Security Analysis on dBFT Protocol of NEO

被引：20

作者：

Wang, Qin ^{[1
]}

Yu, Jiangshan ^{[2
]}

Peng, Zhiniang ^{[3
]}

Bui, Van Cuong ^{[1
]}

Chen, Shiping ^{[4
]}

Ding, Yong ^{[5
]}

Xiang, Yang ^{[1
]}

机构：

[1] Swinburne Univ Technol, Melbourne, Vic, Australia

[2] Monash Univ, Melbourne, Vic, Australia

[3] Qihoo 360 Core Secur, Beijing, Peoples R China

[4] CSIRO, Data61, Sydney, NSW, Australia

[5] Cyberspace Secur Res Ctr, Shenzhen, Peoples R China

来源：

FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2020 | 2020年 / 12059卷

关键词：

Blockchain; NEO; dBFT; Safety; CONSENSUS;

D O I：

10.1007/978-3-030-51280-4_2

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

NEO is ranked as one of the top blockchains by market capitalization. We provide a security analysis on its backbone consensus protocol, called delegated Byzantine Fault Tolerance (dBFT). The dBFT protocol has been employed by NEO and other blockchains like ONT. dBFT claims to guarantee safety when no more than f = [n/3] nodes are Byzantine, where n is the total number of consensus participants. However, we identify attacks to break the safety with no more than f Byzantine nodes. This paper provides the following contributions. First, we evaluate NEO's source code and present the procedures of dBFT. Then, we present two attacks to break the safety of dBFT protocol with no more than f nodes. Therefore, the system cannot guarantee the claimed safety. We also provide recommendations on how to fix the system against the identified attacks.

引用

页码：20 / 31

页数：12

共 27 条

[1]

Abraham I., 2018, REVISITING FAST PRAC

[2]

Akkoyunlu E. A., 1975, Operating Systems Review, V9, P67, DOI 10.1145/1067629.806523

[3] Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains [J].

Androulaki, Elli ;

Barger, Artem ;

Bortnikov, Vita ;

Cachin, Christian ;

Christidis, Konstantinos ;

De Caro, Angelo ;

Enyeart, David ;

Ferris, Christopher ;

Laventman, Gennady ;

Manevich, Yacov ;

Muralidharan, Srinivasan ;

Murthy, Chet ;

Binh Nguyen ;

Sethi, Manish ;

Singh, Gari ;

Smith, Keith ;

Sorniotti, Alessandro ;

Stathakopoulou, Chrysoula ;

Vukolic, Marko ;

Cocco, Sharon Weed ;

Yellick, Jason .

EUROSYS '18: PROCEEDINGS OF THE THIRTEENTH EUROSYS CONFERENCE, 2018,

[4]

[Anonymous], 2019, NEO SOURCE CODE GITH

[5]

[Anonymous], 2019, DISCUSSION IMPROVEME

[6]

Cachin C., 2017, 31 INT S DISTR COMP, DOI [10.4230/LIPIcs.DISC.2017.1, DOI 10.4230/LIPICS.DISC.2017.1]

[7] Practical byzantine fault tolerance and proactive recovery [J].

Castro, M ;

Liskov, B .

ACM TRANSACTIONS ON COMPUTER SYSTEMS, 2002, 20 (04) :398-461

[8]

Decker C., 2016, P 17 INT C DISTR COM, P13

[9] CONSENSUS IN THE PRESENCE OF PARTIAL SYNCHRONY [J].

DWORK, C ;

LYNCH, N ;

STOCKMEYER, L .

JOURNAL OF THE ACM, 1988, 35 (02) :288-323

[10] Majority Is Not Enough: Bitcoin Mining Is Vulnerable [J].

Eyal, Ittay ;

Sirer, Emin Guen .

FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2014, 2014, 8437 :436-454

← 1 2 3 →