Thursday, October 11, 2018

I'm Shocked, Shocked To Find Collusion Going On

The security of a permissionless peer-to-peer system generally depends upon the assumption of uncoordinated choice, the idea that each peer acts independently upon its own view of the system's state. Vitalik Buterin, a co-founder of Ethereum, wrote in The Meaning of Decentralization:
In the case of blockchain protocols, the mathematical and economic reasoning behind the safety of the consensus often relies crucially on the uncoordinated choice model, or the assumption that the game consists of many small actors that make decisions independently.
Another way of saying this is that the system isn't secure if enough peers collude with each other. Below the fold, I look at why this is a big problem.

How can you prove that peers in your system aren't covertly colluding? In the real world, you can't prove a negative, so the security of permissionless P2P systems generally depends upon an assumption that cannot be verified.

But sometimes the assumption can be shown to be false. Rampant Collusion in EOS Exposed by Huobi Leak at trustnodes.com reports that:
A spreadsheet has been leaked, allegedly authored by Shi Feifei, a Huobi employee. Titled “Huobi Pool Node Account Data 20180911,” the document details mutual voting and sharing of proceeds from producing blocks in EOS.
EOS is a proof-of-stake blockchain in which 21 producers vote to produce the next block. But:
The document shows Huobi votes for 20 Block Producers (miners) in EOS with 16 of them voting for Huobi in return.
One of the (many) problems with proof-of-stake is that:
Ownership in EOS is highly concentrated, with just 10 addresses holding some 50% of all tokens. Exchanges tend to dominate for obvious reasons, but in other public blockchain they have no say in protocol rules and take no direct part in validation.

In EOS, however, it appears exchanges effectively control the network with this very centralized blockchain having just 21 validators. Some of which are seemingly controlled by just one entity with Huobi allegedly able to act as a king maker.
The threat model underlying the design of the LOCKSS protocol included a powerful adversary or conspiracy controlling a large number of peers. The design had a mechanism that made it statistically likely that the adversary would be detected.

Hat tip to David Gerard:
EOS ran an ICO token offering that was so egregious I used it as a perfect example of the form in chapter 9 of Attack of the 50 Foot Blockchain. You’ll be shocked to hear that there’s rampant collusion and corruption amongst the controlling nodes of their blockchain.
According to Wikipedia:
block.one raised over four billion USD to support the blockchain during the Initial Coin Offering (ICO) period

No comments: