Timestamp Manipulation: Timestamp-based Nakamoto-style Blockchains are Vulnerable

TL;DR

This paper introduces SUUM, a novel timestamp manipulation attack on Nakamoto-style blockchains, demonstrating its persistent threat and discussing potential mitigation strategies.

Contribution

It presents the first block withholding attack exploiting timestamp manipulation in Nakamoto-style blockchains, highlighting new security vulnerabilities.

Findings

SUUM enables indefinite, low-cost attacks with minimal difficulty risk.

The attack can significantly disrupt blockchain security and reward distribution.

Four mitigation measures are proposed to counter SUUM.

Abstract

Nakamoto consensus are the most widely adopted decentralized consensus mechanism in cryptocurrency systems. Since it was proposed in 2008, many studies have focused on analyzing its security. Most of them focus on maximizing the profit of the adversary. Examples include the selfish mining attack [FC '14] and the recent riskless uncle maker (RUM) attack [CCS '23]. In this work, we introduce the Staircase-Unrestricted Uncle Maker (SUUM), the first block withholding attack targeting the timestamp-based Nakamoto-style blockchain. Through block withholding, timestamp manipulation, and difficulty risk control, SUUM adversaries are capable of launching persistent attacks with zero cost and minimal difficulty risk characteristics, indefinitely exploiting rewards from honest participants. This creates a self-reinforcing cycle that threatens the security of blockchains. We conduct a comprehensive and systematic evaluation of SUUM, including the attack conditions, its impact on blockchains, and the difficulty risks. Finally, we further discuss four feasible mitigation measures against SUUM.