ETH 2.0 has passed an initial audit with two attack vectors that could prove troublesome for developers

By Selena On Mar 26, 2020

An audit of the ETH 2.0 specifications highlighted the need to address potential vulnerabilities with the protocol’s peer-to-peer (P2P) networking layer and block proposer system. However, while the review generally approved the design, some potential attack vectors remain.

ETH 2.0 will be among the first Proof-of-Stake (PoS) networks to employ sharding—a partitioning technique devised to spread the load on the Ethereum blockchain. As such, while ETH 2.0 may have passed the initial acid test, the lack of a comparable sharding system proved to be a challenge for Least Authority’s audit.

We just wrapped up the #phase0 audit of the #eth2 specs!
Big thanks to @dannyryan and the @ethereum team.

Check out our blog post + full report here: https://t.co/3cFb41ML6H #ethereum #security #audit pic.twitter.com/nuHrkJJSmv

— Least Authority (@LeastAuthority) March 24, 2020

ETH 2.0 audit reveals potential weaknesses

At the Ethereum Foundation’s request, technology security firm Least Authority started its review of ETH 2.0 specs in January and worked closely with the Foundation throughout the process.

According to the final audit report, Least Authority has found the specs to be very well thought out and comprehensive. However, the team argued that there hadn’t been any real-world example of a large-scale protocol utilizing Proof of Stake and sharding. In that sense, it is hard to assess ETH 2.0’s long-term stability at the moment.

The report stated:

“It is one of the first Proof of Stake (PoS)/sharded protocol projects planned for production. As a result, there has been minimal opportunity to study the impacts of design decisions on real-world uses of such blockchain implementations, and none on the same scale. The long term stability of PoS blockchains is an area of active research that will need to be monitored over time as they are used in production.”

Source: Least Authority

The report highlighted the lack of documentation when it comes to the protocol’s peer-to-peer (P2P) networking layer and the Ethereum node records (ENR) system.

The report notes that:

“We found that the Peer-to-peer (P2P) networking layer and the ENR system are underrepresented. These may be elaborated on in later phases, but their significance suggests that Phase 0 would be a good starting point for laying the foundation of a strong network layer.”

Additionally, the report pointed out two areas with potential security risks: the block proposer system and the P2P messaging system. Both require long-term research efforts and might be addressed in the project’s later phases.

Notably, the Ethereum Foundation had previously informed the auditing team that the Phase 0 mainnet launch would take place in April 2020. However, the April timeline was meant to help inform the audit schedule, and Least Authority could not confirm whether it is the actual launch date.

Indeed, ETH 2.0 project lead Danny Ryan announced in a Tuesday tweet that the next steps for the ETH 2.0 team would be to carry out multi-client testnets and a Phase 0 bug bounty program.

Besides, developers would need to implement a significant multi-client testnet and run it for at least two months before the Phase 0 mainnet launch can take place. Therefore, it is unlikely that the launch will happen in the upcoming weeks.

Potential information leak with Ethereum 2.0 block proposer system

ETH 2.0 marks a transition from a Proof of Work (PoW) to a Proof of Stake (PoS) system. With PoW, the process of electing a winning block is straightforward, and no observer can predict who will be the first to solve the puzzle. With PoS, however, there needs to be a block proposer to decide which block will go into the chain. This process, the report explained, opens up the risk of information leak.

To mitigate this risk, the report recommended using a Single Secret Leader Election (SSLE) mechanism to conceal the selection process. At the same time, the chosen block proposer would be able to communicate its identity to others.

The findings conclude:

“With the information leak patched, the block proposer remains as protected as it would be in PoW chains, but without the computational overhead. The Ethereum 2.0 team acknowledged the suggested mitigation. However, SSLE is still very much an active area of research. As a result, we expect more information and updates around these vectors to emerge as research on SSLE continues, and Ethereum 2.0 reaches Phase 1 and 2 milestones.”

The second potential vulnerability concerns the “spam problem” in the protocol’s P2P messaging system.

Without a centralized entity judging nodes’ actions, a dishonest node can spam the network with an unlimited number of old block messages without much penalty. Such attacks will flush out legitimate messages. Similarly, nodes can also send out an unlimited number of slashing messages and create unnecessary traffic on the Blockchain.

The report said:

“This type of attack would slow down or potentially halt network processing for the duration it was carried out.”

To address this problem, Least Authority suggested the implementation of a fully BAR-resilient gossip protocol to prevent malicious gossiping. According to the report, technology research firm Protocol Labs is currently looking into BAR-resilient peer-sampling techniques.

Read more: