Classification of double cost attack in blockchain system
Abstract
The article provides a brief overview and systematization of information on the issue of double costs in blockchain systems with probabilistic consensus methods and possible ways to solve it. The procedures using which double-cost attacks are implemented are described. The essence of the manipulations with which an attacker can try to realize double costs in decentralized payment systems is disclosed. A detailed description of the attacker's actions and ways to prevent the attack is given. The review starts with simple attacks based on creating duplicate transactions and ends with more complex attacks such as: attack-Race; Phinea attack attack; Vector76 attack; «51 %» attack. These attacks require significant resources from the attacker and the possibility of branching the registry blockchain. The last group of attacks is analyzed in more detail with an indication of their use cases. The most dangerous attack is highlighted. The attack «51 %» is highlighted as the most dangerous, which, according to the authors, poses the greatest threat to the safety of blockchain systems with probabilistic consensus algorithms.
Downloads
References
Centralized, Decentralized, and Distributed Payment Mechanisms. [Online]. Available: https://www.aier.org/article/centralized-decentralized-and-distributed-payment-mechanisms/
M. Rosenfeld, Analysis of hashrate-based double-spending, 2014. [Online]. Available: arXiv preprint arXiv:1402.2009
A. Gervais, H. Ritzdorf, G. O. Karame, S. Čapkun, "Tampering with the delivery of blocks and transactions in Bitcoin”, in CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, vol. 2015-October, pp. 692-705), Association for Computing Machinery. [Online]. Available: https://doi.org/10.1145/2810103.2813655 https://eprint.iacr.org/2015/578.pdf
E. Zaghloul, T. Li, M.W. Mutka, J. Ren, Bitcoin and Blockchain: Security and Privacy, 2019. [Online]. Available: ArXiv, abs/1904.11435
BitcoinWiki: Double-spending. [Online]. Available: https://ru.bitcoinwiki.org/wiki/Double-spending
А. Н. Ширяев, Вероятность: В 2-х кн. Кн. 1. Москва: МЦНМО, 2007.
The Bitcoin Mempool – A Beginner’s Explanation. [Online]. Available: https://99bitcoins.com/bitcoin/mempool/
Hackernoon: Two Ways to Double-Spend. [Online]. Available: https://medium.com/hackernoon/bitcoin-core-bug-cve-2018-17144-an-analysis-f80d9d373362
BitcoinCore: CVE-2018-17144 Full Disclosure. [Online]. Available: https://bitcoincore.org/en/2018/ 09/20/notice/
Blockchain Attack Vectors: Vulnerabilities of the Most Secure Technology. [Online]. Available: https://www.apriorit.com/dev-blog/578-blockchain-attack-vectors
H. Finney, Best practice for fast transaction acceptance - how high is the risk?. [Online]. Available: https://bitcointalk.org/index.php?topic=3441.msg48384#msg48384, Feb. 2011
Bitcoin’s Security Model Revisited. [Online]. Available: https://arxiv.org/pdf/1605.09193.pdf
Ch. Everett, Blockchain Security. [Online]. Available: https://www.simplexityanalysis.com/blog/2016/9/20/blockchain-security
The 51% Attack. What is it? [Online]. Available: https://medium.com/swlh/the-51-attack-what-is-it-d295e70b9ac4
% Attack Explained: The Attack on A Blockchain. [Online]. Available: https://www.fxempire.com/education/article/51-attack-explained-the-attack-on-a-blockchain-513887
П. Колесников, Ю. Бекетнова, Г. Крылов,Технология Блокчейн. Анализ Атак, стратегии защиты. [Online]. Available: https://www.mumcfm.ru/repository/7b9dcd8e4e51d467a0f8e1eff82157e504c569331681beb7e80117fd64e05d1a