Eclipse Attacks Explained

Basics

In the world of network security, an attack called "eclipse" can disrupt nodes on a network. The attacker's goal is to obscure a node's view of the peer-to-peer network, which can prepare for more sophisticated attacks or cause general disruption. Although similar to Sybil attacks, where fake peers flood the network, eclipse attacks focus on a single node. In contrast, Sybil attacks are designed to manipulate the reputational system of the protocol across the entire network.

In a 2015 paper titled "Eclipse Attacks on Bitcoin's Peer-to-Peer Network," researchers from Boston University and Hebrew University discuss their findings from experiments in mounting eclipse attacks. They also provide suggestions on possible countermeasures to combat these attacks.

How Does It Work?

Bitcoin mining requires specialized equipment, but low-spec devices can run non-mining full nodes that help decentralize Bitcoin. These nodes synchronize a transaction database with their peers to remain aligned with the network. Bandwidth is often a limiting factor for many nodes since the Bitcoin software only permits a maximum of 125 connections.

Malicious actors use eclipse attacks to interfere with target nodes by connecting all their connections to attacker-controlled nodes. The attack begins with the malicious entity flooding the target with its IP addresses, which the victim will likely connect to upon software restart. This can be achieved either by forcing a restart via a DDoS attack or waiting for a restart to occur. The target becomes vulnerable to the attacker's nodes and can receive incorrect data with no view of the wider network. Researchers from Boston University and Hebrew University suggested countermeasures in their 2015 paper, "Eclipse Attacks on Bitcoin's Peer-to-Peer Network."

Examples of Further Actions of Attackers

When a malicious actor cuts off a peer from the network, they likely have a motive for doing so. This is because a node that has been cut off is more susceptible to subsequent attacks that can be launched with greater ease.

0-Confirmation Double Spends

Accepting transactions with no confirmations carries the risk of a double spend. Until a transaction has been added to a block on the blockchain, the sender can craft a new transaction that spends the same funds elsewhere. If the new transaction has a higher fee, a miner is likely to include it before the original, rendering the earlier one invalid.

Some businesses and individuals accept such 0-confirmation transactions, leaving them vulnerable to double-spending. For instance, a merchant named Charlie, who sells high-end vehicles, may unknowingly accept a transaction that has been eclipsed by a malicious actor, Eve. In this scenario, Charlie broadcasts the transaction to the network, believing it to be genuine. However, the transaction is relayed to Eve's malicious nodes, which will not relay to honest nodes. Thus, the transaction will hang in limbo, allowing Eve to spend the same funds on the real network. By the time the initial transaction to Charlie is eventually seen, it will be rejected as the coins will have already been spent.

N-Confirmation Double Spends

The 0-confirmation double spend attack can be avoided by waiting for a certain number of confirmations. But to work around this, attackers can perform an N-confirmation double spend attack, which requires eclipsing both miners and the merchant. Once the attacker has placed an order with the merchant, they broadcast a transaction to the eclipsed miners, which is confirmed and included in the blockchain.

However, this blockchain is not observed by the majority of the network, as the miner is cut off. The attacker then relays this version of the blockchain to the merchant, who releases the goods under the impression that the transaction has been confirmed. When the eclipsed nodes reconnect to the actual network, the blockchain they believe to be valid is orphaned by the one that the rest of the network has been working on. This type of attack is similar to a 51% attack.

Weakening Competing Miners

When a node is eclipsed, it functions normally, unaware of its segregation from the network. Although miners continue to produce blocks, they are rejected when synced with honest peers. Although it's currently too expensive for any attacker to purchase 51% of Bitcoin's hashing power, a hypothetical scenario exists where an attacker could acquire such power by cutting off a significant amount of the distributed hashing power. If an attacker eclipses five of the ten parties with 8TH/s of hashing power each, they'd only need slightly over 20TH/s to take control. Sabotage could also involve selfish mining node manipulation or miner racing engineering.

How to Mitigate the Effects of an Eclipse Attack?

An attacker can eclipse any node with enough IP addresses, but blocking incoming connections and only making outbound connections to specific nodes can prevent this. However, this approach is not scalable as new nodes will not be able to join the network. The authors of a research paper propose tweaks to the Bitcoin software, some of which have been integrated since the paper's release. These modifications make eclipse attacks more expensive, such as random selection of new connections and greater capacity for storing addresses.

Conclusion

Eclipse attacks are a type of attack that occurs at the peer-to-peer network level. Though these attacks are a minor annoyance on their own, their true danger lies in their potential to enable other financially harmful attacks. So far, there have been no major consequences from eclipse attacks, but the threat still exists despite the network's built-in defenses. The best defense against such attacks, as with most cryptocurrency attack vectors, is to make them financially unfeasible for attackers to carry out.