That’s the finding from Selfish Behavior within the Tezos Proof-of-Stake Protocol, published last November by then-Harvard researcher and current Google engineering intern Michael Neuder.
The paper from Neuder and other Harvard researchers shows the profitability – albeit small – of “selfish endorsing” attacks in Tezos, a variant of selfish mining.
Luckily for Tezos, the selfish mining concern can easily be patched through the network’s flexible on-chain governance model, which conducts periodic votes for protocol changes in lieu of hard or soft forks.
“It was an excellent research paper and we’d like to see more specialise in economic and complex-system-interactions in cryptocurrency systems in academic and industrial research,” Tezos Foundation Chief Security Officer Ryan Lackey told CoinDesk in an email. “Thanks to our governance model, it’s pretty easy to urge [the fix] adopted.”
However, the power to deal with governance issues quickly raises questions concerning possible trade-offs involved on-chain governance, how voting works and therefore the possible outcomes of staking centralization.
As described and proven by the researchers, a Tezos baker (the blockchain’s term for “miner”) are often rationally incentivized to make their own blocks and receive endorsements from other bakers not connected to the most chain, creating a secondary invalid chain.
Through the attack, the initial baker gains both the block and endorsement reward for the invalid block and may continue the attack until detected. If exposed, the baker’s stake is “slashed,” punishing the baker for dishonest mining.
In Tezos, stakers gain fractions of a block reward for endorsing the creation of a replacement block, which packages network transactions. Selfish mining occurs in Nakamoto-style consensus mechanisms, like Tezos, which follow the longest chain rule. Under the rule, the longest chain, containing the foremost work, is usually considered the right pathway by network participants.
The attack is way from lucrative, however, for 2 reasons.
The net payout of an attack is insignificant – a mere 255 XTZ ($336 at today’s prices) for staking 40 percent of the network’s outstanding supply in one year. It’s also highly costly if detected: Validators can have their stake within the network removed if dishonesty is detected. Still, consistent with Messari research analyst Wilson Withiam, the study exposes understudied aspects of PoS.
“It goes to point out how little we all know about PoS mechanisms, including one during a working environment,” Withiam told CoinDesk. “As the less understood consensus mechanism next to Proof-of-Work, most PoS attack vectors may remain unknown, and code changes like those implemented via [Tezos governance update] Babylon could still unveil new vulnerabilities on live networks.”
Withiam said that with more PoS network’s launching within the near future, like Eth 2.0 and Libra, understanding selfish-mining attacks remains “vital.”
The attack could also be unlikely thanks to the high costs, but Tezos remains taking the difficulty seriously. An ongoing election is predicted to pass a network upgrade altering endorsement incentives, consistent with Adrian Brink of Tezos blockchain research firm Cryptium Labs.
“It’s important to know that the majority of those attacks (like selfish baking) aren’t short-term dangers but rather long-term dangers, since they’re obvious if executed and only start to possess a significant impact if executed over months to years,” Brink said via email.
The incident highlights Tezos’ on-chain governance, a singular feature among current blockchain protocols.
For selfish mining, Brink said changing incentives to decrease the likelihood of attacks is that the goal.
“[The update] hardens the safety model so as to form more likely attacks (such because the selfish baking attack) unprofitable for attackers unless they acquire a really large percentage of the stake,” said Brink.
Even with all the flamboyant coding, developing a holistic system remains difficult, said Brink.
“Generally it’s impossible to create a security model which is secure against everything,” he said. “Bitcoin’s mining model has many weaknesses and there are countless papers written about it. therefore the trick with designing these systems is to form the proper trade-offs.”
On-chain governance and staking centralization
Network attack vectors like selfish mining highlight Tezos’ on-chain governance and therefore the ability to deal with headaches before they become migraines.
Yet, compared to other chains, Tezos has taken the unexplored path when it involves large-cap coins requiring censorship-resistance and stability.
For Tezos, the mounting centralization of staking on exchanges could have many unknown consequences.
As data firm Coinmetrics acknowledged , the amount of addresses staking 0.1 XTZ or more on Coinbase jumped 30 percent in one month following the exchange’s “free staking” announcement. What are the possible outcomes for mass staking on publicly identifiable – and thus censorship prone – exchanges?
“Staking with coins persisted an exchange is easier than delegating or staking directly,” said Castle Island Ventures partner Nic Carter. “It’s not surprising to me. Exchanges are quite neo-banks serving the crypto community.” (Carter holds investments in XTZ.)
Carter said voting-based systems like PoS require “a robust civil society.” In other words, information and participation are worth their weight in gold for these protocols.
“I think Tezos has done well therein respect,” Carter said. “They have high participation and usually an eagerness on the a part of token holders to participate. Whether this impairs the censor resistance of the protocol – that’s a stimulating question we’ll grapple with soon, I believe.”