The Proof of Work blockchains may have an Achilles Heel that makes them vulnerable to a “Balance Attack.” A group of researchers from the University of Sydney has published a paper offering details about this new type of attack.
The Balance Attack targets the nodes with balanced mining power. By delaying the network communication between a subgroup of nodes, the attack forces double spend on proof of work blockchains like that of Ethereum and Bitcoin. The theoretical study is based on the configurations and other related statistics that are similar to the blockchain infrastructure utilized by the R3 consortium.
The researchers have supported their theoretical findings by running an actual setup of Ethereum private chain with parameters similar to the theoretical model. According to the paper, the attacker can choose to communicate different messages to two subgroups of nodes with balanced mining power. To do that, the attacker will have to issue and broadcast transactions to one of the subgroups labeled as “transaction subgroup”. Simultaneously, he will be mining on another subgroup called “block subgroup”. Continuing the selective broadcast over a period of time will cause the block subgroup to create a tree that outweighs the one created by transaction subgroup.
During the process, the attacker will be able to leverage the GHOST protocol to isolate a blockchain branch from rest of the nodes completely. The isolated branch will be presented later to another competing node to influence the branch selection process. By affecting the branch selection, Balance Attack will disrupt the persistence of the main blockchain, rewriting previous transactions which in turn will open the network to double spend attack. In order to execute a successful Balance Attack, the attacker will need at least 20 minutes and have control of at least 5 percent of the network’s hashing power.
The Balance Attack theory exposes the vulnerability of Ethereum protocol and private blockchains in particular. However, the same method can potentially disrupt the Bitcoin blockchain as well, given the attacker has access to enough hashing power.
Ref: Balance Attack Paper | DeepDotWeb | Image: NewsBTC