a research paper A report published by Israel’s Hebrew University says it has found “first evidence of a consensus-level attack against a major cryptocurrency.” The paper is currently pending peer review, but utilizes publicly available on-chain data and Ethereum’s open source codebase to confirm its conclusions.
The core of this paper highlights the problem that miners can change the timestamps associated with mined blocks to avoid increasing difficulty on the network. On-chain data seems to support this claim, as Aviv Yaish, one of the authors of the paper, highlighted that F2Pool’s block timestamps have been artificially altered to improve rewards.
(9/12) F2Pool’s block timestamps are artificially set 1 second earlier each time they reach a point where mining difficulty drops. F2Pool has been performing this attack for the past two years and the evidence is hidden in plain sight! … pic.twitter.com/mDEG2UqXZh
— Aviv Yaish (@yaish_aviv) August 5, 2022
Ethereum is maintained through a Proof of Work consensus mechanism, which will transition to Proof of Stake in September of this year. However, for now, the network appears to be susceptible to attacks identified by the Hebrew University.
Consensus level attacks are referred to as Uncle Maker attacks within the whitepaper, in reference to the “uncle” block used in the exploit. Blocks in the Ethereum blockchain act as a set of records that are checked, distributed, and verified across the network. Uncle blocks are valid blocks that have been removed from the main chain, but still receive rewards.
“This attack allows an attacker to replace a competitor’s main chain block with its own block after the fact, so that miners on the replaced block lose all transaction fees for transactions contained within the block and You will be demoted from – chain.”
Miners can set block timestamps within “some reasonable bounds”, typically within a few seconds. His one of the mining pools selected in the survey was F2Pool, who “for the past two years, F2Pool did not have a single block with a timestamp matching the expected result.” F2Pool is one of the largest Ethereum pools operating at a hashrate of 129 TH/s and generating around 1.5K ETH in daily rewards.
The paper also notes that F2Pool’s “founders were relatively well publicized condemnation attacking competing mining pools and blaming them for attacking their own mining pool” while in reality “F2Pool is attacking other mining pools”.
While the financial impact of the attack has yet to be officially confirmed, CryptoSlate reached out to Yaish and said:
“For each successful attack, F2Pool earned 14% more from the block reward, plus all the transaction fees involved.
We are currently trying to provide concrete estimates for both of your questions using real world data. As soon as we have the data, it will be published!”
The Hebrew University made “specific modifications to the Ethereum protocol” and created a patch for review.Yaish mentioned in blog post that the information was “responsibly disclosed to the Ethereum Foundation” prior to publication;