Ethereum Challenges Hackers to Attack Proposed 2.0 Networks

Published at: July 20, 2020

The Ethereum Foundation has launched public “attack networks” for Ethereum 2.0 based on existing stable clients.

The networks are designed to give security researchers a sandbox environment where they can try to break Ethereum 2.0’s networks by exploiting potential issues in the clients. Currently, there are two “beta-0” attack networks based on the Lighthouse and Prysm clients, built respectively by Sigma Prime and Prysmatic Labs.

According to the announcement released on Monday, the attack networks are “real networks,” though they present some limitations. Notably, only four nodes have been deployed to the network with 128 validators, versus the thousands expected for Ethereum 2.0.

Deposits are also not enabled, which means that hackers will need to “try non-validator based attacks for this run.”

The goal for the attackers is to "prevent finality for 16 consecutive epochs” on a single network “by any means necessary.” What this means is that the exploit will need to make the Ethereum 2.0 network unusable and unsafe for at least 102 minutes, or 1 hour and 42 minutes.

Each epoch consists of 32 slots during which blocks may be proposed. Each slot lasts for 12 seconds and is roughly equivalent to block time under optimal conditions. At the end of each epoch, the validators are reshuffled to maintain the network’s security.

Individual hackers and specific groups will be entitled to a $5,000 bounty for successfully breaking the network in this way. Each network has its own bounty, though a single entity can only receive one.

Ethereum 2.0 continues progress

In recent months, progress on Ethereum 2.0's Phase 0 has picked up, with the teams recently launching a new multiclient testnet on the newer 0.12.1 specification, called Altona. The testnet promises to be the last major “devnet” primarily run by developers ahead of a full-scale testnet for the general public.

The attack networks are an important part of that transition, as they incentivize others to find potential vulnerabilities and issues that simple testing likely would not reveal.

However, other factors may temper public optimism. For example, some client developer teams seem to be lagging behind, and their nodes are unable to join the shared testnets.

Furthermore, the community has to decide on what makes Ethereum 2.0 ready for mainnet, with potentially months of further waiting as the systems continue being battle tested.

Justin Drake, an Ethereum 2.0 researcher, posited that the most likely launch date for the mainnet is January 2021, given several months of testing and accounting for holidays. However, Vitalik Buterin, Ethereum’s co-founder, disagreed with that timeline and argued that Phase 0 should launch in 2020, even if sacrificing some of the cautiousness.

Tags
Technology
Ethereum
Security
Related Posts
The perfect storm: DeFi hacks will advance the crypto sector moving forward
The rise of decentralized finance, or DeFi, could be paving the way toward a fully decentralized financial ecosystem. Yet, given the innovative nature of DeFi, the sector remains in constant development and is therefore prone to a number of vulnerabilities. Unsurprisingly, one of the biggest challenges currently facing the DeFi sector is security threats. This has become apparent as more DeFi hacks continue to wreak havoc across the crypto community. Most recently, the largest DeFi hack within the crypto industry took place. The Poly Network hack resulted in over $600 million dollars removed, and then returned, from Binance Chain, Ethereum …
Decentralization / Aug. 17, 2021
The importance of decentralized oracles: Interview with Sergey Nazarov
Chainlink co-founder Sergey Nazarov believes that increasing the decentralization and scalability of oracle technologies are key to ensure trust in the DeFi ecosystem. Oracles play a key role in the correct functioning of DeFI protocols by connecting them to real-world data. However, the trustworthiness of oracles becomes compromised in instances where they rely on a single data source to retrieve information. For instance, according to Nazarov, excessively centralized oracles enabled five recent flash loan attacks, which resulted in DeFi protocols losing around $40 million. Flash loans, a form of loan that does not require any collateral, can be used to …
Decentralization / Dec. 19, 2020
Building multichain is a new necessity for DeFi products
At present, your DeFi product needs to be multichain to be competitive — this is the hard (and exciting) truth of 2021. Whether you’re building a wallet, a lending service or a DeFi game, your target audience knows that there is more to the crypto space than Ethereum. And they expect you to provide the best of all worlds. It seems there will always be a debate about which blockchain makes for the best foundation for projects. Enhanced security, low transaction costs and formidable speed — there will always be a chain that offers bigger advantages. As the speculators argue …
Technology / Nov. 20, 2021
What is a honeypot crypto scam and how to spot it?
What is a crypto honeypot and why is it used? Smart contracts programs across a decentralized network of nodes can be executed on modern blockchains like Ethereum. Smart contracts are becoming more popular and valuable, making them a more appealing target for attackers. Several smart contracts have been targeted by hackers in recent years. However, a new trend appears to be gaining traction; namely, attackers are no longer looking for susceptible contracts but are adopting a more proactive strategy. Instead, they aim to trick their victims into falling into traps by sending out contracts that appear to be vulnerable but …
Adoption / Dec. 26, 2021
Are crypto and blockchain safe for kids, or should greater measures be put in place?
Crypto is going mainstream, and the world’s younger generation, in particular, is taking note. Cryptocurrency exchange Crypto.com recently predicted that crypto users worldwide could reach 1 billion by the end of 2022. Further findings show that Millennials — those between the ages of 26 and 41 — are turning to digital asset investment to build wealth. For example, a study conducted in 2021 by personal loan company Stilt found that, according to its user data, more than 94% of people who own crypto were between 18 and 40. Keeping children safe While the increased interest in cryptocurrency is notable, some …
Adoption / Feb. 26, 2022