Fake Stake attacks on chain-based Proof-of-Stake cryptocurrencies
https://medium.com/@dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806This article is the public disclosure of a series of resource exhaustion vulnerabilities investigated by a team of students consisting of Sanket Kanjalkar (sanket1729,
smk7@illinois.edu), Yunqi Li, Yuguang Chen, Joseph Kuo, and our adviser Andrew Miller(socrates1024) in the Decentralized Systems Lab @ UIUC. These vulnerabilities have affected 26+ Proof-of-Stake cryptocurrencies in total and would allow a network attacker with a very small amount of stake to crash any of the network nodes running the corresponding software. We began a coordinated disclosure in October 2018 to notify development teams of affected cryptocurrencies ahead of this public release. The majority of them (weighted by marketcap) have already deployed mitigations.........
Vulnerability #1: I Cant Believe its not Stake
When we first investigated this problem, we found that five cryptocurrencies, Qtum, Particl, Navcoin, HTMLcoin, and Emercoin, exhibited a fairly trivial form of this vulnerability: namely, they fail to check any coinstake transaction at all before committing a block to RAM or disk. What these five cryptocurrencies have in common is that they have adopted Bitcoins headers first feature, in which block propagation was split into two separate messages, Block and Header. Nodes only ask for Block after Header passes the PoW checks AND it is a longest (or longer) chain. Since the coinstake transaction is present only in Block but not the Header, a node cannot validate the Header on its own. Instead, it directly stores the header to an in-memory data structure (mapBlockIndex). As a result, any network attacker, even with no stake whatsoever, can fill up a victim nodes RAM..........