SoK: Context, State-of-the-Art, and Challenges on Cryptocurrency Networking

Our latest Systematization of Knowledge (SoK) ARES paper discusses networking aspects of Cryptocurrencies, such as Bitcoin, which are distributed systems that critically rely on performance and security. Unlike traditional communication networks, the usage in these networks is sparse, incentive-based, and they are required to be highly decentralized and private. We wrote this paper especially for people with an interest in networking to have a closer look at these interesting problems, and the open questions and challenges that arise in this sub-domain

In this blog post, we will separate the discussion to 4 main areas of concern from the networking perspective: Block propagation, Transaction propagation, P2P topology, and Off-chain payment channels. In each category, we provide a general discussion about the field and survey a few open questions. This blog post highlights parts of the full paper, which can be found here:
https://arxiv.org/pdf/2008.08412.pdf

SoK organization

Disclaimer: There are many different kinds of blockchains out there, and the term blockchain is often used liberally even for protocols that don’t actually use blocks. Here we’ll specifically talk about cryptocurrency systems, and limit ourselves to Bitcoin and similar blockchains. Most of the issues, however, carry over to other kinds of blockchains.

Cryptocurrencies Networks

Cryptocurrency systems allow users to transfer funds. Generally, there are two types of entities in the system:

• End users — send and receive transactions. For the sake of this discussion, we will think of transactions as money transfers.
• Miners — approve transactions and “decide” on the true state of the system (reaching consensus). Miners operate the system and get remunerated for their service.

The blockchain is the data structure that contains the set of accepted transactions, and there is a consensus protocol running over it to synchronize it between all the nodes in the system. This is the primary function of the system.

The main motivation behind cryptocurrencies is to have a decentralized system in which these operations are not controlled by a single\central entity. Here lies the challenge in blockchain systems — someone might try to confuse the system in order to steal\print money.

In order to have a truly decentralized system, anyone should be able to join. But this also allows attackers to run nodes that approve transactions. So the challenge becomes protecting the system against attackers that try to “double-spend” funds.

Block Propagation

Blocks in cryptocurrency protocols are used to establish a common state. They form the input that the consensus protocol strives to reach agreement on. Blocks order transactions, thus the state of the network can be constructed by following the ordering of transactions included in blocks in the consensus chain. Transactions are considered confirmed upon being included in a block “deep enough” in the consensus chain. Therefore, block propagation is an issue of utmost importance to the consensus process. How fast miners learn about new blocks, and how quickly blocks can be created and validated are crucial for the efficiency of a cryptocurrency.

The state-of-the-art section discusses papers regarding: Compressed block encoding, Stratum Mining Protocol, Weak blocks, Relay Networks, State Synchronization, Incentives for Block Propagation, and SPV mining.

An interesting open question that we discuss in the paper is how to accelerate block propagation, I.e. different approaches towards optimizing the exchange of information in blocks between two nodes, as well the dissemination in the network.

Another open question studies broadcasting blocks within a pool. Pools which are very well connected internally and therefore can disseminate newly minted blocks fast, have an advantage in mining over their competitors. Within a pool, one could consider a more permissioned model with a more structured overlay topology for speed, balancing the possible velocity gains with the risk of new attacks.

Transaction propagation

Transactions are created by a single user. They are then propagated across the network through a dispersal mechanism. In Bitcoin, this is done through gossiping.

This gossip mechanism means that for every transaction a user creates, many messages are being sent by the nodes. This allows an attacker to perform an amplified denial of service attack.

Photo by Ben White on Unsplash

Transactions do cost money to send, but only if they make it into the blockchain. If any conflicting transactions are created, only one will ultimately be included in a legal block.

There are many papers that consider this issue, and our SoK mainly focuses on Amplified DDoS, Information Eclipsing and 0-Confirmation policies, Privacy, and Incentives.

