-
SoK: Attacks on DAOs
Authors:
Rainer Feichtinger,
Robin Fritsch,
Lioba Heimbach,
Yann Vonlanthen,
Roger Wattenhofer
Abstract:
Decentralized Autonomous Organizations (DAOs) are blockchain-based organizations that facilitate decentralized governance. Today, DAOs not only hold billions of dollars in their treasury but also govern many of the most popular Decentralized Finance (DeFi) protocols. This paper systematically analyses security threats to DAOs, focusing on the types of attacks they face. We study attacks on DAOs th…
▽ More
Decentralized Autonomous Organizations (DAOs) are blockchain-based organizations that facilitate decentralized governance. Today, DAOs not only hold billions of dollars in their treasury but also govern many of the most popular Decentralized Finance (DeFi) protocols. This paper systematically analyses security threats to DAOs, focusing on the types of attacks they face. We study attacks on DAOs that took place in the past, attacks that have been theorized to be possible, and potential attacks that were uncovered and prevented in audits. For each of these (potential) attacks, we describe and categorize the attack vectors utilized into four categories. This reveals that while many attacks on DAOs take advantage of the less tangible and more complex human nature involved in governance, audits tend to focus on code and protocol vulnerabilities. Thus, additionally, the paper examines empirical data on DAO vulnerabilities, outlines risk factors contributing to these attacks, and suggests mitigation strategies to safeguard against such vulnerabilities.
△ Less
Submitted 21 June, 2024;
originally announced June 2024.
-
Dissecting the EIP-2930 Optional Access Lists
Authors:
Lioba Heimbach,
Quentin Kniep,
Yann Vonlanthen,
Roger Wattenhofer,
Patrick Züst
Abstract:
Ethereum introduced Transaction Access Lists (TALs) in 2020 to optimize gas costs during transaction execution. In this work, we present a comprehensive analysis of TALs in Ethereum, focusing on adoption, quality, and gas savings. Analyzing a full month of mainnet data with 31,954,474 transactions, we found that only 1.46% of transactions included a TAL, even though 42.6% of transactions would hav…
▽ More
Ethereum introduced Transaction Access Lists (TALs) in 2020 to optimize gas costs during transaction execution. In this work, we present a comprehensive analysis of TALs in Ethereum, focusing on adoption, quality, and gas savings. Analyzing a full month of mainnet data with 31,954,474 transactions, we found that only 1.46% of transactions included a TAL, even though 42.6% of transactions would have benefited from it. On average, access lists can save around 0.29% of gas costs, equivalent to approximately 3,450 ETH (roughly US$ 5 Mio) per year. However, 19.6% of TALs included by transactions contained imperfections, causing almost 11.8% of transactions to pay more gas with TAL than without. We find that these inaccuracies are caused by the unknown state at the time of the TAL computation as well as imperfect TAL computations provided by all major Ethereum clients. We thus compare the gas savings when calculating the TAL at the beginning of the block vs. calculating it on the correct state, to find that the unknown state is a major source of TAL inaccuracies. Finally, we implement an ideal TAL computation for the Erigon client to highlight the cost of these flawed implementations.
△ Less
Submitted 11 December, 2023;
originally announced December 2023.
-
Fast Internet Computer Consensus
Authors:
Massimo Albarello,
Jakub Sliwinski,
Yann Vonlanthen,
Roger Wattenhofer
Abstract:
This paper presents the first rotating leader state machine replication (SMR) protocol that allows transactions to be confirmed in just a single round-trip time in the Byzantine fault tolerance (BFT) setting. Based on minimal alterations to the Internet Computer Consensus (ICC) protocol and with negligible communication overhead, we introduce a novel dual mode mechanism that enables optimal block…
▽ More
This paper presents the first rotating leader state machine replication (SMR) protocol that allows transactions to be confirmed in just a single round-trip time in the Byzantine fault tolerance (BFT) setting. Based on minimal alterations to the Internet Computer Consensus (ICC) protocol and with negligible communication overhead, we introduce a novel dual mode mechanism that enables optimal block finalization latency in the fast path. Crucially, the modes of operation are integrated, such that even if the fast path is not effective, no penalties are incurred. Moreover, our algorithm maintains the core attributes of the original ICC protocol, including optimistic responsiveness and rotating leaders without the necessity for a view-change protocol.
