The Balance Attack Against Proof-Of-Work Blockchains: The R3 Testbed as an Example

TL;DR

This paper introduces the Balance attack, a new threat to proof-of-work blockchains, demonstrating its feasibility through theoretical analysis, real-world statistics, and experimental validation on an Ethereum-like system, highlighting vulnerabilities in consortium blockchains.

Contribution

The paper presents the first formal analysis and experimental validation of the Balance attack, revealing critical vulnerabilities in proof-of-work blockchain protocols for consortium settings.

Findings

A single machine can execute the attack in about 20 minutes on R3-like networks.

The attack can double spend with high probability under certain network delays.

Main proof-of-work protocols are vulnerable in consortium blockchain scenarios.

Abstract

In this paper, we identify a new form of attack, called the Balance attack, against proof-of-work blockchain systems. The novelty of this attack consists of delaying network communications between multiple subgroups of nodes with balanced mining power. Our theoretical analysis captures the precise tradeoff between the network delay and the mining power of the attacker needed to double spend in Ethereum with high probability. We quantify our probabilistic analysis with statistics taken from the R3 consortium, and show that a single machine needs 20 minutes to attack the consortium. Finally, we run an Ethereum private chain in a distributed system with similar settings as R3 to demonstrate the feasibility of the approach, and discuss the application of the Balance attack to Bitcoin. Our results clearly confirm that main proof-of-work blockchain protocols can be badly suited for consortium blockchains.