Many blockchain networks aim to preserve the anonymity of validators in the peer-to-peer (P2P) network, ensuring that no adversary can link a validator’s identifier to the IP address of a peer due to associated privacy and security concerns. This work demonstrates that the Ethereum P2P network does not offer this anonymity. We present a methodology that enables any node in the network to identify validators hosted on connected peers and empirically verify the feasibility of our proposed method. Using data collected from four nodes over three days, we locate more than 15% of Ethereum validators in the P2P network. The insights gained from our deanonymization technique provide valuable information on the distribution of validators across peers, their geographic locations, and hosting organizations. We further discuss the implications and risks associated with the lack of anonymity in the P2P network and propose methods to help validators protect their privacy. The Ethereum Foundation has awarded us a bug bounty, acknowledging the impact of our results.
@misc{heimbach2024deanonymizing,title={Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue},author={Heimbach, Lioba and Vonlanthen, Yann and Villacis, Juan and Kiffer, Lucianna and Wattenhofer, Roger},journal={arXiv preprint arXiv:2409.04366},year={pre-print},eprint={2409.04366},archiveprefix={arXiv},primaryclass={cs.CR},}
@inproceedings{vonlanthen2024banyan,author={Vonlanthen, Yann and Sliwinski, Jakub and Albarello, Massimo and Wattenhofer, Roger},title={{Banyan: Fast Rotating Leader BFT}},booktitle={25th ACM/IFIP International Middleware Conference (Middleware)},year={2024},}
Rainer Feichtinger, Robin Fritsch, Lioba Heimbach, and
2 more authors
In 6th International Conference on Advances in Financial Technologies (AFT), Vienna, Austria, 2024
Non-archival: 4th Workshop on Decentralized Finance (DeFi), March 2024 Non-archival: The Latest in DeFi Research (TLDR) Conference, May 2024 Non-archival: European DAO Workshop (DAWO) 2024, July 2024
Decentralized Autonomous Organizations (DAOs) are blockchain-based organizations that facilitate decentralized governance. Today, DAOs not only hold billions of dollars in their treasury but also govern many of the most popular Decentralized Finance (DeFi) protocols. This paper systematically analyses security threats to DAOs, focusing on the types of attacks they face. We study attacks on DAOs that took place in the past, attacks that have been theorized to be possible, and potential attacks that were uncovered and prevented in audits. For each of these (potential) attacks, we describe and categorize the attack vectors utilized into four categories. This reveals that while many attacks on DAOs take advantage of the less tangible and more complex human nature involved in governance, audits tend to focus on code and protocol vulnerabilities. Thus, additionally, the paper examines empirical data on DAO vulnerabilities, outlines risk factors contributing to these attacks, and suggests mitigation strategies to safeguard against such vulnerabilities.
@inproceedings{feichtinger2024sok,title={SoK: Attacks on DAOs},author={Feichtinger, Rainer and Fritsch, Robin and Heimbach, Lioba and Vonlanthen, Yann and Wattenhofer, Roger},booktitle={6th International Conference on Advances in Financial Technologies (AFT), Vienna, Austria},year={2024},}
On 15th September 2022, The Merge marked the Ethereum network’s transition from computation-hardness-based consensus (proof-of-work) to a committee-based consensus mechanism (proof-of-stake). As a result, all the specialized hardware and GPUs that were being used by miners ceased to be profitable in the main Ethereum network. Miners were then left with the decision of how to re-purpose their hardware. One such choice was to try and make a profit mining another existing PoW system. In this study, we explore this choice by analyzing the hashrate increase in the top PoW networks following the merge. Our findings reveal that the peak increase in hashrate to other PoW networks following The Merge represents an adoption of at least 41% of the hashrate that was present in Ethereum, with 12% remaining more than 5 months later. Though we measure a drastic decrease in profitability by almost an order of magnitude, the continued presence of miners halts claims that power consumption was instantly addressed by Ethereum’s switch to PoS.
@inproceedings{kiffer2023pow,title={Short Paper: The PoW Landscape in the Aftermath of The Merge},author={Kiffer, Lucianna and Skorik, Sophia and Vonlanthen, Yann and Wattenhofer, Roger},year={2024},eprint={2310.01028},archiveprefix={arXiv},primaryclass={cs.CE},booktitle={The 5th Workshop on Coordination of Decentralized Finance (CoDecFin) 2023, Willemstad, Curaçao},}
"Ethereum introduced Transaction Access Lists (TALs) in 2020 to optimize gas costs during transaction execution. In this work, we present a comprehensive analysis of TALs in Ethereum, focusing on adoption, quality, and gas savings. Analyzing a full month of mainnet data with 31,954,474 transactions, we found that only 1.46% of transactions included a TAL, even though 42.6% of transactions would have benefited from it. On average, access lists can save around 0.29% of gas costs, equivalent to approximately 3,450 ETH (roughly US$ 5 Mio) per year. However, 19.6% of TALs included by transactions contained imperfections, causing almost 11.8% of transactions to pay more gas with TAL than without. We find that these inaccuracies are caused by the unknown state at the time of the TAL computation as well as imperfect TAL computations provided by all major Ethereum clients. We thus compare the gas savings when calculating the TAL at the beginning of the block vs. calculating it on the correct state, to find that the unknown state is a major source of TAL inaccuracies. Finally, we implement an ideal TAL computation for the Erigon client to highlight the cost of these flawed implementations."
