Ming Wu, Conflux CTO: The designs of Blockchain peer-to-peer network protocols and my personal opinions
12 March, 2019
In October 30th afternoon, Dr. Ming Wu, Conflux CTO, gave a lecture in the Department of Computing Science, Tsinghua University, entitled “The designs of Blockchain peer-to-peer network protocols and my personal opinions”. Tens of instructors and students attended the lecture, filling the whole classroom and even the hallway outside.
In the lecture, Dr. Wu introduced the detailed designs of the peer-to-peer network protocols in current blockchain systems and their defects and raised his own thoughts and opinions on the potential advancements of the designs in the future.
The lecture started with a brief introduction on the basic concept of blockchain technology, which was followed by a discussion on the safety issue of blockchain peer-to-peer network and Conflux’s strategy in addressing it. Below, we summarized the key contents of Dr. Wu’s lecture to share with all the friends who missed the lecture but are keen to learn about the blockchain P2P network protocols, its current design defects and how it can be improved and optimized in the future.
At the beginning of the lecture, Dr. Ming Wu introduced and analyzed the peer-to-peer network protocol of Bitcoin, one of the most popular blockchain systems, and its safety weakness: Eclipse Attack. Eclipse Attack is a typical attack method against blockchain peer-to-peer networks. It aims to control all the neighbors of certain nodes so that the attacker can control all of their incoming and outgoing data. In the design of the Bitcoin network, each node can actively establish connections with a maximum of 8 other nodes and can accept the active connection from at most 117 other nodes. In order to screen out the appropriate nodes for connection, in Bitcoin each node maintains two tables: New Table and Tried Table; the New Table records all the node addresses shared by the neighbor nodes, whereas Tried Table records all the addresses of nodes that it used to successfully connect with. When selecting nodes to actively establish a connection, Bitcoin will randomly pick a node from the tables and attempt to connect, during which it has a preference to newer record. However, this gives the attackers an opportunity: the attacker can send falsified node addresses to the victim node to pollution its New Table, and also engage its Tried Table by connecting thousands of IPs to it. In the meanwhile, once the victim node reboots because of systems update etc., the attacker will immediately operate a massive amount of nodes to connect to it, in order to exhaust its quota of 117 incoming connections. In this way, the Eclipse Attack is successfully complete.
Next, Dr. Wu continued to analyze the peer-to-peer network design of Ethereum and introduced its differences from Bitcoin. The peer-to-peer network design of Ethereum was inspired by Kademlia DHT. It has three defects:
The attacker can operate a massive amount of nodes to connect to the victim node, which will let its number of connections reach maximum, preventing it from connecting to more other nodes.
The attacker can use very few IP addresses to produce a large amount of DHT addresses, in order to engage the neighbor address lists of other nodes.
When an Ethereum node reboots, it should have reloaded the neighbor address list from the hard disk. However, the attacker can send data to the victim node, luring it not to reload the neighbor address list from the hard disk, but instead select the attacker as the neighbor.
For these reasons, Ethereum is also weak in defending Eclipse Attack.
At last, Dr. Wu introduced the peer-to-peer network design of Conflux, which is currently undergoing development. Conflux’s consensus algorithm can support full node verification with 6000 TPS, which requires a high-efficiency, stable and reliable peer-to-peer network to realize its full potential. The current peer-to-peer networks of Bitcoin and Ethereum both have the safety issue that, the attacker can forge a large number of nodes with a relatively low cost, in order to fully engage a victim node’s neighbor address list. Based on this, Dr. Wu invented several strategies to improve the network safety, for example: maintaining more extra nodes, but in the meanwhile only exchanging the block header; adjusting the number of neighbors in connection based on real-time dynamics; adding PoW mechanism to enhance the cost of attack, etc.
After the lecture, Dr. Wu hosted a Q&A section with the audiences, and answered many students’ questions regarding the designs of peer-to-peer network protocols and also the application and development of blockchain technology. Dr. Wu stated that through this lecture he hopes everyone can learn more about the designs of peer-to-peer network protocols, understand its importance to the safety and performance of blockchain, think more about how to design a safe and efficient peer-to-peer network protocol, and together follow the advancement and development of blockchain technology.
About the lecture:
With the rise of cryptocurrencies like Bitcoin and Ethereum in the field of financial technology, public blockchain has become the core technology to support the safe processing of network-level Peer-to-Peer transactions. As we all understand, the consensus mechanism and encrypted algorithm of blockchain play critical roles in preventing ledger falsification and securing the safety of blockchain. However, what is equally important is the design of the Peer-to-Peer network protocol, which plays a key role in not only the safety but also the efficiency of a blockchain system. Starting from real cases of attacks against the current Peer-to-Peer networks and recent researches on the improvement of network performance, the lecture provided in-depth discussions on how to design a safe and efficiency Peer-to-Peer network protocol.
About the lecturer:
Ming Wu, Conflux CTO
Ming Wu is the founding member of Conflux. Before joining the Conflux Team, Ming was a senior researcher at Systems Research Group in Microsoft Research Asia. He has extensive expertise in the design and implementation of distributed systems. He designed and implemented the large-scale and highly efficient distributed machine learning systems which were applied in Microsoft products. Dr. Ming Wu graduated from the University of Science and Technology of China, and he obtained a Ph.D. in computer science from the Institute of Computing Technology, Chinese Academy of Science in 2007. Later in 2007, he joined Microsoft Research Asia. His main research interests and research directions involve distributed transaction processing systems, graph computing engines, and artificial intelligence platforms. Dr. Ming Wu has published many papers in top conferences in the computer system area, such as SOSP, OSDI, NSDI, ATC, EuroSys, SoCC, VLDB, etc. He has also served as Committee Member of OSDI, ASPLOS, HotDep, and MiddleWare, and he is the publication Chair of SOSP’17.