Asymmetric Mempool DoS Security: Formal Definitions and Provable Secure Designs

TL;DR

This paper presents formal security definitions and a provably secure mempool design for blockchains, defending against asymmetric eviction DoS attacks with a new algorithm that ensures high attack costs and low latency.

Contribution

It introduces formal security models and a novel mempool admission algorithm, extsc{saferAd-CP}, providing provable eviction security against DoS attacks.

Findings

extsc{saferAd-CP} achieves negligible latency in evaluations.

It provides a high lower bound on eviction attack costs.

The design is effective against any eviction-based DoS attack.

Abstract

The mempool plays a crucial role in blockchain systems as a buffer zone for pending transactions before they are executed and included in a block. However, existing works primarily focus on mitigating defenses against already identified real-world attacks. This paper introduces secure blockchain-mempool designs capable of defending against any form of asymmetric eviction DoS attacks. We establish formal security definitions for mempools under the eviction-based attack vector. Our proposed secure transaction admission algorithm, named \textsc{saferAd-CP}, ensures eviction-security by providing a provable lower bound on the cost of executing eviction DoS attacks. Through evaluation with real transaction trace replays, \textsc{saferAd-CP} demonstrates negligible latency and significantly high lower bounds against any eviction attack, highlighting its effectiveness and robustness in securing blockchain mempools.