We prove the correctness of our Fast Internet Computer Consensus (FICC) protocol and provide an open-source implementation of it. Both the FICC and original ICC protocol are compared in a globally distributed wide-area network. Our evaluation reveals that the FICC protocol achieves reduced latency compared to the ICC protocol, without requiring additional security assumptions. Furthermore, by increasing the number of replicas to $n = 5f + 1$, we exhibit that latency improvements close to the theoretical maximum of 33% are attainable. We conclude by highlighting the network topology as a significant factor in evaluating and comparing the latency of consensus algorithms.
△ Less
Submitted 10 December, 2023;
originally announced December 2023.
-
The PoW Landscape in the Aftermath of The Merge
Authors:
Lucianna Kiffer,
Sophia Skorik,
Yann Vonlanthen,
Roger Wattenhofer
Abstract:
On 15th September 2022, The Merge marked the Ethereum network's transition from computation-hardness-based consensus (proof-of-work) to a committee-based consensus mechanism (proof-of-stake). As a result, all the specialized hardware and GPUs that were being used by miners ceased to be profitable in the main Ethereum network. Miners were then left with the decision of how to re-purpose their hardw…
▽ More
On 15th September 2022, The Merge marked the Ethereum network's transition from computation-hardness-based consensus (proof-of-work) to a committee-based consensus mechanism (proof-of-stake). As a result, all the specialized hardware and GPUs that were being used by miners ceased to be profitable in the main Ethereum network. Miners were then left with the decision of how to re-purpose their hardware. One such choice was to try and make a profit mining another existing PoW system. In this study, we explore this choice by analyzing the hashrate increase in the top PoW networks following the merge. Our findings reveal that the peak increase in hashrate to other PoW networks following The Merge represents an adoption of at least 41% of the hashrate that was present in Ethereum, with 12% remaining more than 5 months later. Though we measure a drastic decrease in profitability by almost an order of magnitude, the continued presence of miners halts claims that power consumption was instantly addressed by Ethereum's switch to PoS.
△ Less
Submitted 2 October, 2023;
originally announced October 2023.
-
The Hidden Shortcomings of (D)AOs -- An Empirical Study of On-Chain Governance
Authors:
Rainer Feichtinger,
Robin Fritsch,
Yann Vonlanthen,
Roger Wattenhofer
Abstract:
Decentralized autonomous organizations (DAOs) are a recent innovation in organizational structures, which are already widely used in the blockchain ecosystem. We empirically study the on-chain governance systems of 21 DAOs and open source the live dataset. The DAOs we study are of various size and activity, and govern a wide range of protocols and services, such as decentralized exchanges, lending…
▽ More
Decentralized autonomous organizations (DAOs) are a recent innovation in organizational structures, which are already widely used in the blockchain ecosystem. We empirically study the on-chain governance systems of 21 DAOs and open source the live dataset. The DAOs we study are of various size and activity, and govern a wide range of protocols and services, such as decentralized exchanges, lending protocols, infrastructure projects and common goods funding. Our analysis unveils a high concentration of voting rights, a significant hidden monetary costs of on-chain governance systems, as well as a remarkably high amount of pointless governance activity.
△ Less
Submitted 28 February, 2023; v1 submitted 23 February, 2023;
originally announced February 2023.
