Connect with us

News

Validators Create New Attack Vectors for Decentralized Systems

Published

on

Pascal Thellman is CMO at Bounty0x, a simple service for earning crypto, and an advisor at PolyGrowth, a crypto PR firm.

As proof-of-stake (PoS) networks gear up in an effort to compete with proof-of-work (PoW) blockchains, significant attention has been placed on their validator mechanisms and incentive structures for maintaining valid consensus.

In particular, ethereum has been brewing the development milestones for its transition to PoS consensus as part of its ‘Serenity’ upgrade for several years.

Binance recently released the details of its upcoming ‘decentralized’ exchange which will rely upon 11 validator nodes – all controlled by Binance – for confirming transactions on the exchange. The company has since come under fire for even calling their exchange decentralized and has gone on the defensive.

Interchain projects like Cosmos and Polkadot are gaining traction among proponents of interoperability and fast-finality consensus blockchains using Tendermint BFT and DPoS consensus models, respectively. And Cosmos is preparing for the launch of its mainnet Cosmos Hub soon. While PoS cryptocurrency networks offer better energy efficiency and faster finality than PoW, they have yet to be proven at scale and come with myriad concerns in various attack vectors and misaligned incentives.

Further, though most interchain blockchain projects focus on using validators for their network consensus, others have maintained the emphasis on using PoW via nuanced approaches. Block Collider uses an optimized version of Nakamoto Consensus for an interoperable chain of several blockchains without the need to change its security model to that of PoS or using validating nodes.

PoW is the battle-tested and sustainable consensus algorithm that bitcoin launched an entire industry with, so it is necessary to assess some of the potential quandaries with the rapid onset of PoS cryptocurrency networks.

The myriad forms of validating

Networks that deploy validator mechanisms in their consensus use a variety of names – from “hubs” to “masternodes.” However, they all employ similar design models where validators guarantee the valid state of the network by “validating” or “producing” blocks in frequencies that correlate to their stake of the native token in the network.

Validators replace the role of miners in a PoW blockchain network and are incentivized to act honestly within the system because their stake is locked into the network while they perform their task. They are rewarded in the native token of the network for authentic validating efforts, and their stakes are slashed if they act maliciously.

If you’re looking for a deep dive into the mechanics of PoS validating systems, Vitalik Buterin provides clarification on ethereum’s CBC Casper (PoS) mechanism and an initial design philosophy for PoS. Similarly, Cosmos provides some useful developer documentation for how their interchain validating works.

PoS mechanisms are exceptionally complex because they require advanced game theoretic approaches and their immutability is subjectively interpreted. The source of the validation of the blockchain ledger derives from validator assurances of its integrity, rather than energy expended via mining where the cardinal attack vector is energy itself rather than human interpretation — an ideal social scalability construct for minimizing trust.

Additionally, many interchain frameworks require compatibility of blockchains that are plugging into the network. For instance, Cosmos requires subchains that use fast-finality consensus, precluding the ability of PoW blockchains to connect to the network.

Properly analyzing some of the pitfalls of validator networks requires focusing on two primary areas:

  1. Attacks vectors
  2. Misaligned incentives

The leading concern of validator networks is their trade-off of scalability for security.

Cost savings via PoS networks and quicker finality that help the network scale come at an equal cost in long-term network integrity, which is one of the fundamental value propositions of blockchains.

Attack vectors

The misaligned incentives of validator networks often directly correspond to the attack vectors that require complicated engineering around to avoid. Two of the long-standing issues with validator consensus are the attack vectors of Long-Range Attacks and Sour Milk Attacks.

Long-Range Attacks (LRA)

An LRA is where a malicious party could purchase the private key of a sizeable token balance that was used in validating in the past. The party could then wield this balance to generate an alternative history of the blockchain from when the private key held the balance, effectively enabling them to award themselves increasing rewards based on the PoS validation.

The proposed solution to this problem is checkpointing, but checkpointing the state of the chain requires nodes continually be online and has been criticized as a complex and centralized solution. Moreover, LRAs demonstrate that in the long-run, PoS validator networks fail to guarantee the validity of the ledger – particularly in past states of the blockchain.

The result is that validator networks are not creating a permanent, immutable ledger with their consensus, but rather only a “temporary consensus” within a given context of time.

Sour Milk Attacks

A sour milk attack is where base validators push their peers to doubt honest peers by publishing genuine and fraudulent blocks to peers concurrently. At the same time, these base nodes coordinate with other malicious peers to do the same, muddling the ability of honest peers to discern between valid and invalid blocks.

The requirements for conducting these attacks are concerningly low, as only a fraction of the network validators can effectively freeze the network, create forks and lock the consensus.

Other attack vectors

Some other prominent attack vectors for PoS validating networks include the “Fake Stake attack,” stake grinding and DDOS attacks against validators that are required to remain online — forcing them to lose money.

In particular, the fake stake attack reveals that PoS validating is not as efficient at scaling as perceived, due to the higher costs of checking PoS blockchains compared to PoW blockchains. The attack vector was recently disclosed and would enable attackers with minimal stakes to crash nodes running the network’s software.

Misaligned incentives

One of the main concerns with validator networks is their potential for supplementing the wealth of the “crypto 1 percent” where only validators with significant stakes will reap the rewards of staking. With the wealthiest stakeholders able to control a sizeable portion of the overall supply, the incentive for average stakeholders to participate in validating is diminished.

Reduced incentives are inextricably linked to one of the most cited and high-profile pitfalls of validator networks — the low participation in staking by users. The downstream effects of low participation are network centralization, front-running trades with price cartels, and many more adverse consequences.

The game theory complexity of validator networks is also often criticized. To the hammers — engineers in game theory and incentive structures — everything in PoS consensus design looks like a nail. As such, the model becomes exceptionally convoluted and akin to engineering new solutions to problems that old solutions collaterally produced.

Further, misaligned incentives draw from the sheer complexity of such systems. In particular, the “Nothing at Stake Problem” is one of the foremost concerns of PoS validator networks. The Nothing at Stake problem is a well-documented issue in validator PoS networks where PoS consensus cannot adequately solve the problem of two blocks being produced at similar times.

PoW solves this via a randomized mechanism involving the most worked chain of energy expenditure. However, PoS passes this burden onto the validators, leading to one block potentially having more stake than the other. The problem materializes when validators realize that staking on two competing chains is advantageous to them. By using their stake on both chains, it becomes challenging to discern which chain is the valid chain.

Criticisms of proposed solutions to the Nothing at Stake problem again highlight the layers of abstraction needed to obfuscate the fundamental issue of staking without actually addressing the problem itself – leading to even more design convolution.

Conclusion

As networks that rely upon validators continue to garner support among next-generation blockchain platforms, it is prudent to place the new consensus designs into the context of practicality. PoW is the only proven distributed consensus for blockchain networks. Only time will tell if PoS validators prove sustainable models for scalable blockchains, and being aware of their shortcomings is the optimal approach in a sea of blockchain innovation.

Network image via Shutterstock

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

What nationality is Nika Stark?

Published

on

Nika Stark

Nika Stark is a Georgian-American entrepreneur, web developer, and a software engineer who was born in the country Georgia (Kutaisi). He is the founder and CEO of highly respected media and entertainment platform, StarkFeed, and a digital mastermind with a tremendous experience.  He also helps business owners to establish a digital footprint. Nika is the kind of person who believes that with hard work & dedication, we can achieve anything. 

How old is Nika Stark? 

He started picking up the momentum just when he first moved to the United States, he was 11-years-old. Now Nika Stark is 21-years-old.

What height is Nika Stark? 

Nika Stark’s height is 5’11”

Continue Reading

News

What Indonesia Reveals About Facebook’s Libra Plan

Published

on

Facebook published plans for the Libra cryptocurrency in seven languages, including Indonesia’s Bahasa – a move that offers perhaps the clearest glimpse of what Facebook’s fintech ascent might look like.

“Indonesia has the fourth-highest number of Facebook users in the world,” Pang Xue Kai, co-founder of the Indonesian crypto exchange Tokocrypto, told CoinDesk. “If Facebook’s Libra can address the [local] issues, it has the potential to succeed.”

According to the annual media report released by We Are Social and Hootsuite, Indonesia has the world’s highest rate of Facebook post engagement among internet users, over 4 percent, and the highest frequency of online shopping, with 86 percent of Indonesian survey respondents saying they bought something online in the past month.

Since nearly 10 percent of Indonesian respondents said they also own some cryptocurrency, double American percentage, Facebook couldn’t have dreamed up a better market for Libra.

QCP Capital co-founder Joshua Ho, a trader who works closely with Indonesian exchange Tokocrypto, told CoinDesk Facebook’s Libra ecosystem could be a “gamechanger” in Indonesia.

“People are already very aligned with mobile payments,” Ho said. “It is geographically decentralized. Creating banking access is a huge challenge.”

Since the Asian financial crisis in 1997, which sparked rampant inflation, economic recession and political turmoil in Indonesia, Ho said cryptocurrency offers an attractive alternative to fiat currencies and banks the population still distrusts.

Add all this to the World Bank’s estimate that Indonesia is a collection of islands with one of the world’s largest unbanked populations, 97 million adults as of 2017, and it’s clear why Facebook prioritized publishing its crypto materials in the native language.

Anchorage CEO Nathan McCauley, a founding member of the Libra Association, told CoinDesk getting merchants to accept Libra will be a crucial part of encouraging adoption among the unbanked. The Andreessen Horowitz–backed startup will primarily contribute to security and custody features for the Libra ecosystem, especially custody services related to the Libra investment token for institutional investors.

McCauley said Anchorage is currently applying for various licenses, but declined to specify which. He said he did not believe the association or its members would require additional licenses for money transmission or custody features for retail users in various jurisdictions.

Although Facebook’s dominance across Indonesia’s communication networks is growing rapidly, accessibility can still be hindered by government intervention.

“Of course the platform that facilitated a transaction is going to know who the transaction is coming from, who it is going to, and will have the ability to enforce whatever norms, laws or regulations that they need to do so,” McCauley said. “That tends to be jurisdiction dependent and client dependent.”

Privacy risks

Facebook’s omnipresence in Indonesia raises questions about how Libra will impact retail users.

For example, TechCrunch reported the Indonesian government censored access to WhatsApp and Instagram, both owned by Facebook, in May when protests about controversial election results turned violent. Numerous reports have called Facebook a political “battleground” in Indonesia, where data from over a million user accounts was reportedly sold to Cambridge Analytica for targeted political campaigns.

A Facebook spokesperson declined to comment on how relations with local authorities evolved since the protests in May, focusing instead on partnerships forged with six fact-checking entities certified by the Poynter Institute to quell the spread of misinformation among Indonesian users.

This type of scenario raises red flags for Cornell University professor and blockchain researcher Emin Gun Sirer.

“I did not see anything in their roadmap related to privacy at all,” he told CoinDesk about the Libra Association. “I don’t think people are talking about how aggressive the Facebook approach is.”

A blog post by the crypto startup Nym went even further. Nym’s CTO, Dave Hrycyszyn, was briefly with the social media giant after the acqui-hire of Chainspace, a startup he co-founded.

“Libra will provide Facebook and its partners with the ability to analyze every purchase by every single Libra user,” the blog post said:

“While Facebook currently promises that it will not triangulate its vast hordes of personal data with financial transaction information to probe ever deeper into the minds of its human subjects, there are no cryptographic or technical privacy guarantees in Libra to prevent Facebook from doing exactly this.”

Social ecosystem

Mass reliance on the same provider for mobile communication and financial access would give Silicon Valley even more leverage in markets like Indonesia.

CoinDesk contributor Daniel Evans noted Facebook’s Libra Association doesn’t have any partners in the region yet and may not be able to operate “freely.”

Shaun Djie, co-founder of Tokocrypto’s Singapore-based partner, DigixGlobal, told CoinDesk the fintech ecosystem in Indonesia is currently “very malleable” as young people are “receptive to owning cryptocurrencies.” In general, crypto veterans with experience in the Indonesian market were optimistically curious about Libra.

Regardless of privacy concerns, WhatsApp and Instagram would inherently be huge factors in the local Libra ecosystem. Ho confirmed that WhatsApp, with roughly 70 million Indonesian users, is a pivotal tool for local businesses.

The Hootsuite report said 90 percent of small-to-medium businesses in Indonesia identified WhatsApp as a tool for communicating with customers. Plus, the report estimated 20 percent of Indonesian internet users are on Instagram, soaring above the global average of 15 percent.

Speaking to the local vision for Libra, a Facebook spokesperson told CoinDesk:

“Facebook is committed to helping Indonesians come together to build communities and support businesses – both large and small – through initiatives and programs with local partners.”

Image of Jakarta, Indonesia via Shutterstock

Continue Reading

News

What Will It Take to Regulate Crypto Exchanges?

Published

on

Konstantinos Stylianou is an assistant professor at the University of Leeds School of Law, and a visiting scientist at the Brown University Department of Computer Science.


Shortly after Bitcoin SV was delisted from Binance, CoinDesk advisor Michael Casey published an insightful op-ed discussing whether the delisting amounted to censorship (it doesn’t), whether exchanges should be held to high standards of neutrality (they should) and whether regulation is necessary to achieve this result (it is).

The idea is that because major exchanges play such a crucial role in the industry (Casey claims that “[t]hey are the cryptocurrency industry) they should not be allowed to arbitrarily discriminate between crypto assets — rather they should be regulated to operate as neutral platforms.

But ask any regulation expert and they will tell you that, absent Goldilocks conditions (hold that thought), neutrality is neither the natural state of markets, nor the natural instinct of regulators.

If that’s the case, regulation of the kind that would have saved Bitcoin SV and of the kind Casey advocates for – while possible – might not quite be around the corner.

Neutrality is rare and regulation even rarer

That neutrality is not the natural state of markets, we’ve known for a while.

It is hard to notice when there is an abundance of choice and people get what they want, but when there is too little of something, the owner of that bottleneck resource often becomes partial and does not treat everyone the same.

When the first telephone networks were rolled out, they suppressed devices and services from competitors and even arbitrarily refused call service. Microsoft saw Netscape as a threat and sabotaged it. Apple and AT&T similarly blocked Skype in the early days of the iPhone. There are countless other examples of platforms disfavoring complements or customers.

Were regulators called in to save the day in all these cases? They were indeed. Telephone networks were designated as common carriers, which came with the obligation to provide non-discriminatory service; Microsoft was forced by antitrust regulators to abandon the practices that squeezed Netscape out of the market; and Apple and AT&T dropped their restrictions against Skype after the Federal Communications Commission threatened them with net neutrality action.

It may seem that regulation came to the rescue whenever necessary to restore neutrality. But the truth is that despite occasional corrections, neutrality still remains the exception in the market and in regulatory action.

Part of the reason is that the law actually acknowledges that non-neutrality is not all that bad. The ability to deviate from uniform practice is what allows companies to differentiate themselves in the market. Not all grocery stores carry the same products, neither do they all place them in the exact same shelf, and this helps consumers and producers address diversified needs.

Even extreme differentiation, like exclusive agreements that make a business proposition unique in the market, can be good. For example, Nintendo’s exclusive console agreements helped bootstrap an entire industry by tying popular games to Nintendo’s consoles thereby increasing competition.

It is not that this kind of discriminatory practices have no downsides. Far from it. But it is also a standard assumption in modern market-driven economies is that regulation distorts markets too, and therefore, the enactment of rules requires proof that, left alone, the market would perform demonstrably worse.

In the mind of a regulator

To decide whether Binance, or any exchange for that matter, should be neutral and not discriminate against crypto assets (be it cryptocurrencies, crypto derivatives or other), regulators would consider a number of factors.

Power

The most decisive factor to regulate is sustained monopoly power or dominance in the market.

Regulators usually impose neutrality on platforms because users and/or complements (read: cryptocurrencies) can’t or realistically won’t turn to alternative platforms, which would allow the dominant platform to exploit them.

If Binance were a monopoly exchange, then delisting a cryptocurrency would result in driving it out of the market. Or, if the cost of switching from Binance to another exchange was prohibitively high, then, similarly, Binance users and listed cryptocurrencies would be trapped by Binance’s choices.

But neither of those conditions are true here. There are numerous exchanges on which Bitcoin SV can be traded, and signing up with Binance does not preclude users from trading on other exchanges too. In other words, both Bitcoin SV and users multi-home.

In that sense, Bitcoin SV is not in the same position as companies listed on NYSE or Nasdaq, because by and large, companies are listed on only one exchange, and delisting them would mean that they cease to be publicly traded.

Harm and market distortion

Regardless of power, would decisions such as Binance’s delisting of Bitcoin SV undermine important public interest goals such as market stability and efficiency, consumer and investor protection, and capital formation?

Regulation is more likely if the problematic conduct threatens harm to public interest goals, is frequent, and has long-lasting effects without second-best alternatives being able to contain them.

At the moment, the picture is still fluid. For one thing, regulators still grapple with the question of whether crypto assets even form part of financial markets. If they do not, then there would be no legal basis to subject exchanges to financial regulation.

Assuming that they do, the frequency of the problematic conduct matters too. Crypto delisting is not unheard of but it is not exactly common either. There is no exact formula to calculate a threshold. In the case of network neutrality rules, fewer than five instances were enough to set the regulatory process in motion, whereas for privacy, numerous and repeated instances by tech giants have not resulted in regulation yet.

We also don’t know the extent of the harm of delisting. When the trading of conventional securities is suspended, they effectively disappear from the market, perhaps permanently. On the other hand, despite Bitcoin SV’s delisting from Binance, it still traded on another seven exchanges.

To be sure, Bitcoin SV’s price suffered significantly upon the announcement of the delisting on April 15 (from $73 on April 14 to $55 on April 15), and the effects to its medium-long term liquidity and reputation are yet to be accounted for (likely bleak).

This, in turn, can have severe consequences for investors’ financial situation.

But regulation is concerned with broad effects, not individual actors. The key lies less in the fate of Bitcoin SV specifically, and more in the effect of the practice of delisting in the overall stability of the market. It is a very different situation if delisting is regarded as a normal business practice whose risk is acceptably assumed by investors, and if delisting is regarded as serving no other purpose but to manipulate the market or to defraud investors. Only the latter could invite regulation.

Information inadequacies

The market can only work efficiently if all parties are sufficiently well informed to evaluate their options.

If investors had perfect information, then their reactions to Bitcoin SV’s delisting would reflect their up-to-date assessment, and there would be no need for regulation to protect them from anything. Any price, reputation and liquidity fluctuations would correspond to investors’ full and accurate beliefs and manipulation by Binance would be impossible.

This is clearly not the case here or in any other market. Perfect information is one of the most unrealistic assumptions of neoclassical economics in modern economies.

But the obvious solution to information inadequacies is more information and more transparency, not neutrality. The difference is that transparency enables actors to make a (presumably better) choice, whereas neutrality is a choice itself: it mandates a specific treatment (i.e. non-discrimination).

Regulators would normally want to start with the least onerous measure (transparency). If it is not effective, they can escalate to neutrality. If still ineffective, they may even dictate the rules of listing and delisting themselves.

Unequal bargaining power and anticompetitive conduct

The main idea behind non-regulated competitive markets is that actors behave well because market forces discipline them. If, however, the competitive forces exercised by competitors (other exchanges), complements (cryptoassets) or customers (investors) are weak, market players (exchanges) are unconstrained to act in ways that harm others.

Think about how much more difficult it would be for an exchange to delist Bitcoin with its much higher market capitalization, velocity and liquidity compared to Bitcoin SV.

Evidently, Bitcoin is more valuable to exchanges and therefore the constraints around how exchanges treat it are tighter. In reality, the majority of cryptocurrencies are nowhere near as important as Bitcoin, and the fact that they are not backed by unified institutional actors further diminishes their bargaining power.

Large investors could have a similar constraining effect, since exchanges would not want to lose investors who can generate large volumes.

For this to work it would mean that cryptocurrency ownership is concentrated in large investors (there is evidence in that direction, for example 42 percent of Bitcoin is owned by the top 0.01 of addresses), but also that these investors are actually active and that churn is high or at least plausible.

Politics, politics, politics

The factors listed above leave out one important aspect of regulation: the fact that, ultimately, it is a political game, not an academic exercise. If politics favor regulation then that’s the most likely outcome regardless of how the factors listed above weigh in. We even have a fancy name for it: New Institutionalism.

As a function of the executive branch, regulation is subject to political pressure and revolves around interest groups. Nascent immature markets, such as that of cryptoassets, are usually captured by the interests of the existing regulatory authority and those of the public.

They are captured by the existing authority (in the US, this is the SEC) because they are already in the game and by extending their reach they justify their existence. Widened reach and heightened activity entitles them to more funding and higher rating. Just look at how everyone speaks of the European Commission as the global antitrust and privacy enforcer after having gone after Google and the like.

Nascent markets are also more likely to be regulated in the name of the public interest both because people are generally more vulnerable in new market contexts, and because industry interests have not developed lobbying capacity yet. This leaves the field clear to side with the public which is generally seen as the weaker side.

A few industry associations are already present in blockchain markets (EEA, PTDL, ISDA) but none seems to represent the collective interests of exchanges. On the contrary, regulatory interest and grassroots support for crypto assets seem stronger.

In the end, it is usually not a question of whether a market segment will be regulated or not; rather a question of how it will be regulated.

Coin in vice via Shutterstock

Continue Reading

Trending

Copyright © 2018 StarkJournal