Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

SoK: Algorithmic Incentive Manipulation Attacks on Permissionless PoW Cryptocurrencies

  • Conference paper
  • First Online:
Financial Cryptography and Data Security. FC 2021 International Workshops (FC 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12676))

Included in the following conference series:

Abstract

A long standing question in the context of cryptocurrencies based on Nakamoto consensus is whether such constructions are incentive compatible, i.e., the intended properties of the system emerge from the appropriate utility model for participants. Bribing and other related attacks, such as front-running or Goldfinger attacks, aim to directly influence the incentives of actors within (or outside) of the targeted cryptocurrency system. The theoretical possibility of bribing attacks on cryptocurrencies was discussed early on in the cryptocurrency community and various different techniques and approaches have since been proposed. Some of these attacks are designed to gain in-band profits, while others intend to break the mechanism design and render the cryptocurrency worthless. In this paper, we systematically expose the large but scattered body of research in this area which has accumulated over the years. We summarize these bribing attacks and similar techniques that leverage on programmatic execution and verification under the term algorithmic incentive manipulation (AIM) attacks, and show that the problem space is not yet fully explored. Based on our analysis we present several research gaps and opportunities that warrant further investigation. In particular, we highlight no- and near-fork attacks as a powerful, yet largely underestimated, AIM category that raises serious security concerns not only for smart contract platforms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    For a summary see  [55].

  2. 2.

    In comparison, in proof-of-stake (PoS) cryptocurrencies it would not be possible to rent or build new capacity, as all stake eligible for voting has to exist in the system already [15].

  3. 3.

    For a discussion on rationality in this context see, Sect. 7.

  4. 4.

    Only the Proof-of-Stale blocks [43, 59] attack, as well as Fomo 3D [4] are fundamentally different: The former is targeted to attack mining pools, while the latter is designed as an exit scam, but can also lead to scenarios resembling an attack.

  5. 5.

    Sometimes also referred to as proposed, or published in related literature.

  6. 6.

    We emphasize that each transaction has a recipient (and thus a potential victim with an individual \(k_V\)), in practice there is no global security parameter k which holds for all transactions.

  7. 7.

    The length of \(k_{gap}\) also depends on the attacker’s resources and willingness to succeed (e.g., to exclude a certain block).

  8. 8.

    Actually the heaviest chain by PoW, e.g., in Bitcoin measured in difficulty periods.

  9. 9.

    In P2Pool for example, there is no single operator which can define the content of a block proposal.

  10. 10.

    The winner flooded the network with unrelated high gas transactions to custom smart contracts which congested the network blocking other “last” payments to the game.

  11. 11.

    Interestingly the problem of racing transaction was known very early on in the cryptocurrency community, which lead to the first fork of Bitcoin, i.e., Namecoin [1, 33], which introduced a commit reveal scheme to prevent races while registering domain names on the blockchain.

  12. 12.

    The issue stems from the fact that the bribing contract checks the balance of the Ethereum account which should receive the bribing funds before issuing any bribes, but without any additional locking constraints these funds can be moved by the attacker once received.

  13. 13.

    The dependency between transaction value and confirmation time \( k_V \), is also discussed in [54].

References

  1. Namecoin: https://www.namecoin.org/. Accessed 15 Sept 2020

  2. Replace by fee in bitcoin: https://en.bitcoin.it/wiki/Replace_by_fee. Accessed 23 Dec 2020

  3. Replace by fee in openethereum: https://openethereum.github.io/Transactions-Queue.html. Accessed 23 Dec 2020

  4. How the winner got Fomo3D prize - a detailed explanation. medium (2018). https://medium.com/coinmonks/how-the-winner-got-fomo3d-prize-a-detailed-explanation-b30a69b7813f. Accessed 15 Sept 2020

  5. Bitcoin cash miners undo attacker’s transactions with 51% attack’. coindesk (2019). https://www.coindesk.com/bitcoin-cash-miners-undo-attackers-transactions-with-51-attack. Accessed 15 Sept 2020

