Replay Attacks and Defenses Against Cross-shard Consensus in Sharded Distributed Ledgers
This addresses security vulnerabilities in sharded distributed ledgers, which are critical for scalable blockchain systems, by exposing and mitigating replay attacks that affect cross-shard consensus protocols.
The paper identifies a family of replay attacks that enable double-spending or resource locking in sharded distributed ledgers like Chainspace and Omniledger, requiring only network access and no node collusion, and proposes Byzcuit, a new cross-shard consensus protocol that is immune to these attacks with minimal performance impact, surpassing previous works.
We present a family of replay attacks against sharded distributed ledgers, that target cross-shard consensus protocols, such as the recently proposed Chainspace and Omniledger. They allow an attacker, with network access only, to double-spend or lock resources with minimal efforts. The attacker can act independently without colluding with any nodes, and succeed even if all nodes are honest; most of the attacks can also exhibit themselves as faults under periods of asynchrony. These attacks are effective against both shard-led and client-led cross-shard consensus approaches. Finally, we present Byzcuit - a new cross-shard consensus protocol that is immune to those attacks. We implement a prototype of Byzcuit and evaluate it on a real cloud-based testbed, showing that our defenses impact performance minimally, and overall performance surpasses previous works.