Selfish Behavior in the Tezos Proof-of-Stake Protocol
This addresses security vulnerabilities in blockchain consensus mechanisms, specifically for Tezos users and developers, and is incremental as it builds on prior theoretical attacks with a concrete analysis and mitigation.
The paper tackles the problem of rational dishonest behavior in the Tezos Proof-of-Stake protocol by analyzing a block stealing attack called selfish endorsing, showing it can be profitable under certain conditions, and proposes a protocol change that significantly reduces its profitability while introducing a provably secure scheme against specific attack lengths.
Proof-of-Stake consensus protocols give rise to complex modeling challenges. We analyze the recently-updated Tezos Proof-of-Stake protocol and demonstrate that, under certain conditions, rational participants are incentivized to behave dishonestly. In doing so, we provide a theoretical analysis of the feasibility and profitability of a block stealing attack that we call selfish endorsing, a concrete instance of an attack previously only theoretically considered. We propose and analyze a simple change to the Tezos protocol which significantly reduces the (already small) profitability of this dishonest behavior, and introduce a new delay and reward scheme that is provably secure against length-1 and length-2 selfish endorsing attacks. Our framework provides a template for analyzing other Proof-of-Stake implementations for selfish behavior.