are characteristics foreseen in the consensus that make it possible to manage simultaneous block validations in a decentralised mining system.

However, these mechanisms present a danger: reorg attacks!

Reorg attacks

These security breaches occur when miners collaborate to remove blocks previously confirmed by the network.

The attackers’ goal is to bring in sufficient computing power, greater than 50% of the total network power, to solve blocks and add them to the blockchain faster than any other validator on the network. They then create a secret chain based on an initially chosen block and mine blocks faster than the rest of the validators. This attack is only noticed when the attackers submit their chain to the network. See for yourself:

Schéma d'une reorg attack, Source : Steemit
Reorg attack scheme, source: Steemit

When the chain of fraudulent miners is submitted to the network, for a short time there are two versions of network blocks. The reorg mechanism, explained earlier, kicks in and the honestly mined blocks become orphaned, while the secret chain becomes the official blockchain.

The goal of attackers is to profit from this kind of operation. One advantage, for example, is that they can spend funds twice: they spend them the first time, erase the transaction from the ledger with a reorg attack, and spend them the second time.

What has changed with Proof of Stake on Ethereum 2.0

The Ethereum 2.0 update changes the current Proof of Work consensus into a Proof of Stake consensus, which consumes less energy and is more flexible. This protocol is called Gasper and the rule that controls it is called LMD-GHOST. The validation of blocks is ensured by 2 different roles:

  • “Proposer”: a validator responsible for proposing a block
  • “Attesters”: a group of validators who vote for the block they consider to be honest. Their votes are called attestations and you should hold the decision-making power of the network if you control the attesters.

Every 12 seconds, a slot is released, which allows the proposer to submit a block. Then, a pseudo-random algorithm chooses, from about 1/32nd of all validators in the network, a committee of validators in which only one is the designated proposer and all the others are attesters. This notion is very important because it is the introduction of randomness into the validation of blocks that further secures the network.

Currently, the Ethereum Beacon Chain consists of ~ 196K validators; each freed space will therefore requisition pseudo-randomly 1/32 * 196K = 6125 validators approximately. Note that the validators are users of the Ethereum network who have staked at least 32 ETH each. It becomes extremely complicated for an attacker to control thousands of attesters to take over the honest attesters.

A little math to understand Ethereum 2.0

A quick calculation makes it easier to see: 196K * 32 ETH * $2000/ETH = $12.5 billion (minimum) committed to securing the network at the time of writing. The number of validators may increase further between now and the release of the ETH2.0 merge. A fun guess would also be that the Ethereum 2.0 network will be increasingly protected as the price of ETH rises. Indeed, it will be more expensive for a malicious validator to collect at least 32 ETH.

For math nerds, the probability of a malicious validator with p% stake controlling more than 50% of a commission of N validators is distributed according to a binomial distribution (with k = N/2):

Distribution binomiale
Binomial distribution

When we calculate this probability for different stake values, we get this result:

Calcul de la distribution binomiale en fontion de différentes valeur de stake, Source : paradigm.xyz
Calculation of the binomial distribution based on different stake values, Source: paradigm.xyz

From this we conclude that a malicious user wishing to carry out a reorg attack must control no less than 50% of validators on the network: which is (almost) impossible.

The document, accessible on Vitalik Buterin’s Twitter account, describes the basics of ETH2.0 network security. By selecting validators randomly among all the validators available, it then becomes extremely complicated to fool the network. Buterin is not done with blockchain technologies yet; the next milestone is the EIP 1559 launch.

Recevez un condensé de l’actualité dans le monde des cryptomonnaies en vous abonnant à notre nouveau service de newsletter quotidienne et hebdomadaire pour ne rien manquer de l’essentiel Cointribune !

Clément Cauffet avatar
Clément Cauffet

Passionné d’innovation et de projets disruptifs, les technologies Blockchain ont rapidement attiré mon attention ! Je prends plaisir à évoluer dans cet écosystème bouillonnant et à en découvrir toutes ses facettes ! Pourquoi ne pas partager cela avec vous ?


The views, thoughts, and opinions expressed in this article belong solely to the author, and should not be taken as investment advice. Do your own research before taking any investment decisions.

Ne manquez aucune actu et abonnez-vous à Cointribune sur Google Actualités !