Is an Eclipse Attack a significant risk to Bitcoin?

6 replies 153 views
3r1c777Full Member
Posts: 177 · Reputation: 674
#1Mar 10, 2018, 07:31 PM
I'm back with questions about security that have been on my mind. Security is a big deal for everyone, whether or not you're into Bitcoin. We really need to focus on this area to keep Bitcoin safe, since it's all about value and transparency. We can't overlook how many users are running their own nodes to boost the security of the Bitcoin network. This has really helped with decentralization and transparency for everyone involved in the network in some way. Learning about attacks on the network is something almost everyone comes across during their Bitcoin journey. Most of us are probably familiar with 51% attacks. You've seen articles explaining it here or elsewhere. This is when someone gains control of more than half of the network's computing power (hash rate). There are serious consequences with this kind of attack, like messing with block orders or stealing and changing transactions. But then I stumbled upon the Eclipse Attack. It feels different from the 51% attack. This one specifically targets a single node in the P2P network. It messes with that node's view, isolating it from everything else. If the goal is to mess with just one node and stop it from getting info from the other legit nodes, why is this a big threat when all the other nodes are fine?
4 Reply Quote Share
SwiftMatr1xFull Member
Posts: 59 · Reputation: 474
#2Mar 11, 2018, 12:51 AM
Here is a good topic[1] that discussed Eclipse Attack, it is the most detailed one I could find that contains relevant and recent information, like this article[2] which talks about the implications of such an attack, many of which fixes has been implemented in subsequent versions of Bitcoin core[3] 1. Any node could be the target of this attack. 2. Not as massive a threat, it can be used as a prop to a 51% attack or an attempt to double spend. 3. No. A sybil attack as I understand it, is an attempt to pass of a false chain as the real one. It is almost impossible to do with Bitcoin and PoW mechanism which requires you to do lots of work, making it unprofitable, it is more common in other blockchains which operate on a different mechanism. [1] https://bitcointalk.org/index.php?topic=5468788.20 [2] https://eprint.iacr.org/2015/263.pdf [3] http://web.archive.org/web/20220412122303/http://cs-people.bu.edu/heilman/eclipse/ - Jay -
4 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#3Mar 11, 2018, 02:37 AM
1. Anyone can become the target. But i expect there's more reason to attack node owned by miner/pool rather than random node. 2. No, especially when Bitcoin Core already fixed most of possible Eclipse attack. 3. No, although both of them are related. Eclipse Attack is about isolating your node from rest of the network, while Sybil Attack is about attack where you gain influence/power by running node/create multiple fake identity. Although in case of Bitcoin, running lots of node doesn't let anyone perform Sybil attack.
4 Reply Quote Share
3r1c777Full Member
Posts: 177 · Reputation: 674
#4Mar 11, 2018, 02:47 AM
Very interesting topic. The op used a good pictorial representation to make an explanation. But I observed that there seem to be contradiction, as few people couldn't agree that the quoted text below is part of what a supposed attacker can do. Any clarification on that?. I will go through this. Makes proper sense to me now. Could this be possible on the Ethereum network? And I also noticed this reply: So, If I decide to run a full node, then my node will have to connect to other people's node who are within same geo-location(region) with me?, Rather than connecting to the pool directly?.
4 Reply Quote Share
SwiftMatr1xFull Member
Posts: 59 · Reputation: 474
#5Mar 11, 2018, 04:57 AM
There is no way to broadcast a fake transaction, either to an isolated node or to the entire network, if a transaction does not meet protocol standards, it cannot be be created or broadcasted. The attempt can be be to try and double spend a transaction. - Jay -
2 Reply Quote Share
LuckyCoinLegendary
Posts: 832 · Reputation: 4795
#6Mar 11, 2018, 09:36 AM
Bitcoin Core doesn't know anything about location of your peers, and it does not have a geo-lookup service to find the location of an IP address. So actually, it doesn't care who it's connected to, as long as the other peer is responsive and continues to send valid messages in a timely manner. Key word here being *valid* because if any attempt is made to manipulate the other bitcoin node then it is placed in the node's banlist and will not connect to it anymore.
5 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#7Mar 11, 2018, 12:18 PM
Short answer, no. You also need tons of staked ETH to attempt Sybil attack. Although it's worth to mention Bitcoin Core perform IP bucketing, see https://bitcoincore.reviews/16702.
4 Reply Quote Share

Related topics