One of the most interesting questions in this area is how to balance DOS prevention and 0-confirmation requirement? On the one hand, nodes strive to avoid DoS attacks by not allowing the propagation of double-spend transactions. On the other hand, users want low-latency cryptocurrency systems and thus favor 0-confirmation policies. Mechanisms to meet these two conflicting goals would allow for a better user experience.

Another non-trivial question is about the rewarding mechanism in the system. Currently prevalent mechanisms incentivize nodes to keep transactions with high fees to themselves, instead of propagating them widely. This is obviously not desired from a system-designer point of view, as it slows down and compromises trade in the system. To alleviate this shortcoming, one must find better methods to align the incentives of nodes and cryptocurrency users.

Topology of the P2P Network

Just like many other communication systems, cryptocurrencies typically use P2P networks that are formed ad hoc to propagate information. New challenges arise in this setting as well. Several papers notice that knowing the topology opens the system up to attacks that compromise the privacy of users.

Photo by Anastasia Dulgier on Unsplash

Additionally knowing the topology can also help to carry out other attacks that split or partition the network. Splitting the network has disastrous consequences for the consensus protocol. Without the ability to relay messages between two parts of the network, an attacker can double spend and steal money.

Like in conventional P2P systems, it is also possible to carry out the so-called “eclipse attack” in which the attacker artificially increases its presence in the P2P network and for example causes more nodes to connect to it and might have higher control over the dispersal of messages across the network.

In our paper we survey: Discovery, Mapping the network, Eclipsing / Splitting the network, Man in the middle attacks, and papers that show empirical results.

An important open question refers to topology information hiding: How can the overlay topology be efficient yet make it hard for attackers to learn it and mount eclipse and hijacking attacks?

Answers to this question include discovery mechanisms that strike a balance between containing truthful information and DOS resistance, e.g., using overlay rotation and sharding mechanisms that minimize the information necessary to participate in a cryptocurrency network.

Off-chain payments channel

Scaling limitations and transaction latencies have led to a rich corpus of work exploring different blockchain scaling solutions, and off-chain peer-to-peer networks are emerging as the main effort. Off-chain or so-called “layer-2” protocols (built on top of the layer-1 blockchains) are typically defined as protocols that do not publish every transaction on the blockchain immediately (contrary to on-chain transactions). They rely entirely on the consensus algorithm of a parent-chain. The most widely known example for an off-chain protocol is Bitcoins’ Lightning network. Off-chain protocols rely on direct communication channels which establish a private peer-to-peer network. This network is governed by pre-set rules, e.g., a smart contract, allowing the involved parties to consent to state updates unanimously by exchanging authenticated state transitions off-chain.

In our paper, we examine the state-of-the-art research in 4 subfields: Routing and Channel Establishment, Routing in Large-Scale Topologies, Empirical Topology Analysis, and Offline Nodes.

Two interesting open questions in this domain are related to incentives and attacks. For example, by announcing low fees, nodes can launch a Denial-of-Service attack on transaction routing. Can we design a pricing scheme which on the one hand avoids these issues and on the other hand still incentivizes nodes to contribute resources? In another aspect, what strategies can the network deploy to prevent isolation attacks?

Summary

The field of cryptocurrencies is gaining increasing attention in recent years, and the open networking questions are fundamental. We believe that the networking aspects have not yet received the attention they deserve and hope that our paper can contribute toward more research in this space.

In this blog, we covered only a handful of the questions and researches presented in the paper.

The following table provides a summary of all the questions from the paper. The questions are structured around the methodologies needed to address them, from algorithms, over network protocols, game theory, security, to cryptography.

We encourage you to read the full ARES paper, and we will be happy to answer any questions.
https://arxiv.org/pdf/2008.08412.pdf

Maya Dotan — MayaDotan@mail.huji.ac.il
Yvonne-Anne Pignolet — yvonneanne.pignolet@gmail.com
Saar Tochner — saar.tochner@gmail.com
Stefan Schmid — schmiste@gmail.com
Aviv Zohar — avivz@cs.huji.ac.il