How to Hack Blockchain Systems Parinya Ekparinya Vincent Gramoli - - PowerPoint PPT Presentation

how to hack
SMART_READER_LITE
LIVE PREVIEW

How to Hack Blockchain Systems Parinya Ekparinya Vincent Gramoli - - PowerPoint PPT Presentation

Aug 16, 2022 213 likes •634 views

How to Hack Blockchain Systems Parinya Ekparinya Vincent Gramoli Guillaume Jourjon The University of Sydney Page 1 Blockchain Block #41 Block #42 Block #43 Block #44 Proof: Proof: Proof: Proof: 0xd00d1e 0xc0ffee 0xf00baa

slide-1
SLIDE 1

The University of Sydney Page 1

How to Hack Blockchain Systems

Parinya Ekparinya Vincent Gramoli Guillaume Jourjon

slide-2
SLIDE 2

The University of Sydney Page 2

Block #42 Proof: 0xc0ffee… Parent Proof: 0xd00d1e… Block #44 Proof: 0xfabfab… Parent Proof: 0xf00baa… TX: Mallory -> Bob Block #43 Proof: 0xf00baa… Parent Proof: 0xc0ffee… TX: Ted -> Alice TX: Mallory -> Alice Block #41 Proof: 0xd00d1e… Parent Proof: 0xf00baa…

Blockchain

TX: Alice -> Bob

slide-3
SLIDE 3

The University of Sydney Page 3

Block #42 Proof: 0xc0ffee… Parent Proof: 0xd00d1e… Block #44 Proof: 0xfabfab… Parent Proof: 0xf00baa… TX: Mallory -> Bob Block #43 Proof: 0xf00baa… Parent Proof: 0xc0ffee… TX: Ted -> Alice TX: Mallory -> Alice Block #41 Proof: 0xd00d1e… Parent Proof: 0xf00baa…

Blockchain

TX: Alice -> Bob

slide-4
SLIDE 4

The University of Sydney Page 4

slide-5
SLIDE 5

The University of Sydney Page 5

slide-6
SLIDE 6

The University of Sydney Page 6

$ 10

slide-7
SLIDE 7

The University of Sydney Page 7

$ 10

slide-8
SLIDE 8

The University of Sydney Page 8

$ 10 $ 10

slide-9
SLIDE 9

The University of Sydney Page 9

$ 10 $ 10

slide-10
SLIDE 10

The University of Sydney Page 10

$ 10 $ 10

slide-11
SLIDE 11

The University of Sydney Page 11

$ 10 $ 10

slide-12
SLIDE 12

The University of Sydney Page 12

$ 10 $ 10

slide-13
SLIDE 13

The University of Sydney Page 13

$ 10

What da h…

slide-14
SLIDE 14

The University of Sydney Page 14

slide-15
SLIDE 15

The University of Sydney Page 15

Q: is it possible to double spend on Ethereum with network attacks?

slide-16
SLIDE 16

The University of Sydney Page 16

Approaches to study … – Goals:

  • 1. How the blockchain system decide a block?
  • 2. How the blockchain system resolve fork?
slide-17
SLIDE 17

The University of Sydney Page 17

Approaches to study … – Goals:

  • 1. How the blockchain system decide a block?
  • 2. How the blockchain system resolve fork?

– Reading the documentation

– Scattered and un-organised information: website, wiki, github, issue tracker, yellow paper , etc. – Lack of necessary information – Intention ≠ Actual implementation

– Reading the code !! – Running it for real because the devil is in the detail …

slide-18
SLIDE 18

The University of Sydney Page 18

Decided Blocks and Committed Transactions in PoW/Ethereum

– Given a blockchain with parameter k, a block at index i is decided when the chain depth reaches i+k – A transaction is committed if it belongs to a decided block

Ekparinya et al, "Impact of Man-in-the-middle Attacks on Ethereum"

1 i i+1 i+k i+k-1 Decided block Transaction Undecided block

slide-19
SLIDE 19

The University of Sydney Page 19

Expected Branch Selection in PoW/Ethereum: GHOST

slide-20
SLIDE 20

The University of Sydney Page 20

Expected Branch Selection in PoW/Ethereum: GHOST

slide-21
SLIDE 21

The University of Sydney Page 21

Actual Branch Selection in PoW/Ethereum: Highest total difficulty

slide-22
SLIDE 22

The University of Sydney Page 22

Actual Branch Selection in PoW/Ethereum: Highest total difficulty

slide-23
SLIDE 23

The University of Sydney Page 23

Example 1: Man-in-the-middle Attack against PoW

slide-24
SLIDE 24

The University of Sydney Page 24

Example 1: Man-in-the-middle Attack against PoW

slide-25
SLIDE 25

The University of Sydney Page 25

Example 1: Man-in-the-middle Attack against PoW

slide-26
SLIDE 26

The University of Sydney Page 26

Example 1: Man-in-the-middle Attack against PoW

slide-27
SLIDE 27

The University of Sydney Page 27

Example 1: Man-in-the-middle Attack against PoW

slide-28
SLIDE 28

The University of Sydney Page 31

Decided Blocks and Committed Transactions in AuRa PoA/Ethereum

– A decision requires strictly more than half, only one partition may decide blocks Can decide a block

slide-29
SLIDE 29

The University of Sydney Page 32

Branch Selection in AuRa PoA/Ethereum : Longest branch

slide-30
SLIDE 30

The University of Sydney Page 33

Branch Selection in AuRa PoA/Ethereum : Longest branch

slide-31
SLIDE 31

The University of Sydney Page 34

Example 2: The Cloning Attack against PoA

slide-32
SLIDE 32

The University of Sydney Page 35

Example 2: The Cloning Attack against PoA

slide-33
SLIDE 33

The University of Sydney Page 36

Example 2: The Cloning Attack against PoA

slide-34
SLIDE 34

The University of Sydney Page 37

Example 2: The Cloning Attack against PoA

slide-35
SLIDE 35

The University of Sydney Page 38

Example 2: The Cloning Attack against PoA

slide-36
SLIDE 36

The University of Sydney Page 39

The requirements for the experiments

– Control over computing resources – Network control and isolation – Highly automated – Robust data collection ➢ OpenStack Private Cloud ➢ Virtual switches, Virtual routers (Quagga) and VLAN ➢ OpenStack API and Ethereum API ➢ Elasticsearch

slide-37
SLIDE 37

The University of Sydney Page 40

Testbed Provisioning

slide-38
SLIDE 38

The University of Sydney Page 41

Testbed Provisioning

slide-39
SLIDE 39

The University of Sydney Page 42

Testbed Provisioning

slide-40
SLIDE 40

The University of Sydney Page 43

Testbed Provisioning

slide-41
SLIDE 41

The University of Sydney Page 44

Time for Discussions !!