At least 25 cryptocurrencies based on the Proof-of-Stake (PoS) algorithm contained or still contain vulnerabilities that allow attackers to interfere with the functioning of the systems, having only a small part of the participation in the network. This is stated in the report of the The Decentralized Systems Lab at University of Illinois, CCN reports.
In total, vulnerabilities have been identified in 26 PoSv3-based cryptocurrencies (varieties of the “proof of proportion” algorithm) using the Unspent Transaction Outputs (UTXO) model and following the consensus rule, in which the main chain is the longest.
We call the vulnerabilities we found ‘Fake Stake’ attacks. Essentially, they work because PoSv3 implementations do not adequately validate network data before committing precious resources (disk and RAM). The consequence is that an attacker without much stake (in some cases none at all) can cause a victim node to crash by filling up its disk or RAM with bogus data. We believe that all currencies based on the UTXO and longest chain Proof-of-Stake model are vulnerable to these ‘Fake Stake’ attacks.
The Decentralized Systems Lab at University of Illinois
The study notes that many of these cryptocurrencies are branches of the Bitcoin codebase with the implanted PoS functionality. However, it is safe to introduce new ideas not for all projects, which leads to the appearance of vulnerabilities.
As the researchers say, they managed to identify several attack scenarios. With one of them, the attacker, knowing the peculiarities of the block distribution method in the network, can overload the node's RAM by transferring false data to it, even without a share in the network.
In another case, the attacker may use the vulnerability in the process of validation of the displayed share, which is defined as the total number of transaction outputs (even those already spent) on a separate wallet. The attack organizer sends transactions to himself, thereby increasing its displayed share and increasing the chances of finding blocks. As stated, an attacker only needs a 0.01% share in the network and only 5000 transactions to himself in order to extract blocks with a displayed share of 50%.
These are only the main threats that attackers can take advantage of, however, according to the researchers, it would be a mistake to ignore smaller vulnerabilities, which can also harm both individual users and the network as a whole.
For this reason, developers of cryptocurrency based on the PoS algorithm should pay close attention to security issues and more thoroughly work out new ideas embedded in the code base of projects. Despite the fact that many of them separately work without any serious complaints, in combination with other solutions this can be a serious problem for the entire network.
The authors of the study state that they have already contacted the developers of 15 cryptocurrencies from the Top-200 by capitalization, who were at the greatest risk of attack, informing them of the threats detected. Many teams have responded and eliminated vulnerabilities, including projects such as Qtum, Emercoin, Particl and Nav Coin. However, representatives of other projects, however, have not yet respond, in particular, due to the lack of any recent developer activity.