What Stops Big Validators From Taking Over Ethereum?
Soft forks that can be turned on by users make it possible for Ethereum to effectively defend itself against 51% attacks.
- Ethereum’s transition to Proof-of-Stake has raised concerns about the network’s resilience to 51% attacks.
- The top four staking entities control 59.6% of all ETH staked.
- However, user-activated soft forks (UASFs) ensure that bad actors, no matter how large their stake, cannot take over the network.
- Critics of Ethereum’s new Proof-of-Stake consensus mechanism have raised concerns that it makes the network vulnerable to hostile network takeovers. However, Ethereum’s new system includes a failsafe that allows users to burn any attacker’s funds who attempts to take control of the blockchain.
Ethereum’s Exposure to 51% Attacks
- Ethereum’s recent departure from Proof-of-Work has raised concerns about the network’s ability to withstand attacks.
- Ethereum successfully upgraded its consensus mechanism to Proof-of-Stake
- On September 15. Among other things, the event, now known as the “Merge” in the crypto community, transferred block production duties from miners to validators. In contrast to miners, who need special hardware to process transactions, validators only need to stake 32 ETH to get the right to process transactions?
- However, some members of the crypto community have pointed out that the majority of Ethereum’s validating power is now concentrated in the hands of a few entities. Dune Analytics says that Lido, Coinbase, Kraken, and Binance control 59.6% of the market share for all ETH that has been staked.
- This high concentration of staking power has raised concerns that Ethereum may be vulnerable to 51% attacks, which are hostile takeovers of blockchains by entities (or groups of entities) controlling the majority of block processing power. In other words, large staking entities may band together to rewrite portions of Ethereum’s blockchain, change the order of new transactions, or censor specific blocks.
- The possibility of a 51% attack became especially apparent following the US government’s ban on Tornado Cash. On August 8, the US Treasury Department added Tornado Cash to its sanctions list, claiming that cybercriminals used the crypto project for money laundering. Coinbase, Kraken, Circle, and other centralised entities quickly complied with the sanctions and blacklisted Tornado Cash-related Ethereum addresses. So, if the Treasury ordered it, what would stop these companies from using their staking power to censor transactions on Ethereum’s base layer?
- Vitalik Buterin, who created Ethereum, and other developers have said that the network still has an ace up its sleeve: the ability to use user-activated soft forks (UASFs).
What Exactly Is a UASF?
- A UASF is a mechanism that allows a blockchain’s nodes to initiate a soft fork (a network update) without requiring the usual support of the chain’s block producers (miners in Proof-of-Work, validators in Proof-of-Stake).
- What distinguishes the procedures is that soft forks are normally initiated by block producers; UASFs, on the other hand, wrest control of the blockchain from them and temporarily hand it over to nodes (which can be operated by anyone). In other words, regardless of what miners or validators want, a blockchain community can update a network’s software.
- The term is most commonly associated with Bitcoin, which famously triggered a UASF in 2017 to force the controversial SegWit upgrade to be activated. However, Ethereum’s Proof-of-Stake mechanism was specifically designed to allow minority-led UASFs to combat 51% attacks. If an attacker tries to take control of the blockchain, the Ethereum community can simply trigger a UASF and destroy all of the malicious actor’s staked ETH, effectively reducing their validating power to zero.
- Actually, Buterin claims that UASFs make Proof-of-Stake more resistant to 51% attacks than Proof-of-Work. To take over the blockchain in Proof-of-Work, attackers simply need to acquire the majority of the hashrate; doing so is costly, but there are no other penalties. Bitcoin can modify its algorithm to render some of the attacker’s mining power ineffective, but only once. Proof-of-Stake mechanisms, on the other hand, can slash an attacker’s funds as many times as necessary via UASFs.
- “Attacking the chain the first time will cost the attacker many millions of dollars, and the community will be back on their feet within days,” says Buterin. Attacking the chain a second time will still cost the attacker millions of dollars because they will need to buy new coins to replace the burned coins. And the third time will cost millions more. The game is highly asymmetrical and does not favors the attacker. ”
The Nuclear Option Is Slashing
- When asked if Coinbase would ever use its validating power to censor Ethereum transactions if asked by the Treasury, Coinbase CEO Brian Armstrong stated that he would rather “focus on the bigger picture” and shut down the exchange’s staking service. While there’s little reason to doubt his sincerity, the possibility of a UASF was most likely a factor in the equation. At today’s prices, Coinbase currently has over 2,023,968 ETH (approximately $2.7 billion at today’s prices) staked. If the exchange tries to censor Ethereum transactions, its entire stack could be slashed.
- It’s worth noting that slashing isn’t Ethereum’s only option in the event of a malicious takeover. According to the Ethereum Foundation, Proof-of-Stake also allows honest validators (validators who are not attempting to attack the network) to “continue building on a minority chain and ignore the attacker’s fork while encouraging apps, exchanges, and pools to do the same.” The attacker would keep their ETH stake, but would be locked out of the relevant network in the future.
- Finally, it’s worth noting that Ethereum’s staking market isn’t as centralized as it appears. Lido is a decentralized protocol that uses over 29 different staking service providers and currently processes 30.1% of the total staked ETH market. Individual validators, not Lido itself, are in charge of the staked ETH. As a result, collusion among major stakeholder entities would be much more difficult to organize than it appears.
Disclaimer: The author of this piece owned BTC, ETH, and several other cryptocurrencies at the time of writing.