Blockchain的鱼和熊掌系列（16）Potential Attacks

Figure 1 shows attacks on P2P networks, where there are two roles of peers to be considered: honest peers (in blue) and malicious peers (in red). In a situation, of which peers are anonymous and constantly joining and leaving, to find a solution to possible attacks in not easy. Several attacks to the Bitcoin-based P2P network are discussed as follows.

51% attack. The 51% attack [Bitcoin: A peer-to-peer electronic cash system] [Are blockchains immune to all malicious attacks] [Bitcoins, Its Advantages and Security Threats] is one of the most dangerous weaknesses to Bitcoin network. Once over half of computing power of the Bitcoin network is dominated by attackers, the 51% attack occurs then. Attackers could reverse transactions he sent by preventing transactions from being confirmed and avoiding miners from mining and etc. The two phase of work protocol is a possible solution to such an attack by increasing the cost of 51% attack through increasing the difficulty of mining in turn [Preventing the 51%-Attack: a Stochastic Analysis of Two Phase Proof of Work in Bitcoin].

Selfish mining. The selfish mining attack, proposed by Ittay Eyal et al. [Majority is not enough: Bitcoin mining is vulnerable] [Optimal Selfish Mining Strategies in Bitcoin] [Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack] reveals a vulnerability in Bitcoin network where an attacker tries to keep its discovered private, to append more new blocks from it, and to get more profits. The process continues until the length of public branches is approaching, then attackers reveal the longest chain from private to public, and discard these public branches created by honest miners. The effect of selfish mining attacks is to allow attackers to profiteer at the expense of all honest miners.

Eclipse attack. The eclipse attack [Tampering with the delivery of blocks and transactions in bitcoin] is a possible attack to Bitcoin network. In such an attack, attackers control parts of network communication, create an adverse network to isolate victims from the rest of normal peers on the network, and block views of these victims. Then, attackers can take advantage of the victims’ computing power for their own malicious purposes, such as selfish mining, double spending and etc. To avoid the happen of eclipse attacks on Bitcoin network, several countermeasures, like deterministic random eviction, more ongoing connections and etc, have been explored and purposed in their work [Eclipse Attacks on Bitcoin’s Peer-to-Peer Network].

Sybil. The Sybil attack [The Sybil attack] is a potential threat to P2P systems. In such an attack, the adversary attacks Bitcoin’s P2P network by creating many Sybil identities and controlling it. To prevent or mitigate the attack, a lot of work has been proposed, of which the most important solution is the trusted certification. It has been proved to be the only way to completely solve the attack [The Sybil attack]. Zerocoin [Zerocoin: Anonymous distributed e-cash from bitcoin], [Rational zero: Economic security for zerocoin with everlasting anonymity] is a practical application that the trusted certification applies to. Another possible solution to the attack is using trusted devices [The Sybil attack in sensor networks analysis and defenses] [The design of a robust peer to peer system]. Similar work such as the Xim protocol also has been designed, implemented and proposed [Sybil Resistant mixing for bitcoin].