Distributed consensus protocols vulnerabilities/attack vectors/patterns and defense solutions
I) Network itself is a problem/barrier for distributed systems, no network == no consensus. Network delays, packets reordering, filtering, injection, front-running, MITM, Cybil, etc.
Solution: decentralized/mesh networks, cryptography, protected p2p communication/session protocols, e2e encryption, protected key management infrastructure, offline/protected channels for keys exchange, attacks detection/prevention mechanisms. Networking problems must be handled on consensus layer as well (DDoS, delays, etc.).
II) Block producers (leaders) under attacks who produce and send blocks to whole network. Any single producer can be attacked, DDoSed, compromised, etc.
Solution: leaderless consensus approaches, redundancy (many leaders produce blocks at the same time, attack on one leader can’t stop whole network)
III) Block producers (leaders) who attacks produce and send malware blocks to whole network or individual nodes.
Solution: All incoming blocks must be verified and analyzed, only valid blocks can be accepted and processed. Blacklists (malware proofs).
IV) Transaction level attacks, double spend — most known one, combined with network level attacks (split brain).
Solution: All incoming transactions must be verified and analyzed, only valid transactions can be accepted and processed. Blacklists (malware proofs).
V) Consensus layer attacks are most efficient. It’s very hard (impossible) to protect network from majority attack (>50% voting power), but can be detected even by single node;
Solution: economic/infrastructure barriers (PoW/PoS/Po..), voting power majority detection.
VI) Endpoint security is a big problem. Private keys can be stolen and used by attackers.
Solution: HSM usage, keys leakage detection, keys rotation mechanisms.
VII) Combo attacks is a most efficient pattern (network, leaders, consensus endpoint layers)
Solution: Combo defense (prevention/detection mechanisms)
VIII) Social engineering is not tech but human vector.
Solution: Decentralized, community driven governance (no one hand power)
