Other Attacks

Besides the general double-spending attacks, there are also some well-known attacks on a blockchain network, such as the $51 \%$ attack, the Finney attack, the transaction spamming attack, or the eclipse attack. Each one of these is in fact a special case of a race attack, thus the purpose is always to create a longer chain with a conflicting transaction.

The 51% attack

An attacker who wants to change the blockchain at a certain block would have to mine again all blocks from that block up to the blockchain head, while the network keeps on adding blocks to the blockchain. Hence, the attacker doesn’t only have to redo all the past work, they also have to keep up with the pace of the creation process of new blocks of the entire system and surpass it. As we’ve shown in this theorem :Theorem_Transaction_commitment, this is possible with probability 1 if the hash rate of the adversary is greater than the hash rate of the rest of the network, i.e., $q>p$.

Definition: (51% attack)

A 51% attack is an attempt to get the majority of computational power in order to control the collective decision-making process.

However, as we’ve determined in this section, a successful double-spending attack is possible with any hash rate, i.e., an attack is still possible even if an attacker controls less than half of the computational power of the network. But, in this case, the probability of success depends on the percentage of the computational power the attacker controls and the number of blocks they want to outpace.

In the end, we can say that the trustworthiness of the blockchain relies on the assumption that no single entity can acquire the majority of the accumulated computational power of the whole system. As soon as an entity is able to control the majority of computational power, the blockchain’s integrity is undermined.

Finney attack

This attack is named after Hal FinneyHal Finney. https://bitcointalk.org/index.php?topic=3441.https://bitcointalk.org/index.php?topic=3441.msg48384/msg48384, 2011. Accessed: 2018-02-18. who first suggested it in a comment on bitcointalk in 2011: “Suppose the attacker is generating blocks occasionally. in each block he generates, he includes a transfer from address A to address B, both of which he controls.”

“To cheat you, when he generates a block, he does not broadcast it. Instead, he runs down to your store and makes a payment to your address $C$ with his address A. You wait a few seconds, do not hear anything, and transfer the goods. He broadcasts his block now, and his transaction will take precedence over yours.”

In other words, the attacker secretly mines a block before releasing a transaction $t x_{0}$ to the merchant, including in it a conflicting transaction $t x_{1}$, which sends some of their coins back to themselves without broadcasting this transaction to the network. When they find a block, they don’t broadcast it. Instead, they send a double-spend $t x_{0}$ to a merchant for some goods of service, who just monitors that the transaction has propagated through the network. After the merchant has accepted the payment and provided the service, the attacker would broadcast the secretly mined block. The transaction that sends the value to themselves will then suspend the unconfirmed payment to the merchant.

Note that this attack only works if the merchant accepts unconfirmed transactions. Hence, it’s a zero-confirmation attack. In theory, the attacker can do the attack with any hash rate, in particular significantly less than $50 \%$ of the network hash rate, just waiting for the time when they mine the next block.

Transaction spamming

Transaction spamming is an attempt to perform a denial-of-service attack on the network by creating many transactions where the attacker sends the funds to themself. This attack is unlikely to work in practice because there are reasonable countermeasures against it (Pedro Franco (2014)Pedro Franco. Understanding Bitcoin: Cryptography, Engineering, and Economics. The Wiley Finance Series. New York, NY, 2014. Wiley.):

• Only validate the transaction first received: As already mentioned, when a node receives a new unconfirmed transaction that conflicts with a transaction in its unconfirmed transactions’ memory pool, the subsequent transaction is ignored. Hence, the node only validates the transaction it receives first, whilst the other one is discharged, i.e., it’s deleted in the memory pool. This means that the node does not propagate the conflicting transaction further.

• Introducing fees: A transaction spamming is made unattractive by introducing fees, making such an attack expensive.

Eclipse attack

Since open blockchain networks are decentralized peer-to-peer systems, each user is connected to other nodes to exchange messages in order to update the state of the local replica. To create a long-term connection between the nodes, each node is identified by its own IP address.

Heilman et al. (2015)Ethan Heilman, Alison Kendler, Aviv Zohar, and Sharon Goldberg. Eclipse attacks bitcoin’s peer-to-peer network. In Proceedings of the 24th USENIX Conference on Security Symposium, SEC’15, pages 129-44, Berkeley, CA, USA, 2015. USENIX Association. proposed an eclipse attack that aims at monopolizing “all of the victim’s incoming and outgoing connections, thus isolating the victim from the rest of its peers in the network. The attacker can then filter the victim’s view of the blockchain.” Such an attack allows an adversary to eliminate the victim’s mining power or to launch double-spending attacks against the victim, even if the transactions are confirmed by several consecutive blocks. Heilman et al. have shown that resource strong opponents can eclipse a victim with a public IP with over $85\%$ probability from the Bitcoin network.