原文标题: DoS on Blockchains: A P2P Layer’s View
原文作者:Jaehyun Ha
Original source: https://www.prestolabs.io/research
编译:火星财经,Daisy
content
- introduce
- Learn about the P2P layer in blockchain
- Why is P2P layer security important in blockchain?
- What types of DoS attacks exist?
- Conclusion: Are DoS attacks targeting the P2P layer a real threat?
wraparound
- The P2P layer of the blockchain plays a vital role in maintaining highly reliable connectivity in a distributed network, fulfilling its function by establishing rules for connectivity and communication between nodes. Key features of the P2P layer include node discovery, node connectivity, and data propagation.
- Compared to threats such as smart contract vulnerabilities or consensus mechanism failures, the security of the P2P layer is often unknown and easily overlooked. However, if the P2P layer is breached, serious attacks like double spending and selfish mining can be carried out with fewer resources.
- Attack tactics such as the "Eclipse Attack" and the "Errepos Attack" have been proposed through academic research to improve the protection measures of the P2P layer of the blockchain, especially against DoS attacks. Despite a lot of security research on mainstream blockchains such as Bitcoin and Ethereum, smaller emerging blockchains often lack effective safeguards, resulting in actual damage. Therefore, the security of the P2P layer needs to attract more attention.
1. Introduction
As blockchain technology continues to evolve, so do the security threats to its ecosystem. While security issues such as wallet hacks and smart contract vulnerabilities are often top of mind, a more insidious threat is also a concern: denial of service (DoS) on blockchain networks. For those who have been paying close attention to the blockchain industry in recent times, it is clear that these types of threats can cause serious and prolonged network outages (or security issues) that can disrupt the entire system.
A typical DoS attack occurs when a system, server, or network is overwhelmed by excessive traffic or resource requests, preventing it from handling legitimate user interactions and operating effectively. At this point, one might ask, "Aren't blockchain networks designed to solve single point of failure (SPOF) problems, like distributed systems?" "Unlike traditional client-server models, where network outages are inevitable if a centralized server fails, peer-to-peer (P2P) networks like blockchain follow the principle that each participant acts as both a server and a client. If one peer fails, simply synchronize with the network from the other peer. So how can such a decentralized system still be vulnerable to DoS attacks?
While decentralization provides resilience, it does not make the network immune to all types of DoS vulnerabilities, especially those that stem from network congestion and resource exhaustion. As blockchain systems evolve to become more decentralized and include a variety of components to meet a variety of needs, a paradox emerges: the complexity of enhanced functionality also introduces more points of failure (i.e., attack vectors). Today, DoS attacks in the blockchain ecosystem target a wide range of people, including crypto wallets, centralized exchanges (CEXs), mempools, mining pools, payment channels, smart contracts, and even consensus participants.
In this report, we will focus specifically on DoS attacks against blockchain consensus participants from a P2P layer perspective. After Section 2 covers the basics of the P2P layer in blockchains, Section 3 will explain why the security of the P2P layer is critical. Then, in section 4, we'll talk about the various types of DoS attacks that are developed against the P2P layer, and finally, in section 5, we'll talk about how tangible these threats actually are.
2. Understand the P2P layer in the blockchain
Blockchain systems need to maintain highly reliable network connections between distributed nodes, even in the face of major cyberattacks or failures. Here, the P2P layer plays a vital role in supporting this, establishing the rules for connectivity and communication between nodes, ensuring that the system remains stable and resilient. The P2P layer performs a variety of tasks, but here we'll focus on its three key properties: node discovery, node connectivity, and data propagation.
Node discovery
If Bob has just joined a permissionless blockchain network, the first thing he needs to do is find a new friend (i.e., a peer) to connect and sync. However, since Bob is in a new environment, he should be careful not to become friends with malicious nodes, so he must first connect to some well-known or predefined nodes to understand the legitimate peers in the network.
In Bitcoin, node discovery begins with use, and these predefined servers provide a list of active nodes for new clients joining the network. When a Bitcoin node is launched, it first queries these DNS seeds, which return the IP addresses of a set of known nodes. This initial peer list is stored in each node's peer database, called the "peer table", and allows new nodes, such as Bob, to choose and establish the most between them. Once connected, Bob can start participating in the network (i.e., downloading the blockchain, validating blocks, and transactions).
