Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO Sangsup Lee , Daejun Kim , Dongkwan Kim, Sooel Son, Yongdae Kim @KAIST � 1
Abstract 2K+ Cryptocurrencies � 2
Abstract Resource management of EOS.IO � 3
Abstract 4 unique vulnerabilities Resource management of EOS.IO � 4
Abstract Evaluated the impact of each vulnerability 4 unique vulnerabilities Resource management of EOS.IO � 5
Background � 6
Background: Blockchain Overview of cryptocurrency components Consensus Smart contract Blockchain-based Wallet Mining cryptocurrency P2P … Network � 7
Background: Blockchain Key components Consensus Smart contract Blockchain-based Wallet Mining cryptocurrency P2P … Network � 8
Background: Blockchain The fundamentals of blockchain Data (Block) � 9
Background: Blockchain Consensus algorithm Data (Block) Creating blocks � 10
Background: Blockchain Consensus algorithm Data (Block) Creating Verifying blocks blocks � 11
Background: Blockchain Consensus algorithm Data (Block) Creating Verifying Agreement blocks blocks on blocks � 12
Background: PoW (Proof of Work) Consensus algorithm (PoW) Create ... Data (Block) Agree Numerous block producers Slow… Bitcoin Ethereum � 13
Background: DPoS (Delegated Proof of Stake) EOS.IO Consensus algorithm (DPoS) Create Data (Block) Agree Elected 21 Block producers (BP) FAST! (0.5 sec / block) � 14
Background: DPoS (Delegated Proof of Stake) EOS.IO Consensus algorithm (DPoS) Create Data (Block) Agree Elected 21 Block producers (BP) FAST! (0.5 sec / block) But, resource management matters. � 15
Background: DPoS (Delegated Proof of Stake) Resource management necessity User Transaction … requests Blockchain � 16
Background: DPoS (Delegated Proof of Stake) Resource management necessity User Transaction … requests Blockchain Elected 21 Block producers (BP) � 17
Background: DPoS (Delegated Proof of Stake) Resource management necessity … User Overload problem Transaction … Properly process request requests Blockchain Elected 21 Block producers (BP) � 18
Background: Smart contract Smart contract $ Transaction Transaction Transaction Transaction Bob Alice Use Case ▪ Exchange ▪ Gambling ▪ Auction ▪ Funding ▪ Bank ▪ And so on. � 19
Background: Smart contract on EOS.IO $ eBay Alice Bob Contract Transaction ▪ Target (Ex. eBay) ▪ Function (Ex. Bidding(), Selling()) ▪ Permission (Ex. Alice@active) � 20
Background: Smart contract on EOS.IO $ eBay Alice Bob Contract Delegated execution BP � 21
Background: Smart contract on EOS.IO $ eBay Alice Bob Contract Delegated Execution Resource management matters Delegated execution BP � 22
Background: Resource of EOS.IO Transaction delivery Program execution Data storing NET CPU RAM � 23
Background: Resource of EOS.IO Transaction delivery Program execution Data storing NET CPU RAM Staking Individuals Blockchain system Refreshed every day � 24
Background: Resource of EOS.IO Transaction delivery Program execution Data storing NET CPU RAM Buy RAM Individuals Market Not refreshed every day. � 25
Why EOS? � 26
Why EOS? Market cap #1 #2 Consensus Smart contract Other research work research research Porosity: A decompiler for Making smart contracts smarter blockchain-based smart The miner's dilemma (ACM CCS '16) contracts bytecode (IEEE S&P '15) (Defcon '17) Be Selfish and Avoid Dilemmas: ZEUS: Analyzing Safety of Hijacking bitcoin: Routing Fork After Withholding (FAW) Smart Contracts attacks on cryptocurrencies Attacks on Bitcoin (NDSS '18) (IEEE S&P '17) (ACM CCS ‘17) teether: Gnawing at ethereum to Publish or perish: A backward- Eclipse attacks on bitcoin’s peer- automatically exploit smart compatible defense against to-peer network contracts selfish mining in bitcoin (USENIX ‘15) (USENIX '18) (RSA ‘17) 2K+ Cryptocurrencies � 27
Why EOS? Rank of Consensus Smart contract Name marketcap algorithm platform 1 Bitcoin PoW X 2 Ethereum PoW O 3 Ripple PoS X 4 Litecoin PoW X 5 Bitcoin cash PoW X 6 Binance Coin X X 7 EOS DPoS O User accounts � 1.3 M ≈ But, no security research in academia. � 28
In our paper… � 29
EOS structure What are new attack targets? Transaction (User) Transaction (SC) Block producer Users program code � 30
EOS structure What are new attack targets? Transaction (User) Transaction (SC) Block producer A B Smart Smart Contract Contract � 31
EOS structure What are new attack targets? Transaction (User) Transaction (SC) Block producer A B Smart Smart Contract Contract [ ]@eosio.code Users � 32
EOS structure What are new attack targets? Transaction (User) Transaction (SC) Block producer A B Smart Smart Contract Contract = [ ]@eosio.code Users Smart Contract Provider (SCP) � 33
EOS structure What are new attack targets? Transaction (User) Transaction (SC) Block producer A B NET NET CPU CPU RAM RAM = [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 34
Attack Target What are new attack targets? Transaction (User) block creation time Transaction (SC) Block producer A B NET NET CPU CPU RAM RAM = [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 35
Attack Target What are new attack targets? Transaction (User) block creation time Transaction (SC) Block producer A B NET NET Pay for transaction CPU CPU RAM RAM = [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 36
Attack Target What are new attack targets? Transaction (User) block creation time Transaction (SC) Block producer A B NET NET Pay for transaction CPU CPU To save data RAM RAM = [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 37
Attack Target What are new attack targets? Transaction (User) block creation time Transaction (SC) Block producer A B NET NET Pay for transaction CPU CPU To save data RAM RAM = grant permission [ ]@eosio.code to SCP Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 38
Attack Models & Threat Models & Attacks! We found … Transaction (User) Transaction (SC) Block producer A B NET NET CPU CPU RAM RAM = [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 39
Attack Models & Threat Models & Attacks! We found … Transaction (User) Block delay attack Transaction (SC) Block producer A B NET NET CPU CPU RAM RAM = [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 40
Attack Models & Threat Models & Attacks! We found … Transaction (User) Block delay attack Transaction (SC) Block producer A B NET NET CPU CPU RAM RAM = CPU-Drain attack [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 41
Attack Models & Threat Models & Attacks! We found … Transaction (User) Block delay attack Transaction (SC) Block producer A B NET NET CPU CPU RAM RAM = RAM-Drain attack CPU-Drain attack [ ]@eosio.code Users Smart Contract Provider (SCP) CPU RAM CPU RAM � 42
Attack Models & Threat Models & Attacks! We found … Transaction (User) Block delay attack Transaction (SC) Block producer A B NET NET CPU CPU RAM RAM = RAM-Drain attack CPU-Drain attack [ ]@eosio.code Users Smart Contract RAMsomware attack Provider (SCP) CPU RAM CPU RAM � 43
Attack � 44
Block delay attack Block delay attack | DoS by draining EOS resources | RAMsomware attack Block producer Timer (T) 0.5s 0.5s Succeeded state Exhausted state Queue Block Transactions (trx) � 45
Block delay attack Block delay attack | DoS by draining EOS resources | RAMsomware attack Block producer Timer (T) T+0.5s T+0.5s T+0.5s T+0.5s T+0.5s Succeeded state Exhausted state Queue Block Transactions (trx) � 46
Block delay attack Block delay attack | DoS by draining EOS resources | RAMsomware attack Block producer Timer (T) T+0.5s T+0.5s T+0.5s T+0.5s T+0.5s Succeeded state T+0.2 +0.2 +0.2 +0.2 +0.2 Exhausted state Queue Block Transactions (trx) � 47
Block delay attack Block delay attack | DoS by draining EOS resources | RAMsomware attack Block producer Timer (T) T+0.5s T+0.5s T+0.5s T+0.5s T+0.5s Succeeded state T+0.2 +0.2 +0.2 +0.2 +0.2 Exhausted state Queue Block Transactions (trx) � 48
Recommend
More recommend
