Welcome to the third part of fast eth2 update.
tldr;
- Strengthening fork choice defenses in response to audits
- Presentation challenges.ethereum.org
- Herumi Grant for Ultra-Rapid BLS Implementation
Fork pick defenses
This week we strengthened the defenses of the Phase 0 fork choice rule. Much of our time is spent analyzing eth2 to ensure that the system can remain stable even under adverse conditions (e.g. a major attacker , a major network outage or partition, etc.). For any large engineering project, the goal is to detect as many potential issues and prepare for these scenarios before release. This is why we have collaborated with numerous external teams and researchers to conduct audits, economic analyzes and formal verification of Eth2, but as we move towards release, we must remain vigilant and flexible to respond to unforeseen attacks in production. (e.g. the Shanghai DoS attacks in 2016).
To contribute to this effort, consensus researcher Ryuya Nakamura analyzed eth2’s consensus algorithm (Casper FFG) and fork choice rule (LMD GHOST) to better determine how these two elements of the protocol can be exploited in certain scenarios. He has a number of excellent articles on ethresearch.ch discussing some attack vectors and recommended solutions in detail. Check Decoy-flip-flop attack on LMD GHOST, Analysis of the rebound attack on FFGAnd Preventing throttling attacks on FFG for informative and fun reads.
Fortunately, the recommended solutions to the decoy-flip-flop and bounce attacks are both simple modifications to the fork choice specification from phase 0. The decoy-flip-flop attack is resolved by considering only the attestations of the validators of the current and previous times when addition attestations from the point of view of the choice of the range. You can see the PR make this change to the spec here. The bounce attack is resolved by updating only the last checkpoint justified in the fork choice during the first k slot machines of an era. After k slots, you defer the inclusion of a new justified checkpoint in the fork choice until the next epoch limit. You can view this modification here.
A number of other components of the Phase 0 specification are currently under audit. While we don’t expect anything major, we do expect a small number of additional changes suggested after the audit to be made to the PRs in the coming months.
challenges.ethereum.org
We just came out challenges.ethereum.org. This site is a single source for all current bounties hosted by the Ethereum Foundation and/or related to Ethereum research and development. Bounties range from finding vulnerabilities in existing Ethereum infrastructure to finding collisions in new hash functions. Something for everyone 🙂
We’ll continue to grow EF’s bounty program in the coming months, so check back for more opportunities.
Herumi BLS Scholarship
We awarded a grant to Shigeo Mitsunari, the maintainer of the ultra-fast Herumi pairing library And BLS Signature Library. This grant aims to bring libraries up to the specifications of the new BLS standard (new hash to G2constant-time signing, etc.) as well as to help accomplish some more practical elements for eth2 usability (Rust integration, fuzzing work, etc.).
In addition to the feature component of the grant, there is also a performance component. The Herumi library is already 2-3x faster than the next best BLS option, but since signature verification is one of the main bottlenecks in eth2, any additional gains here would be great, allowing eth2 to run under an even higher load and in more unfavorable scenarios. . Shigeo will spend additional time and effort to further optimize the library to ensure it works. as quickly as possible 🚀.