Bitcoin's node discovery protocol helps Bob maintain and update peer tables by propagating peer addresses on the network and allows him to establish new outgoing connections when existing connections terminate. In addition, Bob's IP address is propagated throughout the network, allowing up to 114 inbound connections from other nodes. As a result, Bob can establish up to 125 peering connections in total, thanks to the node discovery protocol. (*10 outgoing connections + 114 inbound connections = 124 connections, why 125 in total?) For those curious about this, check it out)
Figure 1: Bitcoin's node discovery protocol
(来源:Presto Research)
Ethereum uses a Kademlia DHT-based protocol with a more structured approach to node discovery. Similar to Bitcoin, when a new Ethereum node joins, it uses the startup node to start discovering other nodes. From there, it queries those nodes, learns about other nodes in the network, and populates their routing tables accordingly. In Ethereum's network, each node has a unique node ID, which is derived from its public key and mapped into a large 256-bit space. Node discovery in Ethereum relies on this ID space, where nodes maintain a routing table populated with other nodes that are "close" (i.e., XOR distance) on their IDs.
Node connections
Now that Bob has found friends, he now needs to decide if he wants to maintain those friendships. He may reconsider whether to continue his friendship with friends who misbehave, or decide to part ways with some old friends to make room for new ones.
In Bitcoin, when a node detects harmful behavior, such as sending an invalid block, sending redundant data to the network, or violating consensus rules, it assigns a penalty score to the offending peer. Points are assigned based on the severity of the misconduct and, depending on the degree of the violation, are available. If the score exceeds a predefined threshold (i.e., 100), the node automatically bans the peer, preventing any further communication with it for a certain period of time (i.e., 24 hours). During this ban, the node rejects connections and messages from the offending peer.
The node connection protocol also comes into play when a new inbound connection is attempted to a node that is full of connection slots. In this case, Bitcoin runs its peer-to-peer eviction mechanism - each node evicts the lowest-priority connection based on a few rules (i.e., the most recently sent transaction and block) to make room for new connections. Ethereum does not currently deploy a peer-to-peer eviction mechanism in its client implementation.
Figure 2: Node connection management for Bitcoin
(来源:Presto Research)
Data dissemination
With reliable network connectivity through node discovery and node connection protocols, it's time to propagate data (i.e., blocks and transactions) across the network. However, this process also requires a well-designed protocol. If, in a simple way, each node in a blockchain network broadcasts a new block or transaction to all connected peers as soon as it is received, the network will be flooded with redundant copies of the same transaction. Peers will receive the same transaction multiple times from different nodes, which can lead to significant network congestion and resource exhaustion.
It's not over yet. This approach can also threaten transaction privacy. While block explorers allow us to see which addresses are sending assets to others and how much, real-world identities (like IP addresses) remain hidden (they should be). However, if a transaction is propagated to all peers at once without any delay, an attacker equipped with many nodes may deduce who created and broadcast a particular transaction first. Since the node knows the IP address of the peer to which it is connected, this can compromise transaction privacy.
For these reasons, each blockchain network implements its own protocol for data propagation, known as the transaction diffusion process. , each node broadcasts data to its peers with an independent random delay (they have something new: INV messages). For inbound connections, nodes generate an average random delay of 5 seconds, while for outgoing connections, the latency averages 2 seconds. , the node broadcasts the newly learned transaction to a subset of its neighbor peers (sqrt(n)) without delay and sends the transaction hash to the remaining nodes.
Figure 3: Data propagation in Bitcoin and Ethereum
(来源:Presto Research)
Its difference from the consensus layer
Speaking of which, some people might be thinking, "Well, the P2P layer in the blockchain handles the communication between nodes. But the consensus layer also seems to involve a lot of communication between nodes to reach an agreement. So, what is the difference between the two? ”
To use a simple analogy to understand the difference between the two, imagine a group of friends trying to decide which movie to watch together. The P2P layer is like the method they use to communicate. Maybe they're chatting in the same room, or they're using a group chat or video call. This layer ensures that everyone can send and receive messages so that the group can hear each other's movie suggestions and responses. It deals with how information is passed from one person to another, ensuring that everyone stays connected.
The consensus layer, on the other hand, is like the decision-making process they follow to agree on a movie. Let's say they all have to vote on the options, and the film with the most votes wins. This layer ensures that all of them make a decision and avoid confusion, as if two different groups were watching different movies at the same time. It's the system or rule they use to ensure that everyone ends up agreeing on the same outcome.
In simple terms, the P2P layer is the connection (communication) between nodes, while the consensus layer is about agreeing on decisions (decision rules). Both are as crucial for the group to decide a movie as they are for the proper functioning of the blockchain.
Figure 4: The difference between a P2P layer and a consensus layer
(来源:Presto Research)
3. Why is P2P layer security important in blockchains?
Now the next question is, why do we have to understand these details of the P2P layer, and why is it important to secure it in the blockchain? Let's quickly recap what was discussed in the previous section: node discovery finds legitimate nodes to connect to and synchronize, node connections maintain healthy connections, and the data propagation process broadcasts transactions throughout the network. What if all of them don't work properly (or are attacked)?
Figure 5: What happens if the P2P layer doesn't work properly?
(来源:Presto Research)
If a node finds that it is not working properly, a new node like Bob may experience issues during the boot process and is more likely to connect to a malicious or faulty node. If a node connection fails, the malicious connection cannot be terminated, causing Bob to be overwhelmed by elaborate blocks and transactions. Finally, if data propagation is interrupted, it can lead to poor synchronization across the network, increasing the risk of forks or preventing nodes from synchronizing with legitimate blocks and transactions.
Overall, if the P2P layer doesn't function properly, it results in a single (or group) network participant being isolated (siloed) from the rest of the legitimate network. The victim's connection will be monopolized by the faulty connection, misinformation will keep flowing into them, and they will have less chance of realigning with the canonical chain due to weak synchronicity (denial of service).
The real danger of this split state is that the victims of the split are more vulnerable to additional attacks, such as double-spend attacks. Double-spending attacks were initially thought to be attacks that only attackers with large amounts of resources could carry out, as was the case with 51% attacks.
For example, in the case of a 51% attack, an attacker could first make a legitimate transaction with the merchant (i.e., the victim) and then secretly construct an alternate chain where the transaction does not exist. Once the attacker's alternate chain overtakes the old chain and becomes the canonical chain (because it has the majority of mining/voting power), they broadcast it to the network, causing the network to accept its new version as a valid chain. Previous transactions on the original chain then become invalid, meaning that the attacker regains control of the coins that have been used, allowing for "double-spending". This attack is indeed very powerful, but it is considered an unrealistic theoretical attack because it is not economically feasible for an attacker to control the majority of mining power or voting power for the current mainstream PoW and PoS chains.
However, if the victim merchant is isolated from the rest of the network, a double-spender attack becomes much easier, even without many resources. Since the victim only connects to the attacker's node, they have no choice but to accept the transactions and blocks offered by the attacker as legitimate transactions. This allows the attacker to use their assets twice – once for the victim and once for other parts of the network – without the victim realizing that the assets have been spent. Believing that the elaborate transaction is valid, the victim hands over the goods and receives payment. However, once the quarantine is lifted and legitimate transactions and blocks from the external network are resumed, transactions with the victim become invalid, while transactions sent to the rest of the network remain valid, resulting in financial losses to the victim (Figure 6).
Figure 6: Network partitioning leads to additional vulnerabilities (e.g., double spending)
(来源:Presto Research)
4. What types of DoS attacks exist?
In the previous section, we explained how DoS, or network partitioning, in the P2P layer can be dangerous because it enables attacks such as double-spending without the need for large resources, such as those required for a 51% attack. In practice, however, isolating the victim from the network is not an easy task: if suspicious connection attempts are detected (e.g., 1K connection attempts from a similar IP), the victim can also manually block these malicious connections. Therefore, in this section, we will explore the efforts made by academia to implement network partitioning in a more covert, feasible, and sustainable way.
Lack of connection attacks
DoS attacks at the P2P layer are often referred to as connection hunger attacks. As described in the previous section (Figure 6), this attack effectively isolates one or a group of victim nodes from the rest of the network by occupying all available connection slots.
The concept of a connection-starving attack against the P2P layer of a blockchain network was first developed by Eclipse Attack (E. Heilman et al., USENIX' 15). The core idea of this attack is simple: the attacker deploys a botnet (i.e., a network of infected computers controlled by the attacker) and sends a large number of connection attempts to the victim Bitcoin nodes with different IPs, thus occupying all of the victim's connection slots and preventing other legitimate Bitcoin peers from making new connections to the victim node. Unless an attacker unleashes a self-imposed partition attack, the victim node will not be able to communicate with the rest of the P2P network and remain isolated. Not only are victims vulnerable to double-spending attacks, but they can also be subject to transaction censorship: their transactions may be censored and discarded by surrounding adversaries.
Figure 7: Connecting Hunger Attacks
(来源:Presto Research)
In an Erebus attack (M. Tran et al., S&P' 20), a malicious autonomous system (AS) (possibly a primary or secondary Internet service provider) took control of the peer table of the victim nodes, whose IP addresses were controlled by the attacker. As a result, any connections initiated by the victim to these IPs will be routed through the attacker's AS, giving them the advantage of acting as a man-in-the-middle attacker. When all of the target's peering connections are routed through the attacker's AS, the target is isolated. The novelty of this attack lies in its stealth nature: due to the extremely low payload transfer rate (520 bit/s) and the absence of route manipulation in either the data plane or the control plane, the Erebus attack is seen as a stealthy attack that is difficult to detect. Original research suggests that victim nodes may be quarantined within 5-6 weeks of the attack.
SyncAttack(M. Saad et al., CCS'21) exploited Bitcoin's permissionless nature to divide the entire Bitcoin network into two separate groups. The attacker does this by taking control of the inbound connections of all reachable nodes that currently exist in the Bitcoin P2P network while flooding the Bitcoin DNS seed with the IP of the adversary. As a result, newly joined nodes are forced to connect only to hostile nodes. As a result, the Bitcoin P2P network is divided into two distinct groups: pre-existing node groups and newly entered node groups.
5. Conclusion: Are DoS attacks targeting the P2P layer a real threat?
So far, we've explored the role of the P2P layer in blockchain networks, why its security is so important, and the research currently being done in academia in this area. Those who have been following this article from the beginning may be thinking, "Now I understand that the P2P layer plays an important role in the blockchain, and that DoS attacks at this layer can cause serious damage to the victims." But why haven't I heard about DoS attacks at the P2P layer in the news? Is this really possible? ”
There is a lot of truth to this point. DoS attacks against the P2P layer do occur less frequently and are less well known than other types of attacks against blockchain systems. In addition, the above attacks often assume that the attacker is fairly powerful (e.g., botnets, ISPs as attackers). This is also because these starvation attacks typically target a small group of nodes rather than the entire network, so these incidents are less visible than other attack scenarios where the entire network is down.
However, DoS attacks against the P2P layer of the blockchain do exist in real life. In 2020, the attackers used about 130 IP addresses, causing transactions to be delayed by several minutes for multiple users. Published at NDSS '23, it is shown that it is possible to launch a DoS attack on an Ethereum client even without needing to invalidate all peering connections to the target. The Ethereum Foundation acknowledged the vulnerability and released a patch in Geth 1.11.0. This shows that connection hunger attacks at the P2P layer are still a significant threat affecting today's blockchain networks, large and small.
Although blockchain systems are designed to be decentralized, by 2024, practical challenges have led to the emergence of priority entities in these networks. If these entities become the target of a P2P-layer DoS attack that compromises a specific node, the impact could go far beyond a few minutes of transaction disruption or a minor financial loss – it could put the entire system at risk. This makes it crucial to continue to research mitigation strategies for P2P-layer DoS attacks, and the public should be more aware of the importance of addressing this issue.