The developer named the potential vector …

The developer named the potential vector …

The developer named a potential attack vector on Ethereum 2.0 from the “whales”

Jelurida co-founder and lead developer of Ardor and Nxt blockchains, Lior Yaffe, has discovered an alleged vulnerability in Ethereum 2.0. The code is currently being tested on the Medalla network and other testnets in order to identify possible problems.

Yaffe is considering a situation in which the participation of nodes in the network will be relatively low, and some “whales” will secretly control several accounts. Since the minimum participation requirement is currently 66%, the sudden release of such a “whale” can lead to a drop below the established limit and related problems.

“Let’s assume that 10% of ETH is staked and the participation rate is 75% (largely consistent with the current testnet situation). In this scenario, a 9% drop in the participation rate would cause the chain to stop, with only 0.9% of ETH in circulation needed to be controlled, he said in an interview with Decrypt. – To stop the network out of malicious intent, it is enough to maintain the difference between the current level of participation and 66% “.

A user cannot stake more than 32 ETH with a single node, but nothing prevents a hypothetical whale from launching multiple nodes. Yaffe claims this has already become a common practice on the testnet..

“Entities that currently hold more than 0.16% ETH, including Binance, Coinbase and Vitalik, have the right to shut down the network at their discretion,” he added..

The developer named the potential vector ...

Etherscan CEO Matthew Tan admitted that there is such a problem: “I have not made calculations to confirm these claims, but if the participation falls below 66%, the chain will become unstable and there will be problems with completeness, as we saw in the example of the incident on the network. Medalla “.

However, developer Raul Jordan expects the mainnet to have “more than 16,384 validators and about 25,000 at launch, so the amount required to launch an attack will be higher.” According to him, the participation rate will be about 99%, which means that an attacker will need to take possession of 33% of the total share of 25,000 validators. As a result, to carry out the attack, it will take about $ 100 million, and large losses will be incurred not only by the network participants, but also by the organizer himself..

“The organizer of the attack must be ready to burn a lot of money and use funds to limit completeness to half. It’s not in his best interest, unless he wants to lose a lot of money, ”added Jordan..

The developer named the potential vector ...
The developer named the potential vector ...

Similar articles

admin