Greetings to the third edition of eth2 rapid update.
summary;
- Reinforced fork choice defenses in light of reviews
- Launching challenges.ethereum.org
- Herumi grant for an extremely fast BLS implementation
Fork choice safeguards
This week, we enhanced the defenses of the Phase 0 fork choice rule. A significant portion of our time is dedicated to studying eth2 to guarantee that the system can sustain stability even in unfavorable situations (such as a substantial attacker, a significant network failure or segmentation, etc.). With any large-scale engineering endeavor, the objective is to identify as many possible concerns and strengthen against these situations before launch. This explains our collaboration with numerous external teams and researchers to conduct audits, economic assessments, and formal verification of eth2, but concurrently as we progress towards launch, we must stay alert and adaptable to counter unexpected assaults during operation (e.g. the Shanghai DoS attacks of 2016).
Contributing to this initiative, a consensus researcher, Ryuya Nakamura, has assessed eth2’s consensus algorithm (Casper FFG) and fork choice rule (LMD GHOST) to better ascertain how these two aspects of the protocol can, in certain scenarios, be exploited. He has produced several informative write-ups on ethresearch.ch that explore some attack strategies and recommended countermeasures in detail. Discover Decoy-flip-flop attack on LMD GHOST, Analysis of bouncing attack on FFG, and Prevention of bouncing attack on FFG for some enlightening and enjoyable reads.
Fortunately, the advised solutions for the decoy-flip-flop and bouncing attacks involve straightforward adjustments to the fork choice specification of Phase 0. The decoy-flip-flop attack is mitigated by solely considering validator attestations from the current and preceding epoch when incorporating attestations to the perspective of the fork choice. You can view the PR implementing this change to the spec here. The bounce attack is addressed by updating the latest justified checkpoint within the fork choice exclusively during the first k slots of an epoch. Afterward, you defer the inclusion of a fresh justified checkpoint into the fork choice until the forthcoming epoch boundary. You can explore this modification here.
Several other elements of the Phase 0 specification are currently undergoing audit. While we do not anticipate anything significant, we expect a small number of additional post-audit recommended modifications to emerge in PRs in the upcoming months.
challenges.ethereum.org
We have just unveiled challenges.ethereum.org. This platform serves as a centralized source for all current bounties managed by the Ethereum Foundation and/or linked to Ethereum research and development. The bounties vary from identifying security flaws in existing Ethereum infrastructure to uncovering collisions in new hashing functions. There’s something for everyone 🙂
We will continue to expand EF’s bounty program in the following months, so be sure to return for additional opportunities.
Herumi BLS grant
We have issued a grant to Shigeo Mitsunari, the maintainer of the exceedingly rapid Herumi pairing library and BLS signature library. This grant aims to update the libraries to align with the new BLS standard (new hash-to-G2, constant-time signing, etc.) and assist in achieving some additional practical goals for eth2 usability (Rust integration, fuzz testing, etc.).
Beyond the feature aspect of the grant, there is also a performance dimension. The Herumi library is already 2-3 times quicker than the next best BLS alternative, but since signature verification is one of the main constraints in eth2, any further improvements in this area would be outstanding, allowing eth2 to function under even greater load and in more challenging conditions. Shigeo will dedicate extra time and effort to further optimizing the library to guarantee it operates as swiftly as possible 🚀.