AetherWeave: Sybil-Resistant Robust Peer Discovery with Stake

Abstract

Peer-discovery protocols within P2P networks are often vulnerable: because creating network identities is essentially free, adversaries can eclipse honest nodes or partition the overlay. This threat is especially acute for blockchains, whose security depends on resilient peer connectivity. We present AetherWeave, a stake-backed peer-discovery protocol that ties network participation to deposited stake, raising the cost of large-scale attacks. We prove that, with high probability, either the honest overlay remains connected or a $(1{-}δ)$-fraction of nodes in every smaller component raise an attack-detection flag -- even against a very powerful adversary. To our knowledge, AetherWeave is the first peer-discovery protocol to simultaneously provide Sybil resistance and privacy: nodes prove they hold valid stake without revealing which deposit they own, and gossiping does not expose peer-table contents. A cryptographic commitment scheme rate-limits discovery requests per round; exceeding the limit yields a publicly verifiable misbehavior proof that triggers on-chain slashing. Beyond deposit and slashing, the protocol requires no on-chain interaction, with per-node communication scaling as $O(s\sqrt{n})$. We validate our design through a mean-field analysis with closed-form convergence bounds, extensive adversarial simulations, and an end-to-end prototype built by forking Prysm, a leading Ethereum consensus client.

Figures (20)

• Figure 1: Key derivation: $NetPk$ and $StakeID$ are unlinkable identifiers derived from a master secret $sk$. A zero-knowledge proof $\pi_{stake}\xspace$ attests that $NetPk$ is associated with some stake allocation without revealing which one.
• Figure 2: Stake deposit and withdrawal timeline. Deposits and withdrawals are frozen before the epoch boundary so nodes can obtain the next commitment. Withdrawals are further delayed to allow slashing for late-epoch misbehavior.
• Figure 3: Mean-field behavior with $n=10{,}000$ and table size $s\sqrt{n}$ for fixed adversary stake $\alpha\in\{1/3,1/2,2/3\}$. (a) Table quality$q$ vs. $s$: solid curves show the stable equilibrium $q_{\mathrm{high}}$; dashed curves show the unstable threshold $q_{\mathrm{thresh}}$ that separates initial conditions converging to the healthy equilibrium from those collapsing toward $q\approx 0$. (b) Visibility$v$ vs. $s$: solid curves show the stable visibility $v_{\mathrm{high}}$; the dotted line plots $\frac{s}{\sqrt{n}}$, the expected visibility in an honest network. We suggest $s=4$ based on these results.
• Figure 4: Overlay resistance across an honest cut $(A,B)$, with $A$ the smaller side. Either the adversary removes all cross-cut overlay edges and most nodes in $A$ raise the attack-detection flag, or some sampled $A\to B$ edges survive, so the overlay is not partitioned across the cut.
• Figure 5: Monte Carlo simulation of the cut attack ($n{=}10{,}000$, $s{=}4$, $\alpha{=}0.5$, $\delta{=}0.25$, $5{,}000$ trials). (a) Attack success probability as a function of cut size $k$ with $\theta{=}0.9$. The dashed line shows the number of cuts $\binom{|\mathcal{H}\xspace|}{k}$; the attack must overcome this combinatorial factor for a union bound. (b) Success probability for isolating a single node ($k{=}1$) as a function of the flagging threshold $\theta$. Higher $\theta$ and larger overlay degrees $p_{c}\xspace s \sqrt{n}$ both sharply reduce the adversary's chances.

Theorems & Definitions (44)

• Definition 1: eclipsed set
• Definition 2: table quality
• Definition 3: node visibility
• Definition 4: $\gamma$-healthy network
• Lemma 1: attack soundness
• Lemma 2: global partitioning $\Rightarrow$ small view
• Lemma 3: attack completeness
• Definition 5: omniscient overlay adversary
• Theorem : informal, see \ref{['thm:overlay']}
• Theorem 1