ZenGo Uncovers ‘Dogbyte’ Attack in Diogenes Protocol Proof of Ethereum 2.0 Beacon Chain

2020-9-3 16:32

Coinspeaker
ZenGo Uncovers ‘Dogbyte’ Attack in Diogenes Protocol Proof of Ethereum 2.0 Beacon Chain

The Diogenes project being led by Ligero Inc team has been under review by ZenGo upon the request of the Ethereum Foundation and VDF alliance. According to a recent update, there was a massive discovery of a potential attack vector that has the capacity to access the Ethereum 2.0 VDF from the backdoor. After that discovery, the ZenGo researcher has uncovered another vulnerability termed as “Dogbyte” that can open a way for a potential attack.  It allows passive observers to access the secret of the project to break the security of the protocol. All it requires is the central coordinator to conspire with a participant for the attack to materialize.

Diogenes is designed to facilitate “ceremony” in a bid to produce RSA modules. The said ceremony is a multiparty computation protocol which once completed, the modules would be integrated into the VDF protocol. This is meant to form a part of an unbiased random beacon within the Ethereum 2.0 blockchain. The protocol aims to produce a bit-prime N=pq. P and q are 1024 bit-primes hidden to the parties. In layman terms, there are about 1024 participants involved in the process and run a number of protocols. 

Protocols Run by Participants

 All the parties involved compute a joint public key. Each of them also samples random local secrets and encrypts their secret shares to the point of public keys. Interestingly, there is a coordinator designed to combine all the ciphertexts. It is also charged to compute the encryption of “p” homomorphically. After the parties decrypt to get a candidate N jointly, they check through multiple tests that p and q are primes. In fact, the tests are conducted in a distributed fashion since p and q are unknown to the parties. 

The vulnerability in the protocol that puts it at risk of a crucial attack according to ZenGo comes from the fact that the above process must be repeated many times to ensure that at least one of the candidates passes all the tests. The protocol will then produce many bad candidates naturally. 

Back to the Dogbyte Attack by ZenGo

Although the process run to ensure fairness, the Dogbyte attack guarantees that anyone who could observe the protocol transcript access and learn the secrets generated by the ceremony.  Moreover, participants can equally access the secret.

According to Omer Shlomovits, the ZenGo researcher, “participants can gain an unfair advantage in all utilities built atop the random beacon chain” after using the secret to “skew the randomness generated in the beacon chain”. 

The cost of seeing malicious parties engage in a protocol that looks for an honest computation can be a disaster, because they can introduce bias, learn secret inputs, and even launch a DDoS attack.

ZenGo Uncovers ‘Dogbyte’ Attack in Diogenes Protocol Proof of Ethereum 2.0 Beacon Chain

Similar to Notcoin - Blum - Airdrops In 2024

origin »

BlockMason Credit Protocol (BCPT) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.04 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.030045 (-100%)

protocol attack dogbyte beacon zengo ethereum uncovers

protocol attack → Результатов: 53


Decentralized Exchange Bisq Loses 3 Bitcoin (BTC) and 4,000 XMR ($230k) in an Attack

The decentralized bitcoin trading network Bisq has reported an attack that resulted in the loss of 3 BTC worth nearly $22,000 and 4,000 XMR worth $224,000. The open-source, peer-to-peer exchange that requires no registration to trade cryptos suffered an attack 24 hours ago where the attacker exploited a flaw in Bisq’s trade protocol. Statement on the […]

2020-4-9 20:31


Фото:

Mimblewimble Attack is ‘Factually Inaccurate’, Grin Team Responds

The claim that hired computing power could “break” the Mimblewimble privacy tool for Litecoin (LTC) is inaccurate, according to a response from the Grin development team.   Weakness Did Not Reveal Final Senders or Receivers The Grin team admitted that the protocol held a known weakness, but directing hired computing power from AWS did not constitute an ‘attack’.

2019-11-20 20:47


Sidechains vs Plasma vs Sharding

Special thanks to Jinglan Wang for review and feedback One question that often comes up is: how exactly is sharding different from sidechains or Plasma? All three architectures seem to involve a hub-and-spoke architecture with a central “main chain” that serves as the consensus backbone of the system, and a set of “child” chains containing actual user-level transactions.

2019-6-14 04:03


Bitcoin Cash exploit cripples network during scheduled hardfork upgrade

A bug was reportedly exploited on Bitcoin Cash during a scheduled hardfork upgrade of the protocol. For an hour and a half transactions went unprocessed, causing fees to skyrocket. A source familiar with the project says the exploit “looks like a timed attack,” while other rumors are circulating that the “attacker” placed a 180,000 BCH short […] The post Bitcoin Cash exploit cripples network during scheduled hardfork upgrade appeared first on CryptoSlate.

2019-5-16 21:43


Фото:

What Bitcoin Did Gets Technical with Crypto-Educator Jimmy Song

<iframe style="border: none" src="//html5-player. libsyn. com/embed/episode/id/7132345/height/90/theme/custom/autoplay/no/autonext/no/thumbnail/yes/preload/no/no_addthis/no/direction/backward/render-playlist/no/custom-color/87A93A/" height="90" width="100%" scrolling="no"  allowfullscreen webkitallowfullscreen mozallowfullscreen oallowfullscreen msallowfullscreen></iframe> On the latest episode of What Bitcoin Did, host Peter McCormack interviews Jimmy Song, a consultant in blockchain education, to take an in-depth look at a relatively recent incident in the world of cryptocurrency and use that as an example to segue into a deeper discussion on the possible trajectories of Bitcoin itself.

2018-10-6 00:05


Фото:

Governance, Part 2: Plutocracy Is Still Bad

Coin holder voting, both for governance of technical features, and for more extensive use cases like deciding who runs validator nodes and who receives money from development bounty funds, is unfortunately continuing to be popular, and so it seems worthwhile for me to write another post explaining why I (and Vlad Zamfir and others) do not consider it wise for Ethereum (or really, any base-layer blockchain) to start adopting these kinds of mechanisms in a tightly coupled form in any significant way.

2018-7-21 23:03


STARKs, Part I: Proofs with Polynomials

Special thanks to Eli Ben-Sasson for ongoing help, explanations and review, coming up with some of the examples used in this post, and most crucially of all inventing a lot of this stuff; thanks to Hsiao-wei Wang for reviewing Hopefully many people by now have heard of ZK-SNARKs, the general-purpose succinct zero knowledge proof technology that can be used for all sorts of usecases ranging from verifiable computation to privacy-preserving cryptocurrency.

2018-7-21 23:03


Фото:

Syscoin Hack Disrupts Binance Prompting Temporary Shutdown 96 BTC ($600,000) is a lot of money to pay for anything, not least a single .

The BTC they received was then withdrawn, prompting Binance to temporarily cease trading and to reset all APIs, which are believed to have facilitated the attack. Intriguingly, the Syscoin hack came just one day after blockchain security protocol Blue claimed that half of the top 50 cryptocurrencies were vulnerable to “destructive flaws”. Binance Cancels All

2018-7-4 16:43