@inproceedings{heimbach2023dissecting,title={Short Paper: Dissecting the EIP-2930 Optional Access Lists},author={Heimbach, Lioba and Kniep, Quentin and Vonlanthen, Yann and Wattenhofer, Roger and Züst, Patrick},year={2024},archiveprefix={arXiv},primaryclass={cs.DC},booktitle={Financial Cryptography and Data Security (FC), Willemstad, Curaçao},}
Decentralized autonomous organizations (DAOs) are a recent innovation in organizational structures, which are already widely used in the blockchain ecosystem. We empirically study the on-chain governance systems of 21 DAOs and open source the live dataset. The DAOs we study are of various size and activity, and govern a wide range of protocols and services, such as decentralized exchanges, lending protocols, infrastructure projects and common goods funding. Our analysis unveils a high concentration of voting rights, a significant hidden monetary costs of on-chain governance systems, as well as a remarkably high amount of pointless governance activity.
@inproceedings{feichtinger2023hidden,title={The Hidden Shortcomings of (D)AOs - An Empirical Study of On-Chain Governance},author={Feichtinger, Rainer and Fritsch, Robin and Vonlanthen, Yann and Wattenhofer, Roger},year={2023},eprint={2302.12125},archiveprefix={arXiv},primaryclass={cs.CY},booktitle={The 4th Workshop on Coordination of Decentralized Finance (CoDecFin) 2023, Bol, Brač, Croatia}}
"Many classical blockchains are known to have an embarrassingly low transaction throughput, down to Bitcoin’s notorious seven transactions per second limit.Various proposals and implementations for increasing throughput emerged in the first decade of blockchain research. But how much concurrency is possible? In their early days, blockchains were mostly used for simple transfers from user to user. More recently, however, decentralized finance (DeFi) and NFT marketplaces have completely changed what is happening on blockchains. Both are built using smart contracts and have gained significant popularity. Transactions on DeFi and NFT marketplaces often interact with the same smart contracts. We believe this development has transformed blockchain usage. In our work, we perform a historical analysis of Ethereum’s transaction graph. We study how much interaction between transactions there was historically and how much there is now. We find that the rise of DeFi and NFT marketplaces has led to an increase in "centralization" in the transaction graph. More transactions are now interconnected: currently there are around 200 transactions per block with 4000 interdependencies between them. We further find that the parallelizability of Ethereum’s current interconnected transaction workload is limited. A speedup exceeding a factor of five is currently unrealistic."
@inproceedings{heimbach2023defi,title={DeFi and NFTs Hinder Blockchain Scalability},author={Heimbach, Lioba and Kniep, Quentin and Vonlanthen, Yann and Wattenhofer, Roger},year={2023},eprint={2302.06708},archiveprefix={arXiv},primaryclass={cs.CR},doi={10.48550},booktitle={Financial Cryptography and Data Security (FC), Bol, Brač, Croatia}}
Digital money can be implemented efficiently by avoiding consensus. However, no-consensus implementations have drawbacks, as they cannot support smart contracts, and (even more fundamentally) they cannot deal with conflicting transactions. We present a novel protocol that combines the benefits of an asynchronous, broadcast-based digital currency, with the capacity to perform consensus. This is achieved by selectively performing consensus a posteriori, i.e., only when absolutely necessary. Our on-demand consensus comes at the price of restricting the Byzantine participants to be less than a one-fifth minority in the system, which is the optimal threshold. We formally prove the correctness of our system and present an open-source implementation, which inherits many features from the Ethereum ecosystem.
@inproceedings{sliwinski2022cod,author={Sliwinski, Jakub and Vonlanthen, Yann and Wattenhofer, Roger},editor={Devismes, St{\'e}phane and Petit, Franck and Altisen, Karine and Di Luna, Giuseppe Antonio and Fernandez Anta, Antonio},title={Consensus on Demand},booktitle={24th International Symposium on Stabilization, Safety, and Security of Distributed Systems, Clermont-Ferrand, France},year={2022},publisher={Springer International Publishing},pages={299--313},isbn={978-3-031-21017-4},eprint={2202.03756},}
Byzantine reliable broadcast is a powerful primitive that allows a set of processes to agree on a message from a designated sender, even if some processes (including the sender) are Byzantine. Existing broadcast protocols for this setting scale poorly, as they typically build on quorum systems with strong intersection guarantees, which results in linear per-process communication and computation complexity.
We generalize the Byzantine reliable broadcast abstraction to the probabilistic setting, allowing each of its properties to be violated with a fixed, arbitrarily small probability. We leverage these relaxed guarantees in a protocol where we replace quorums with stochastic samples. Compared to quorums, samples are significantly smaller in size, leading to a more scalable design. We obtain the first Byzantine reliable broadcast protocol with logarithmic per-process communication and computation complexity.
We conduct a complete and thorough analysis of our protocol, deriving bounds on the probability of each of its properties being compromised. During our analysis, we introduce a novel general technique we call adversary decorators. Adversary decorators allow us to make claims about the optimal strategy of the Byzantine adversary without having to make any additional assumptions. We also introduce Threshold Contagion, a model of message propagation through a system with Byzantine processes. To the best of our knowledge, this is the first formal analysis of a probabilistic broadcast protocol in the Byzantine fault model. We show numerically that practically negligible failure probabilities can be achieved with realistic security parameters.
@article{Extended,author={Guerraoui, Rachid and Kuznetsov, Petr and Monti, Matteo and Pavlovic, Matej and Seredinschi, Dragos{-}Adrian and Vonlanthen, Yann},title={Scalable Byzantine Reliable Broadcast (Extended Version)},year={2020},archiveprefix={arXiv},eprint={1908.01738},}