Ethereum Merge makes network more vulnerable to attack – Security expert
|The security expert said that while PoS isn’t “theoretically” as secure as PoW, he admits it still has “sufficient practical security.”
Despite the Ethereum Merge being touted as a major upgrade to the blockchain network, its transition to proof-of-stake theoretically makes it more vulnerable to exploit.
Speaking to Cointelegraph, the security researcher explained that unlike proof-of-work (PoW) systems, a proof-of-stake (PoS) system informs node validators in advance what blocks they will validate, thus enabling them to plan attacks.
The security expert, who asked not to be named, is a blockchain developer and security researcher working on a proof-of-stake layer-2 blockchain.
The researcher explained that an exploit could theoretically occur on the post-Merge Ethereum blockchain if validators manage to line up two consecutive blocks to validate.
If you control two consecutive blocks, you can start an exploit on block N and finish it on block N+1 without having any arbitrage bot coming in and fixing the price that you have manipulated in between.
“From an economic security standpoint, [this vulnerability] makes these attacks relatively easier to pull off.”
The expert said that while it’s also possible for miners to validate consecutive blocks in PoW networks – that comes down to “pure luck” and gives the miner no time to plan an attack.
As a result, the security researcher argues that Ethereum will be forgoing some strength in security when the Merge takes effect:
As we stand right now [with] the Ethereum proof-of-work versus Ethereum proof-of-stake, Ethereum proof-of-work does have stronger security [...] and economic guarantees.
“But that being said [...] proof-of-stake [still] has sufficient practical security [and] it doesn't really matter that it's theoretically not as secure as proof-of-work. It's still a very secure system,” he added.
The security expert added that “Ethereum is working on fixing [the consecutive block issue].
It is a hard problem to solve, but if that gets done, then proof-of-stake security will [further] increase [as] they’ll have protection against those attack vectors.”
Ethereum validators are subject to slashing in PoS, as the consensus rules were designed to economically incentivize validators to correctly validate incoming transactions and any conduct to the contrary would see their ETH stake slashed.
The Ethereum Merge is finally set to take place on Sept. 15 at about 2:30am UTC, according to Blocknative’s Ethereum Merge Countdown. The transition to PoS is set to make the Ethereum network more scalable and energy-efficient.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.