Martin Florian

Charmaine Ndolo, Sebastian Henningsen, Martin Florian

We continuously crawl the young MobileCoin network, uncovering the quorum configurations of core nodes and the quorum system resulting from these configurations. This report discusses our crawl methodology, encountered challenges, and our current empirical results. We find that the MobileCoin quorum system currently comprises of 7 organisations controlling a total of 10 validator nodes. Current quorum set configurations prioritise safety over liveness. At the time of writing, one of the involved organisations is technically able to block the approval of new blocks, as is the case for one of the (two) ISPs employed by crawled nodes.

Patrik Keller, Martin Florian, Rainer Böhme

Privacy-seeking cryptocurrency users rely on anonymization techniques like CoinJoin and ring transactions. By using such technologies benign users potentially provide anonymity to bad actors. We propose overlay protocols to resolve the tension between anonymity and accountability in a peer-to-peer manner. Cryptocurrencies can adopt this approach to enable prosecution of publicly recognized crimes. We illustrate how the protocols could apply to Monero rings and CoinJoin transactions in Bitcoin.

Martin Florian, Sebastian Henningsen, Charmaine Ndolo et al.

Federated Byzantine Agreement Systems (FBASs) are a fascinating new paradigm in the context of consensus protocols. Originally proposed for powering the Stellar payment network, FBASs can instantiate Byzantine quorum systems without requiring out-of-band agreement on a common set of validators; every node is free to decide for itself with whom it requires agreement. Sybil-resistant and yet energy-efficient consensus protocols can therefore be built upon FBASs, and the "decentrality" possible with the FBAS paradigm might be sufficient to reduce the use of environmentally unsustainable proof-of-work protocols. In this paper, we first demonstrate how the robustness of individual FBASs can be determined, by precisely determining their safety and liveness buffers and therefore enabling a comparison with threshold-based quorum systems. Using simulations and example node configuration strategies, we then empirically investigate the hypothesis that while FBASs can be bootstrapped in a bottom-up fashion from individual preferences, strategic considerations should additionally be applied by node operators in order to arrive at FBASs that are robust and amenable to monitoring. Finally, we investigate the reported "open-membership" property of FBASs. We observe that an often small group of nodes is exclusively relevant for determining liveness buffers and prove that membership in this top tier is conditional on the approval by current top tier nodes if maintaining safety is a core requirement.

Sebastian Henningsen, Martin Florian, Sebastian Rust et al.

The Interplanetary Filesystem (IPFS) is a distributed data storage service frequently used by blockchain applications and for sharing content in a censorship-resistant manner. Data is distributed within an open set of peers using a Kademlia-based distributed hash table (DHT). In this paper, we study the structure of the resulting overlay network, as it significantly influences the robustness and performance of IPFS. We monitor and systematically crawl IPFS' DHT towards mapping the IPFS overlay network. Our measurements found an average of 44474 nodes at every given time. At least 52.19% of these reside behind a NAT and are not reachable from the outside, suggesting that a large share of the network is operated by private individuals on an as-needed basis. Based on our measurements and our analysis of the IPFS code, we conclude that the topology of the IPFS network is, in its current state, closer to an unstructured overlay network than it is to a classical DHT. While such a structure has benefits for robustness and the resistance against Sybil attacks, it leaves room for improvement in terms of performance and query privacy.

Sebastian Henningsen, Daniel Teunis, Martin Florian et al.

Ethereum is a decentralized Blockchain system that supports the execution of Turing-complete smart contracts. Although the security of the Ethereum ecosystem has been studied in the past, the network layer has been mostly neglected. We show that Go Ethereum (Geth), the most widely used Ethereum implementation, is vulnerable to eclipse attacks, effectively circumventing recently introduced (Geth v1.8.0) security enhancements. We responsibly disclosed the vulnerability to core Ethereum developers; the corresponding countermeasures to our attack where incorporated into the v1.9.0 release of Geth. Our false friends attack exploits the Kademlia-inspired peer discovery logic used by Geth and enables a low-resource eclipsing of long-running, remote victim nodes. An adversary only needs two hosts in distinct /24 subnets to launch the eclipse, which can then be leveraged to filter the victim's view of the Blockchain. We discuss fundamental properties of Geth's node discovery logic that enable the false friends attack, as well as proposed and implemented countermeasures.

Ingolf G. A. Pernice, Sebastian Henningsen, Roman Proskalovich et al.

The price volatility of cryptocurrencies is often cited as a major hindrance to their wide-scale adoption. Consequently, during the last two years, multiple so called stablecoins have surfaced---cryptocurrencies focused on maintaining stable exchange rates. In this paper, we systematically explore and analyze the stablecoin landscape. Based on a survey of 24 specific stablecoin projects, we go beyond individual coins for extracting general concepts and approaches. We combine our findings with learnings from classical monetary policy, resulting in a comprehensive taxonomy of cryptocurrency stabilization. We use our taxonomy to highlight the current state of development from different perspectives and show blank spots. For instance, while over 91% of projects promote 1-to-1 stabilization targets to external assets, monetary policy literature suggests that the smoothing of short term volatility is often a more sustainable alternative. Our taxonomy bridges computer science and economics, fostering the transfer of expertise. For example, we find that 38% of the reviewed projects use a combination of exchange rate targeting and specific stabilization techniques that can render them vulnerable to speculative economic attacks - an avoidable design flaw.

Martin Florian, Sophie Beaucamp, Sebastian Henningsen et al.

It is a common narrative that blockchains are immutable and so it is technically impossible to erase data stored on them. For legal and ethical reasons, however, individuals and organizations might be compelled to erase locally stored data, be it encoded on a blockchain or not. The common assumption for blockchain networks like Bitcoin is that forcing nodes to erase data contained on the blockchain is equal to permanently restricting them from participating in the system in a full-node role. Challenging this belief, in this paper, we propose and demonstrate a pragmatic approach towards functionality-preserving local erasure (FPLE). FPLE enables full nodes to erase infringing or undesirable data while continuing to store and validate most of the blockchain. We describe a general FPLE approach for UTXO-based (i.e., Bitcoin-like) cryptocurrencies and present a lightweight proof-of-concept tool for safely erasing transaction data from the local storage of Bitcoin Core nodes. Erasing nodes continue to operate in tune with the network even when erased transaction outputs become relevant for validating subsequent blocks. Using only our basic proof-of-concept implementation, we are already able to safely comply with a significantly larger range of erasure requests than, to the best of our knowledge, any other full node operator so far.