Profitable Manipulations of Cryptographic Self-Selection are Statistically Detectable

TL;DR

This paper proves that for small enough stakeholders, any profitable manipulation of cryptographic self-selection protocols can be statistically detected by observing the sequence of random seeds, ensuring protocol integrity.

Contribution

It establishes that for stakeholders with less than approximately 38% of the stake, all profitable manipulations are statistically detectable based on seed distributions.

Findings

Profitably manipulating the protocol is detectable for stakeholders with less than 38% stake.

Sequence of random seeds under manipulation is statistically inconsistent with honest behavior.

Detectability is achieved by analyzing seed distribution deviations from honest patterns.

Abstract

Cryptographic Self-Selection is a common primitive underlying leader-selection for Proof-of-Stake blockchain protocols. The concept was first popularized in Algorand [CM19], who also observed that the protocol might be manipulable. [FHWY22] provide a concrete manipulation that is strictly profitable for a staker of any size (and also prove upper bounds on the gains from manipulation). Separately, [YSZ23, BM24] initiate the study of undetectable profitable manipulations of consensus protocols with a focus on the seminal Selfish Mining strategy [ES14] for Bitcoin's Proof-of-Work longest-chain protocol. They design a Selfish Mining variant that, for sufficiently large miners, is strictly profitable yet also indistinguishable to an onlooker from routine latency (that is, a sufficiently large profit-maximizing miner could use their strategy to strictly profit over being honest in a way that still appears to the rest of the network as though everyone is honest but experiencing mildly higher latency. This avoids any risk of negatively impacting the value of the underlying cryptocurrency due to attack detection). We investigate the detectability of profitable manipulations of the canonical cryptographic self-selection leader selection protocol introduced in [CM19] and studied in [FHWY22], and establish that for any player with $\alpha < \frac{3-\sqrt{5}}{2} \approx 0.38$ fraction of the total stake, every strictly profitable manipulation is statistically detectable. Specifically, we consider an onlooker who sees only the random seed of each round (and does not need to see any other broadcasts by any other players). We show that the distribution of the sequence of random seeds when any player is profitably manipulating the protocol is inconsistent with any distribution that could arise by honest stakers being offline or timing out (for a natural stylized model of honest timeouts).