CS Talk
Aviv Yaish, The Hebrew University
Host: Fan Zhang
Title: Speculative Denial-of-Service Attacks in Ethereum
Abstract:
Ethereum’s gas mechanism is meant to ensure that transactions do not consume computational resources without paying for them. We show that this mechanism is in itself insufficient to protect nodes from denial-of-service (DoS) attacks and that adversaries can target processes that require speculative transaction execution, which is often done out-of-context. We thus demonstrate how to craft malicious transactions that decouple the work imposed on blockchain actors from the compensation offered in return. We introduce three attacks: (i) ConditionalExhaust, the first conditional resource exhaustion attack against blockchain actors. (ii) MemPurge, an attack for evicting transactions from victims’ mempools. (iii) GhostTX, an attack on the reputation system used in Ethereum’s proposer-builder separation (PBS) ecosystem.
Bio:
Aviv is a Ph.D. candidate in the Computer Science department at the Hebrew University. His research delves into the intricate relationship between the economics and security of distributed systems. Among other honors, Aviv received the four-year merit-based Ze’ev Jabotinsky Fellowship for Ph.D. students, the Hebrew University’s rector award for first-in-class computer science M.Sc. students, and an award for excellence in teaching. Aviv is also a research associate at Matter Labs, and a visiting researcher at the University of Innsbruck, funded by the Austria-Israel Academic Network Innsbruck visiting researcher fellowship.