Developer flags potential vulnerability in Ethereum 2.0

Lior Yaffe, co-founder of Jelurida and a leading developer of Ardor and Nxt, has found a potential threat in the Ethereum 2.0 test network. Decrypt reports this.

Yaffe considered a scenario in which node participation in the network is low and some “whales” use multiple accounts. In his view, the minimum participation requirement of 66% could pose problems for the network.

“Assume that 10% of ETH is staked at a participation level of 75%. A 9 percentage-point drop would stop the chain, while only 0.9% of ETH in circulation would need to be controlled,” the developer noted.

A user cannot stake more than 32 ETH with a single node. But nothing prevents a hypothetical “whale” from running multiple accounts. According to Yaffe, this is already happening in the Medalla testnet.

The CEO of Etherscan, Matthew Tan, acknowledged the issue. A participation level below 66% would render the chain unstable and lead to finality problems, he explained.

Raul Jordan believes that in the mainnet there will be “more than 16,384 validators, around 25,000 at launch,” so the amount needed for an attack would be higher. He says that with participation around 99% an attacker would need to seize 33% of the total stake.

Jordan asserts that in this case an attack would require around $100 million. The organizer’s losses would be no less than those of network participants.

“That is not in his interests, unless he wants to lose a lot of money,” the developer noted.

Earlier, Ethereum cofounder Vitalik Buterin refuted concerns about a 51% attack on ETH 2.0. In his words, it would not be fatal for the network.

Developers launched the final Ethereum 2.0 testnet called Medalla on August 4. The network does not use real ETH or staking rewards.

Follow ForkLog news on Facebook!