Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Denial-of-Service Vulnerability of Hash-based Transaction Sharding: Attack and Countermeasure

Truc Nguyen, My T. Thai

TL;DR

The paper identifies a vulnerability in hash-based transaction sharding that allows a DoS attack targeting a single shard, exploiting cross-shard validation to cascade performance degradation across the system. It proposes a TEE-based countermeasure that executes a deterministic, load-balanced txsharding algorithm off-chain, removing reliance on the transaction hash for shard assignment. The authors formalize the protocol in the UC framework, provide a proof-of-concept implementation, and demonstrate that the countermeasure incurs negligible overhead while restoring resilience to single-shard flooding. Empirical simulations and a PoC show that the attack can dramatically reduce system throughput and increase latency, while the proposed approach preserves scalability and provides practical security guarantees for sharded blockchain deployments.

Abstract

Since 2016, sharding has become an auspicious solution to tackle the scalability issue in legacy blockchain systems. Despite its potential to strongly boost the blockchain throughput, sharding comes with its own security issues. To ease the process of deciding which shard to place transactions, existing sharding protocols use a hash-based transaction sharding in which the hash value of a transaction determines its output shard. Unfortunately, we show that this mechanism opens up a loophole that could be exploited to conduct a single-shard flooding attack, a type of Denial-of-Service (DoS) attack, to overwhelm a single shard that ends up reducing the performance of the system as a whole. To counter the single-shard flooding attack, we propose a countermeasure that essentially eliminates the loophole by rejecting the use of hash-based transaction sharding. The countermeasure leverages the Trusted Execution Environment (TEE) to let blockchain's validators securely execute a transaction sharding algorithm with a negligible overhead. We provide a formal specification for the countermeasure and analyze its security properties in the Universal Composability (UC) framework. Finally, a proof-of-concept is developed to demonstrate the feasibility and practicality of our solution.

Denial-of-Service Vulnerability of Hash-based Transaction Sharding: Attack and Countermeasure

TL;DR

The paper identifies a vulnerability in hash-based transaction sharding that allows a DoS attack targeting a single shard, exploiting cross-shard validation to cascade performance degradation across the system. It proposes a TEE-based countermeasure that executes a deterministic, load-balanced txsharding algorithm off-chain, removing reliance on the transaction hash for shard assignment. The authors formalize the protocol in the UC framework, provide a proof-of-concept implementation, and demonstrate that the countermeasure incurs negligible overhead while restoring resilience to single-shard flooding. Empirical simulations and a PoC show that the attack can dramatically reduce system throughput and increase latency, while the proposed approach preserves scalability and provides practical security guarantees for sharded blockchain deployments.

Abstract

Since 2016, sharding has become an auspicious solution to tackle the scalability issue in legacy blockchain systems. Despite its potential to strongly boost the blockchain throughput, sharding comes with its own security issues. To ease the process of deciding which shard to place transactions, existing sharding protocols use a hash-based transaction sharding in which the hash value of a transaction determines its output shard. Unfortunately, we show that this mechanism opens up a loophole that could be exploited to conduct a single-shard flooding attack, a type of Denial-of-Service (DoS) attack, to overwhelm a single shard that ends up reducing the performance of the system as a whole. To counter the single-shard flooding attack, we propose a countermeasure that essentially eliminates the loophole by rejecting the use of hash-based transaction sharding. The countermeasure leverages the Trusted Execution Environment (TEE) to let blockchain's validators securely execute a transaction sharding algorithm with a negligible overhead. We provide a formal specification for the countermeasure and analyze its security properties in the Universal Composability (UC) framework. Finally, a proof-of-concept is developed to demonstrate the feasibility and practicality of our solution.

Paper Structure

This paper contains 28 sections, 1 theorem, 13 figures, 1 table, 1 algorithm.

Table of Contents

  1. Introduction
  2. Background and Related Work
  3. Single-shard flooding attack
  4. Threat Model
  5. Preliminary Analysis
  6. Capability of generating malicious transactions
  7. Cost of attacks
  8. Cascading effect of the single-shard flooding attack
  9. Analyzing the Attack's Impacts
  10. Simulator
  11. Experimental Evaluations
  12. Throughput
  13. Latency
  14. Queue/Mempool size
  15. Summary
  16. ...and 13 more sections

Key Result

Theorem 1

The protocol $\Pi_{cm}$ in the $(\mathcal{F}_{TEE}, \mathcal{F}_{blockchain})$ hybrid model UC-realizes the ideal functionality $\mathcal{F}_{cm}$.

Figures (13)

  • Figure 1: Processing cross-shard transaction $tx$. $tx$ has input shards $S_1$, $S_2$, and output shard $S_3$. $tx$ has to wait to be confirmed in $S_1, S_2$ before it can be validated in $S_3$.
  • Figure 2: Affected transactions by the single-shard flooding attack
  • Figure 3: UML class diagram of the simulator
  • Figure 4: Bitcoin transactions. The black dots are the data, the blue line shows a fitted power-law function
  • Figure 5: Impact on system throughput and latency
  • ...and 8 more figures

Theorems & Definitions (2)

  • Theorem 1
  • proof