Crypto Intro: Network Splits
Note: This is Part 5 in the Crypto Intro: Attack series, with Part 4 here. This article was produced for Radix and the original copy can be found here. If you enjoy this article please follow me @flatoutcrypto. Due to a stupid knife chopping accident, I have been momentarily sidelined from writing. Should be back to normal shortly...
Attacks looked at so far fall into one of two camps – a targeted attack on individual nodes or an attack against the wider network. A network split attack, however, is an assault on the wider network with the potential to impact swathes of users.
What is a network split attack?
As the name suggests, the basic principle of a network split is that the network is split into two parts. Taking a Proof of Work network such as Bitcoin as an example, this leads to a situation in which miners work on two separate chains. When the network is later combined, the nature of Proof of Work means the longer of these two chains takes precedence over the shorter one. As such, transactions in which the same BTC has been spent on both chains are essentially merged, with the ones on the shorter chain annulled. This provides those with access to both chains during the split the ability to double spend the same BTC.
A network split attack shares features with both the Eclipse and Withhold Attacks, but can be implemented on a larger scale. To recap, an Eclipse Attack is where a malicious actor hijacks connections to a node in order to provide the target node with a false picture of network activity and the current ledger state. They can then send the same BTC they have already spent to the victim who will receive it unaware that the BTC has already been transacted.
The withhold attack, meanwhile, is where an attacker makes a transaction but simultaneously mines a private alternative fork on which they spend the same BTC. They do so with the ambition of producing more blocks than the wider network, at which point they are able to publish their chain and therefore have spent the same BTC twice.
How do network split attacks differ?
A network split is also known as a partition attack. Instead of specific nodes being targeted, network split attacks can see entire geographic regions disconnected from the wider network at which point two separate chains come into existence. These attacks fall into two main camps:
- A physical split: A country’s Internet connection is disconnected from the rest of the world (an example would be if underwater sea cables are damaged or destroyed)
- Routing attack: Attacker hijacks IP prefixes to redirect mining efforts to their own chain
As an extreme example let us assume that all Chinese nodes are temporarily partitioned from the rest of the world. This would lead to a drastic reduction in hash power on the RoW chain, given China accounts for an estimated 66%+ of hash power. The two chains would continue in parallel, with users continuing to send and receive BTC as normal. However when China reconnects the Chinese chain, owing to its greater hash power, would be the longer chain and therefore all duplicate RoW transactions and block rewards earned by RoW miners would be erased in favour of the Chinese transactions (it should be noted that non-duplicate ‘orphan’ transactions would end up being merged into new blocks on this chain).
This is an extreme example and the drop in hash power would be swiftly noticed, meaning users would likely be made aware not to trust payments on the minority chain and wait until normality was restored. However, a smaller country, a city or a minor region would not have the same impact and so could go undetected for longer. The comparative small scale nature of the problem could go unreported to normal users for not just hours but days. This would provide attackers the time to exploit users who believe they are still connected to the real chain.
This problem is not confined to Proof of Work. Proof of Stake, for example, is equally vulnerable to the underlying issue, but carries with it the additional problem that users can process transactions on both chains at no risk to their funds. This exacerbates the problem caused by a network split, as nodes with access to both chains have no reason not to mine both chains until reconciliation - indeed, it is the only logical choice to make.
Network split attacks caused by attacks to infrastructure are difficult to prevent as they are external weak points separate to the network. However, attacks on a large scale would be discovered quickly, limiting prospective financial gains (although many users would admittedly remain unaware). An attacker would also require access to both chains, a challenge in itself. They are also costly; as with many of the examined attacks, the greatest deterrence is making attacks as costly as possible. The greatest danger of their occurence comes with an associated incident (i.e. a country blocks all outgoing/ingoing connections to the wider world across all networks rather than just Bitcoin) which an opportunistic actor could take advantage of.
Routing attacks can also be used to perform network split attacks, as noted by Apostolaki, Zohar and Vanbever. A malicious actor could hijack the Border Gateway Protocol (which routes information across ISPs) to hijack hash power by redirecting traffic from one Bitcoin node to another. They note a network attacker could hijack minimal (<100) BGP prefixes “to isolate ~50% of mining power”.
To prevent routing attacks, networks can take steps to increase their difficult by:
- Random node selection to limit attackers chances of creating nodes selected by host
- Increasing the number of connections and limiting the number of nodes per IP address/machine to limit the chances of an attacker being able to hijack IP prefixes and therefore control all connections to the node
- Node churn to rotate node connections regularly (rather than solely upon node reset)
The impact of a network split should not be underestimated. They can lead to double spend attacks, with the potential to attack users on both a small and large scale. They can potentially facilitate 51% attacks. They can disrupt mining efforts, slowing down the network. If sustained for long enough and on sufficient scale they would cause a distrust and avoidance of using the network, which would in turn lead to less mining incentives, which could contribute to future weakened network security.
However their scale makes them hard to implement, with large network splits generally beyond the scope of all but the most well-resourced actors. This is especially true when it comes to the prime targets, larger networks with well distributed global bases.