Denial-of-Service Vulnerability of Hash-based Transaction Sharding: Attack and Countermeasure

TL;DR

This paper identifies a security vulnerability in hash-based transaction sharding in blockchains, demonstrating a single-shard flooding DoS attack, and proposes a TEE-based countermeasure to eliminate this loophole, enhancing system security.

Contribution

It reveals a new DoS vulnerability in hash-based sharding and introduces a TEE-enabled countermeasure with formal security analysis and practical implementation.

Findings

Identified a single-shard flooding attack exploiting hash-based sharding.

Proposed a TEE-based countermeasure to prevent the attack.

Validated the solution's feasibility through a proof-of-concept.

Abstract

Since 2016, sharding has become an auspicious solution to tackle the scalability issue in legacy blockchain systems. Despite its potential to strongly boost the blockchain throughput, sharding comes with its own security issues. To ease the process of deciding which shard to place transactions, existing sharding protocols use a hash-based transaction sharding in which the hash value of a transaction determines its output shard. Unfortunately, we show that this mechanism opens up a loophole that could be exploited to conduct a single-shard flooding attack, a type of Denial-of-Service (DoS) attack, to overwhelm a single shard that ends up reducing the performance of the system as a whole. To counter the single-shard flooding attack, we propose a countermeasure that essentially eliminates the loophole by rejecting the use of hash-based transaction sharding. The countermeasure leverages the Trusted Execution Environment (TEE) to let blockchain's validators securely execute a transaction sharding algorithm with a negligible overhead. We provide a formal specification for the countermeasure and analyze its security properties in the Universal Composability (UC) framework. Finally, a proof-of-concept is developed to demonstrate the feasibility and practicality of our solution.