-
DeFi and NFTs Hinder Blockchain Scalability
Authors:
Lioba Heimbach,
Quentin Kniep,
Yann Vonlanthen,
Roger Wattenhofer
Abstract:
Many classical blockchains are known to have an embarrassingly low transaction throughput, down to Bitcoin's notorious seven transactions per second limit.Various proposals and implementations for increasing throughput emerged in the first decade of blockchain research. But how much concurrency is possible? In their early days, blockchains were mostly used for simple transfers from user to user. M…
▽ More
Many classical blockchains are known to have an embarrassingly low transaction throughput, down to Bitcoin's notorious seven transactions per second limit.Various proposals and implementations for increasing throughput emerged in the first decade of blockchain research. But how much concurrency is possible? In their early days, blockchains were mostly used for simple transfers from user to user. More recently, however, decentralized finance (DeFi) and NFT marketplaces have completely changed what is happening on blockchains. Both are built using smart contracts and have gained significant popularity. Transactions on DeFi and NFT marketplaces often interact with the same smart contracts. We believe this development has transformed blockchain usage. In our work, we perform a historical analysis of Ethereum's transaction graph. We study how much interaction between transactions there was historically and how much there is now. We find that the rise of DeFi and NFT marketplaces has led to an increase in "centralization" in the transaction graph. More transactions are now interconnected: currently there are around 200 transactions per block with 4000 interdependencies between them. We further find that the parallelizability of Ethereum's current interconnected transaction workload is limited. A speedup exceeding a factor of five is currently unrealistic.
△ Less
Submitted 7 March, 2023; v1 submitted 13 February, 2023;
originally announced February 2023.
-
Consensus on Demand
Authors:
Jakub Sliwinski,
Yann Vonlanthen,
Roger Wattenhofer
Abstract:
Digital money can be implemented efficiently by avoiding consensus. However, no-consensus implementations have drawbacks, as they cannot support smart contracts, and (even more fundamentally) they cannot deal with conflicting transactions. We present a novel protocol that combines the benefits of an asynchronous, broadcast-based digital currency, with the capacity to perform consensus. This is ach…
▽ More
Digital money can be implemented efficiently by avoiding consensus. However, no-consensus implementations have drawbacks, as they cannot support smart contracts, and (even more fundamentally) they cannot deal with conflicting transactions. We present a novel protocol that combines the benefits of an asynchronous, broadcast-based digital currency, with the capacity to perform consensus. This is achieved by selectively performing consensus a posteriori, i.e., only when absolutely necessary. Our on-demand consensus comes at the price of restricting the Byzantine participants to be less than a one-fifth minority in the system, which is the optimal threshold. We formally prove the correctness of our system and present an open-source implementation, which inherits many features from the Ethereum ecosystem.
△ Less
Submitted 3 October, 2022; v1 submitted 8 February, 2022;
originally announced February 2022.
-
Scalable Byzantine Reliable Broadcast (Extended Version)
Authors:
Rachid Guerraoui,
Petr Kuznetsov,
Matteo Monti,
Matej Pavlovic,
Dragos-Adrian Seredinschi,
Yann Vonlanthen
Abstract:
Byzantine reliable broadcast is a powerful primitive that allows a set of processes to agree on a message from a designated sender, even if some processes (including the sender) are Byzantine. Existing broadcast protocols for this setting scale poorly, as they typically build on quorum systems with strong intersection guarantees, which results in linear per-process communication and computation co…
▽ More
Byzantine reliable broadcast is a powerful primitive that allows a set of processes to agree on a message from a designated sender, even if some processes (including the sender) are Byzantine. Existing broadcast protocols for this setting scale poorly, as they typically build on quorum systems with strong intersection guarantees, which results in linear per-process communication and computation complexity.
We generalize the Byzantine reliable broadcast abstraction to the probabilistic setting, allowing each of its properties to be violated with a fixed, arbitrarily small probability. We leverage these relaxed guarantees in a protocol where we replace quorums with stochastic samples. Compared to quorums, samples are significantly smaller in size, leading to a more scalable design. We obtain the first Byzantine reliable broadcast protocol with logarithmic per-process communication and computation complexity.
We conduct a complete and thorough analysis of our protocol, deriving bounds on the probability of each of its properties being compromised. During our analysis, we introduce a novel general technique we call adversary decorators. Adversary decorators allow us to make claims about the optimal strategy of the Byzantine adversary without having to make any additional assumptions. We also introduce Threshold Contagion, a model of message propagation through a system with Byzantine processes. To the best of our knowledge, this is the first formal analysis of a probabilistic broadcast protocol in the Byzantine fault model. We show numerically that practically negligible failure probabilities can be achieved with realistic security parameters.
△ Less
Submitted 19 February, 2020; v1 submitted 5 August, 2019;
originally announced August 2019.