Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue
- URL: http://arxiv.org/abs/2409.04366v1
- Date: Fri, 6 Sep 2024 15:57:43 GMT
- Title: Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue
- Authors: Lioba Heimbach, Yann Vonlanthen, Juan Villacis, Lucianna Kiffer, Roger Wattenhofer,
- Abstract summary: Many blockchain networks aim to preserve the anonymity of validators in the peer-to-peer (P2P) network.
This work demonstrates that the P2P network does not offer this anonymity.
We present a methodology that enables any node in the network to identify validators hosted on connected peers.
- Score: 19.43262773933136
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Many blockchain networks aim to preserve the anonymity of validators in the peer-to-peer (P2P) network, ensuring that no adversary can link a validator's identifier to the IP address of a peer due to associated privacy and security concerns. This work demonstrates that the Ethereum P2P network does not offer this anonymity. We present a methodology that enables any node in the network to identify validators hosted on connected peers and empirically verify the feasibility of our proposed method. Using data collected from four nodes over three days, we locate more than 15% of Ethereum validators in the P2P network. The insights gained from our deanonymization technique provide valuable information on the distribution of validators across peers, their geographic locations, and hosting organizations. We further discuss the implications and risks associated with the lack of anonymity in the P2P network and propose methods to help validators protect their privacy. The Ethereum Foundation has awarded us a bug bounty, acknowledging the impact of our results.
Related papers
- Differentially Private Data Release on Graphs: Inefficiencies and Unfairness [48.96399034594329]
This paper characterizes the impact of Differential Privacy on bias and unfairness in the context of releasing information about networks.
We consider a network release problem where the network structure is known to all, but the weights on edges must be released privately.
Our work provides theoretical foundations and empirical evidence into the bias and unfairness arising due to privacy in these networked decision problems.
arXiv Detail & Related papers (2024-08-08T08:37:37Z) - Enhancing Trust and Privacy in Distributed Networks: A Comprehensive Survey on Blockchain-based Federated Learning [51.13534069758711]
Decentralized approaches like blockchain offer a compelling solution by implementing a consensus mechanism among multiple entities.
Federated Learning (FL) enables participants to collaboratively train models while safeguarding data privacy.
This paper investigates the synergy between blockchain's security features and FL's privacy-preserving model training capabilities.
arXiv Detail & Related papers (2024-03-28T07:08:26Z) - Graph Attention Network-based Block Propagation with Optimal AoI and Reputation in Web 3.0 [59.94605620983965]
We design a Graph Attention Network (GAT)-based reliable block propagation optimization framework for blockchain-enabled Web 3.0.
To achieve the reliability of block propagation, we introduce a reputation mechanism based on the subjective logic model.
Considering that the GAT possesses the excellent ability to process graph-structured data, we utilize the GAT with reinforcement learning to obtain the optimal block propagation trajectory.
arXiv Detail & Related papers (2024-03-20T01:58:38Z) - Tikuna: An Ethereum Blockchain Network Security Monitoring System [0.0]
This paper focuses on protecting the lowest level layer in the blockchain, particularly the P2P network that allows the nodes to communicate and share information.
The P2P network layer may be vulnerable to several families of attacks, such as Distributed Denial of Service (DDoS), eclipse attacks, or Sybil attacks.
We introduce Tikuna, an open-source tool for monitoring and detecting potential attacks on the blockchain P2P network, at an early stage.
arXiv Detail & Related papers (2023-10-13T15:39:50Z) - PTTS: Zero-Knowledge Proof-based Private Token Transfer System on Ethereum Blockchain and its Network Flow Based Balance Range Privacy Attack Analysis [0.0]
We propose a Private Token Transfer System (PTTS) for the public blockchain.
For the proposed framework, zero-knowledge based protocol has been designed using Zokrates and integrated into our private token smart contract.
In the second part of the paper, we provide security and privacy analysis including the replay attack and the balance range privacy attack.
arXiv Detail & Related papers (2023-08-29T09:13:31Z) - Transaction Fraud Detection via an Adaptive Graph Neural Network [64.9428588496749]
We propose an Adaptive Sampling and Aggregation-based Graph Neural Network (ASA-GNN) that learns discriminative representations to improve the performance of transaction fraud detection.
A neighbor sampling strategy is performed to filter noisy nodes and supplement information for fraudulent nodes.
Experiments on three real financial datasets demonstrate that the proposed method ASA-GNN outperforms state-of-the-art ones.
arXiv Detail & Related papers (2023-07-11T07:48:39Z) - Smooth Anonymity for Sparse Graphs [69.1048938123063]
differential privacy has emerged as the gold standard of privacy, however, when it comes to sharing sparse datasets.
In this work, we consider a variation of $k$-anonymity, which we call smooth-$k$-anonymity, and design simple large-scale algorithms that efficiently provide smooth-$k$-anonymity.
arXiv Detail & Related papers (2022-07-13T17:09:25Z) - Quantum Multi-Solution Bernoulli Search with Applications to Bitcoin's
Post-Quantum Security [67.06003361150228]
A proof of work (PoW) is an important cryptographic construct enabling a party to convince others that they invested some effort in solving a computational task.
In this work, we examine the hardness of finding such chain of PoWs against quantum strategies.
We prove that the chain of PoWs problem reduces to a problem we call multi-solution Bernoulli search, for which we establish its quantum query complexity.
arXiv Detail & Related papers (2020-12-30T18:03:56Z) - Experimental implementation of secure anonymous protocols on an
eight-user quantum network [2.5516484173114855]
We experimentally demonstrate 5 information-theoretically secure anonymity protocols on an 8 user city-wide quantum network.
For a network of $n$ users, the protocols retain anonymity for the sender, given less than $n-2$ users are dishonest.
arXiv Detail & Related papers (2020-11-18T19:00:01Z) - Framework for a DLT Based COVID-19 Passport [0.0]
We describe a mechanism that allows one to store the COVID-19 vaccination details of individuals on a publicly readable, decentralised, immutable blockchain.
Our main contribution is the employment of a provably secure input-hiding, locality-sensitive hashing algorithm over an iris extraction technique.
arXiv Detail & Related papers (2020-08-03T18:28:19Z) - Blockchain is Watching You: Profiling and Deanonymizing Ethereum Users [0.0]
We propose and implement user profiling techniques based on quasi-identifiers.
We describe a malicious value-fingerprinting attack, a variant of the Danaan-gift attack, applicable for the confidential transaction overlays.
arXiv Detail & Related papers (2020-05-28T14:33:32Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.