  6. Ethereum classic 51% attack – the reality of proof-of-work. cointelegraph (2019). https://cointelegraph.com/news/ethereum-classic-51-attack-the-reality-of-proof-of-work. Accessed 15 Sep 2020

  7. Talk: A primer on economics for cryptocurrencies. School of Blocks, Blockchain summer school at TU Wien (2019). https://bdlt.school/files/slides/talk-rainer-b%C3%B6hme-a-primer-on-economics-for-cryptocurrencies.pdf. Accessed 15 Sept 2020

  8. Bitcoin gold (btg) was 51% attacked. github (2020), https://gist.github.com/metalicjames/71321570a105940529e709651d0a9765. Accessed 15 Sept 2020

  9. Ethereum classic suffers second 51% attack in a week. coindesk (2020). https://www.coindesk.com/ethereum-classic-suffers-second-51-attack-in-a-week. Accessed 15 Sept 2020

  10. Aiyer, A.S., Alvisi, L., Clement, A., Dahlin, M., Martin, J.P., Porth, C.: Bar fault tolerance for cooperative services. In: ACM SIGOPS Operating Systems Review, vol. 39, pp. 45–58. ACM (2005). http://www.dcc.fc.up.pt/~Ines/aulas/1314/SDM/papers/BAR%20Fault%20Tolerance%20for%20Cooperative%20Services%20-%20UIUC.pdf

  11. socrates1024 (Andrew Miller): Feather-forks: enforcing a blacklist with sub-50

    Google Scholar 

  12. Badertscher, C., Garay, J., Maurer, U., Tschudi, D., Zikas, V.: But why does it work? A rational protocol design treatment of bitcoin. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 34–65. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_2, https://eprint.iacr.org/2018/138.pdf

  13. Badertscher, C., Maurer, U., Tschudi, D., Zikas, V.: Bitcoin as a transaction ledger: a composable treatment. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 324–356. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_11, https://eprint.iacr.org/2017/149.pdf

  14. Bonneau, J.: Why buy when you can rent? Bribery attacks on bitcoin consensus. In: BITCOIN 2016: Proceedings of the 3rd Workshop on Bitcoin and Blockchain Research, February 2016. http://fc16.ifca.ai/bitcoin/papers/Bon16b.pdf

  15. Bonneau, Joseph: Hostile Blockchain Takeovers (Short Paper). In: Zohar, A., et al. (eds.) FC 2018. LNCS, vol. 10958, pp. 92–100. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-662-58820-8_7, http://fc18.ifca.ai/bitcoin/papers/bitcoin18-final17.pdf

  16. Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J.A., Felten, E.W.: SoK: research perspectives and challenges for bitcoin and cryptocurrencies. In: IEEE Symposium on Security and Privacy (2015). http://www.ieee-security.org/TC/SP2015/papers-archived/6949a104.pdf

  17. Budish, E.: The economic limits of bitcoin and the blockchain. Technical report, National Bureau of Economic Research (2018). https://faculty.chicagobooth.edu/eric.budish/research/Economic-Limits-Bitcoin-Blockchain.pdf

  18. Cunicula: Bribery: The double double spend. Bitcoin Forum. https://bitcointalk.org/index.php?topic=122291. Accessed 31 Jan 2021

  19. Daian, P., et al: Flash boys 2.0: frontrunning in decentralized exchanges, miner extractable value, and consensus instability. In: 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, 18–21 May 2020, pp. 910–927. IEEE (2020). https://doi.org/10.1109/SP40000.2020.00040, https://arxiv.org/pdf/1904.05234.pdf

  20. Dembo, A., et al.: Everything is a race and nakamoto always wins (2020)

    Google Scholar 

  21. Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_10, https://web.cs.dal.ca/~abrodsky/7301/readings/DwNa93.pdf

  22. Eskandari, S., Moosavi, S., Clark, J.: Sok: transparent dishonesty: front-running attacks on blockchain. In: Bracciali, A., Clark, J., Pintore, F., Rønne, P.B., Sala, M. (eds.) Financial Cryptography and Data Security - FC 2019 International Workshops, VOTING and WTSC, St. Kitts, St. Kitts and Nevis, 18–22 February 2019, Revised Selected Papers. Lecture Notes in Computer Science, vol. 11599, pp. 170–189. Springer (2019). https://doi.org/10.1007/978-3-030-43725-1_13, https://arxiv.org/pdf/1902.05164.pdf

  23. Eyal, I.: The miner’s dilemma. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 89–103. IEEE (2015). http://arxiv.org/pdf/1411.7099

  24. Eyal, I., Sirer, E.G.: Majority Is Not Enough: Bitcoin Mining Is Vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_28, http://arxiv.org/pdf/1311.0243

  25. Ford, B., Böhme, R.: Rationality is Self-Defeating in Permissionless Systems (2019). https://arxiv.org/pdf/1910.08820.pdf, \_eprint: arXiv:1910.08820

  26. Garay, J.A., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) Advances in Cryptology - EUROCRYPT 2015–34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 26–30 April 2015, Sofia, Bulgaria, Proceedings, Part II. Lecture Notes in Computer Science, vol. 9057, pp. 281–310. Springer (2015). https://doi.org/10.1007/978-3-662-46803-6_10, https://eprint.iacr.org/2014/765.pdf

  27. Garay, J.A., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol with chains of variable difficulty (2016). http://eprint.iacr.org/2016/1048.pdf. Accessed 6 Feb 2017

  28. Gaži, P., Kiayias, A., Russell, A.: Tight consistency bounds for bitcoin. Cryptology ePrint Archive, Report 2020/661 (2020). https://eprint.iacr.org/2020/661

  29. Heilman, E., Baldimtsi, F., Goldberg, S.: Blindly signed contracts: anonymous on-blockchain and off-blockchain bitcoin transactions. Cryptology ePrint Archive, Report 2016/056 (2016). https://eprint.iacr.org/2016/056.pdf. Accessed 3 Oct 2017

  30. Herlihy, M.: Atomic cross-chain swaps. In: Newport, C., Keidar, I. (eds.) Proceedings of the 2018 ACM Symposium on Principles of Distributed Computing, PODC 2018, Egham, United Kingdom, 23–27 July 2018, pp. 245–254. ACM (2018). https://arxiv.org/pdf/1801.09515.pdf

  31. Judmayer, A., Stifter, N., Schindler, P., Weippl, E.: Pitchforks in cryptocurrencies: enforcing rule changes through offensive forking- and consensus techniques (short paper). In: CBT 2018: Proceedings of the International Workshop on Cryptocurrencies and Blockchain Technology, September 2018. https://www.sba-research.org/wp-content/uploads/2018/09/judmayer2018pitchfork_2018-09-05.pdf

  32. Judmayer, A., et al.: Pay to win: cheap, crowdfundable, cross-chain algorithmic incentive manipulation attacks on pow cryptocurrencies. Cryptology ePrint Archive, Report 2019/775 (2019). https://eprint.iacr.org/2019/775

  33. Judmayer, A., Zamyatin, A., Stifter, N., Voyiatzis, A.G., Weippl, E.: Merged mining: Curse or cure? In: CBT 2017: Proceedings of the International Workshop on Cryptocurrencies and Blockchain Technology, September 2017. https://eprint.iacr.org/2017/791.pdf

  34. Kalra, S., Goel, S., Dhawan, M., Sharma, S.: ZEUS: analyzing safety of smart contracts. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, 18–21 February 2018, San Diego, California, USA. The Internet Society (2018). http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_09-1_Kalra_paper.pdf

  35. Kelkar, M., Zhang, F., Goldfeder, S., Juels, A.: Order-fairness for byzantine consensus. In: Micciancio, D., Ristenpart, T. (eds.) Advances in Cryptology - CRYPTO 2020–40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, 17–21 August 2020, CA, USA, Proceedings, Part III. Lecture Notes in Computer Science, vol. 12172, pp. 451–480. Springer (2020). https://doi.org/10.1007/978-3-030-56877-1_16, https://eprint.iacr.org/2020/269

  36. Ketsdever, S., Fischer, M.J.: Incentives don’t solve blockchain’s problems (2019). https://arxiv.org/pdf/1905.04792.pdf

  37. Khabbazian, M., Nadahalli, T., Wattenhofer, R.: Timelocked bribes. Cryptology ePrint Archive, Report 2020/774 (2020). https://eprint.iacr.org/2020/774

  38. Kroll, J.A., Davey, I.C., Felten, E.W.: The economics of bitcoin mining, or bitcoin in the presence of adversaries. In: Proceedings of WEIS, vol. 2013, p. 11 (2013). https://pdfs.semanticscholar.org/c55a/6c95b869938b817ed3fe3ea482bc65a7206b.pdf

  39. Kursawe, K.: Wendy, the good little fairness widget. IACR Cryptol. ePrint Arch. 2020, 885 (2020). https://eprint.iacr.org/2020/885

  40. Lerner, S.D.: The bitcoin eternal choice for the dark side attack (ECDSA). https://bitslog.com/2013/06/26/the-bitcoin-eternal-choice-for-the-dark-side-attack-ecdsa/. Accessed 31 Jan 2021

  41. Li, H.C., Clement, A., Wong, E.L., Napper, J., Roy, I., Alvisi, L., Dahlin, M.: Bar gossip. In: Proceedings of the 7th symposium on Operating systems design and implementation. pp. 191–204. USENIX Association (2006), http://www.cs.utexas.edu/users/dahlin/papers/bar-gossip-apr-2006.pdf

  42. Liao, K., Katz, J.: Incentivizing blockchain forks via whale transactions. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 264–279. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_17

    Chapter  Google Scholar 

  43. Luu, L., Velner, Y., Teutsch, J., Saxena, P.: SmartPool: practical decentralized pooled mining. In: Kirda, E., Ristenpart, T. (eds.) 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, 16–18 August 2017, pp. 1409–1426. USENIX Association (2017). http://eprint.iacr.org/2017/019.pdf

  44. McCorry, P., Hicks, A., Meiklejohn, S.: Smart contracts for bribing miners. In: Zohar, A., et al. (eds.) FC 2018. LNCS, vol. 10958, pp. 3–18. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-662-58820-8_1, http://fc18.ifca.ai/bitcoin/papers/bitcoin18-final14.pdf

  45. Meiklejohn, S., Mercer, R.: Möbius: trustless tumbling for transaction privacy. Proc. Priv. Enhancing Technol. 2018(2), 105–121 (2018). https://doi.org/10.1515/popets-2018-0015, http://eprint.iacr.org/2017/881.pdf

  46. Mirkin, M., Ji, Y., Pang, J., Klages-Mundt, A., Eyal, I., Juels, A.: BDoS: blockchain denial-of-service. In: Proceedings of the 2020 ACM SIGSAC conference on Computer and Communications Security, pp. 601–619 (2020)

    Google Scholar 

  47. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, December 2008. https://bitcoin.org/bitcoin.pdf. Accessed 1 Jul 2015

  48. Pass, R., Seeman, L., Shelat, A.: Analysis of the blockchain protocol in asynchronous networks. In: Coron, J., Nielsen, J.B. (eds.) Advances in Cryptology - EUROCRYPT 2017–36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 30 April–4 May 2017, Paris, France, Proceedings, Part II. Lecture Notes in Computer Science, vol. 10211, pp. 643–673 (2017). https://doi.org/10.1007/978-3-319-56614-6_22, https://doi.org/10.1007/978-3-319-56614-6_22

  49. Rosenfeld, M.: Analysis of hashrate-based double spending (2014). https://arxiv.org/pdf/1402.2009.pdf. Accessed 9 Mar 2016

  50. Rosenfeld, M.: Overview of colored coins (2012). https://bitcoil.co.il/BitcoinX.pdf. Accessed 9 Mar 2016

  51. Ruffing, Tim, Moreno-Sanchez, Pedro, Kate, Aniket: CoinShuffle: practical decentralized coin mixing for bitcoin. In: Kutyłowski, Mirosław, Vaidya, Jaideep (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 345–364. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_20, http://crypsys.mmci.uni-saarland.de/projects/CoinShuffle/coinshuffle.pdf

  52. Sapirshtein, A., Sompolinsky, Y., Zohar, A.: Optimal selfish mining strategies in bitcoin. In: Grossklags, J., Preneel, B. (eds.) Financial Cryptography and Data Security - 20th International Conference, FC 2016, 22–26 February 2016, Christ Church, Barbados, Revised Selected Papers. Lecture Notes in Computer Science, vol. 9603, pp. 515–532. Springer (2016). https://doi.org/10.1007/978-3-662-54970-4_30, http://arxiv.org/pdf/1507.06183.pdf

  53. Sergey, I., Kumar, A., Hobor, A.: Temporal properties of smart contracts. In: Leveraging Applications of Formal Methods, Verification and Validation. Industrial Practice - 8th International Symposium, ISoLA 2018, 5–9 November 2018, Limassol, Cyprus, Proceedings, Part IV, pp. 323–338 (2018). https://ilyasergey.net/papers/temporal-isola18.pdf

  54. Sompolinsky, Y., Zohar, A.: Bitcoin’s security model revisited (2016). http://arxiv.org/pdf/1605.09193.pdf. Accessed 4 July 2016

  55. Stifter, N., Judmayer, A., Schindler, P., Zamyatin, A., Weippl, E.: Agreement with satoshi - on the formalization of nakamoto consensus. Cryptology ePrint Archive, Report 2018/400 (2018). https://eprint.iacr.org/2018/400.pdf

  56. Teutsch, J., Jain, S., Saxena, P.: When cryptocurrencies mine their own business. In: Financial Cryptography and Data Security (FC 2016), February 2016. https://www.comp.nus.edu.sg/~prateeks/papers/38Attack.pdf

  57. Tsabary, I., Eyal, I.: The gap game. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 713–728. ACM (2018). https://arxiv.org/pdf/1805.05288.pdf

  58. Tsabary, I., Yechieli, M., Eyal, I.: MAD-HTLC: because HTLC is crazy-cheap to attack. CoRR abs/2006.12031 (2020). https://arxiv.org/abs/2006.12031

  59. Velner, Y., Teutsch, J., Luu, L.: Smart contracts make bitcoin mining pools vulnerable. In: Brenner, M., et al. (eds.) Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, 7 April 2017, Sliema, Malta, Revised Selected Papers. Lecture Notes in Computer Science, vol. 10323, pp. 298–316. Springer (2017). https://doi.org/10.1007/978-3-319-70278-0_19, http://fc18.ifca.ai/bitcoin/papers/bitcoin18-final14.pdf

  60. Vukolić, M.: The quest for scalable blockchain fabric: proof-of-work vs. BFT replication. In: Camenisch, J., Kesdoğan, D. (eds.) iNetSec 2015. LNCS, vol. 9591, pp. 112–125. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39028-4_9, http://vukolic.com/iNetSec_2015.pdf

  61. Winzer, F., Herd, B., Faust, S.: Temporary censorship attacks in the presence of rational miners. In: 2019 IEEE European Symposium on Security and Privacy Workshops, EuroS&P Workshops 2019, 17–19 June 2019, Stockholm, Sweden, pp. 357–366. IEEE (2019). https://doi.org/10.1109/EuroSPW.2019.00046, https://eprint.iacr.org/2019/748

Download references

Acknowledgements

We would like to thank the participants of the Dagstuhl Seminar 18152 (Blockchains, Smart Contracts and Future Applications), especially Samuel Christie and Sebastian Faust, as well as the participants of the Dagstuhl Seminar 18461 (Blockchain Security at Scale) for all the frutiful discussions.

This paper is based upon work partially supported by (1) the Christian-Doppler-Laboratory for Security and Quality Improvement in the Production System Lifecycle; The financial support by the Austrian Federal Ministry for Digital and Economic Affairs, the Nation Foundation for Research, Technology and Development and University of Vienna, Faculty of Computer Science, Security & Privacy Group is gratefully acknowledged; (2) SBA Research; the competence center SBA Research (SBA-K1) funded within the framework of COMET Competence Centers for Excellent Technologies by BMVIT, BMDW, and the federal state of Vienna, managed by the FFG; (3) the FFG Bridge 1 project 864738 PR4DLT. (4) the Israel Science Foundation (5) the Israel Cyber Bureau (6) the Technion Hiroshi Fujiwara cyber-security research center

Author information

Authors and Affiliations

  1. SBA Research, Vienna, Austria

    Aljosha Judmayer & Nicholas Stifter

  2. Uni Wien, Vienna, Austria

    Aljosha Judmayer, Nicholas Stifter & Edgar Weippl

  3. Imperial College London, London, England

    Alexei Zamyatin

  4. Technion and IC3, Haifa, Israel

    Itay Tsabary & Ittay Eyal

  5. IOHK, Singapore, Singapore

    Peter Gaži

  6. University College London, London, England

    Sarah Meiklejohn

Authors
  1. Aljosha Judmayer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nicholas Stifter
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexei Zamyatin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Itay Tsabary
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ittay Eyal
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Peter Gaži
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Sarah Meiklejohn
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Edgar Weippl
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aljosha Judmayer .

Editor information

Editors and Affiliations

  1. University of Michigan–Ann Arbor, Ann Arbor, MI, USA

    Matthew Bernhard

  2. Computer Science and Mathematics, Stirling University, Stirling, UK

    Andrea Bracciali

  3. Imperial College London, London, UK

    Lewis Gudgeon

  4. Norwegian University of Science and Technology, Trondheim, Norway

    Thomas Haines

  5. Ithaca College, Ithaca, USA

    Ariah Klages-Mundt

  6. Department of Computer Science, Georgetown University, Washington, WA, USA

    Shin'ichiro Matsuo

  7. Imperial College London, London, UK

    Daniel Perez

  8. Dipartimento di Matematica, University of Trento, Trento, Trento, Italy

    Massimiliano Sala

  9. Imperial College London, London, UK

    Sam Werner

Appendices

A Example Use of Our Classification Framework

Whether an attack is executable with or without a fork depends on the intended impact on transactions as well as on the state of the targeted transaction. For example, transaction revision where the victim accepts \(k_V\!=\!0\) (zero confirmations) may be executable as no-fork attacks. Other attacks, such as performing a double spend where the victim has been carefully chosen \(k_V\) [54], may require deep-forks because they need to substantially affect consensus and violate the security assumption that the common prefix of the blockchain remains stable. Transaction exclusion (censorship) may require near-forks to exclude the latest blocks which include the respective transaction.

With our classification framework, we can map front-running [19, 22, 32] as an attack which aims to influence transaction ordering, while targeting unconfirmed transactions (state of targeted transactions). Compared to that, the so called time-bandit attack [19] also aims to influence transaction ordering, but targets confirmed or even agreed transactions. Note that strictly speaking a time-bandit attack is not AIM, as it does not incentivize other participants to aid the attack, but instead relies on “classic” methods like performing a rental attack to temporarily hold the majority of the hashrate.

B Ways to gain capacity in Nakamoto Consensus

Table 2. Strategies to gain capacity in Nakamoto consensus according to [15], augmented with AIM strategies (colored background).
Full size table

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Judmayer, A. et al. (2021). SoK: Algorithmic Incentive Manipulation Attacks on Permissionless PoW Cryptocurrencies. In: Bernhard, M., et al. Financial Cryptography and Data Security. FC 2021 International Workshops. FC 2021. Lecture Notes in Computer Science(), vol 12676. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-63958-0_38

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-63958-0_38

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-63957-3

  • Online ISBN: 978-3-662-63958-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation