Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Bribers, Bribers on The Chain, Is Resisting All in Vain? Trustless Consensus Manipulation Through Bribing Contracts

Bence Soóki-Tóth, István András Seres, Kamilla Kara, Ábel Nagy, Balázs Pejó, Gergely Biczók

TL;DR

This paper investigates trustless bribery in Ethereum PoS by designing three on-chain contracts—PayToAttest, PayToExit, and PayToBias—that can manipulate consensus safety, liveness, and fairness. It provides both practical implementations and cost analyses, showing that ex-post reorgs can be achieved with bribes well under $0.1$ ETH and that a PayToExit Stackelberg game yields a feasible bribe around $9.23$ ETH per validator under realistic parameters. A dedicated PayToBias market enables on-chain auctions for RANDAO influence, with initial cost bounds and formalizations discussed. The work highlights substantial security implications for incentive-compatible protocols and outlines broad countermeasures, future extensions (including privacy-preserving bribery), and avenues for formal game-theoretic development.

Abstract

The long-term success of cryptocurrencies largely depends on the incentive compatibility provided to the validators. Bribery attacks, facilitated trustlessly via smart contracts, threaten this foundation. This work introduces, implements, and evaluates three novel and efficient bribery contracts targeting Ethereum validators. The first bribery contract enables a briber to fork the blockchain by buying votes on their proposed blocks. The second contract incentivizes validators to voluntarily exit the consensus protocol, thus increasing the adversary's relative staking power. The third contract builds a trustless bribery market that enables the briber to auction off their manipulative power over the RANDAO, Ethereum's distributed randomness beacon. Finally, we provide an initial game-theoretical analysis of one of the described bribery markets.

Bribers, Bribers on The Chain, Is Resisting All in Vain? Trustless Consensus Manipulation Through Bribing Contracts

TL;DR

This paper investigates trustless bribery in Ethereum PoS by designing three on-chain contracts—PayToAttest, PayToExit, and PayToBias—that can manipulate consensus safety, liveness, and fairness. It provides both practical implementations and cost analyses, showing that ex-post reorgs can be achieved with bribes well under ETH and that a PayToExit Stackelberg game yields a feasible bribe around ETH per validator under realistic parameters. A dedicated PayToBias market enables on-chain auctions for RANDAO influence, with initial cost bounds and formalizations discussed. The work highlights substantial security implications for incentive-compatible protocols and outlines broad countermeasures, future extensions (including privacy-preserving bribery), and avenues for formal game-theoretic development.

Abstract

The long-term success of cryptocurrencies largely depends on the incentive compatibility provided to the validators. Bribery attacks, facilitated trustlessly via smart contracts, threaten this foundation. This work introduces, implements, and evaluates three novel and efficient bribery contracts targeting Ethereum validators. The first bribery contract enables a briber to fork the blockchain by buying votes on their proposed blocks. The second contract incentivizes validators to voluntarily exit the consensus protocol, thus increasing the adversary's relative staking power. The third contract builds a trustless bribery market that enables the briber to auction off their manipulative power over the RANDAO, Ethereum's distributed randomness beacon. Finally, we provide an initial game-theoretical analysis of one of the described bribery markets.

Paper Structure

This paper contains 48 sections, 2 theorems, 12 equations, 16 figures, 3 tables, 3 algorithms.

Table of Contents

  1. Introduction
  2. Our Contributions.
  3. Outline.
  4. Preliminaries
  5. Notations.
  6. The BLS signature scheme
  7. Ethereum Proof-of-Stake essentials
  8. Recent Protocol Upgrades
  9. System Model
  10. Bribing contract interface
  11. Bribing Contracts: "Bribers, Bribers On The Chain!"
  12. The $\mathsf{PayToAttest}$ bribery contract
  13. The $\mathsf{PayToExit}$ bribery contract
  14. The $\mathsf{PayToBias}$ bribery contract
  15. Performance Evaluation and Qualitative Comparison
  16. ...and 33 more sections

Key Result

theorem thmcountertheorem

Given the following chain string $\textcolor{blue}{$\mathbf{H}$_{}^{h}}\textcolor{red}{$\mathbf{A}$_{}^{a}}$, the adversary can fork out $\textcolor{blue}{$\mathbf{H}$_{}^{h}}$ with the joint voting power of the adversary and bribees if eqn:ex-post-suff-votes holds. More formally, the adversary's fo

Figures (16)

  • Figure 2: Our simple bribery system model. Typically, Steps $2$ and $3$ are executed atomically in the same transaction. If not, then the transaction in Step $3$ could be initiated by anyone; thus, it originates from the contract in the figure.
  • Figure 3: The $\mathsf{IBribe}$ interface for our proposed bribery contracts.
  • Figure 4: Leveraging the $\mathsf{PayToAttest}$ bribery contract to ex-post reorg the block proposed in Slot ($n+1$). Colored arrows indicate which blocks different validators vote for as the head of the blockchain. Black arrows represent hash pointers. Red (blue) blocks are proposed by the briber (honest validators).
  • Figure 5: $\mathsf{PayToExit}$ and $\mathsf{PayToAttest}$ (ex-post reorg) bribery contract costs.
  • Figure 6: $\mathsf{PayToExit}$: a single-leader multiple-follower Stackelberg market exit game. A briber offers a bribe $b$ to $n$ rational validators to increase its market share $\alpha$.
  • ...and 11 more figures

Theorems & Definitions (4)

  • theorem thmcountertheorem
  • proof
  • theorem thmcountertheorem: Condition for ex-ante reorgs
  • proof