Plasma is not secure
(unless you watch it)
--
Our blog has moved! View this article on our new blog here.
The plasma framework is a layer-two solution for scaling on the Ethereum Network. It enables faster transactions and reduced (or possibly eliminated) transaction fees.
When all goes as expected
The user’s path with plasma is simple. A user deposits ETH (or tokens) onto the root chain using a dedicated smart contract that locks up their funds. Once funds are locked on the root chain, the plasma operator adds new funds on the plasma chain based on a UTXO system.
The user can then spend this UTXO quickly and with minimal fees by using the plasma network (which can come in many forms, like a complex multi-authority network, a DPOS or simply a “normal” centralized backend). When the user wants to withdraw the funds to the root chain, they exit, and the smart contract on the root chain unlocks the funds. Pretty simple right?
Once things go wrong…
Things start to get more complicated once you take a look into how the funds are secured. Luckily, plasma pulls through with a series of mechanisms that help protect your funds by comparing the data on the root chain to the information on the child chain. But, this is where it starts to get tricky.
Plasma is not secure if its users and the operator aren’t being watched.
Users could exit a UTXO that has already been spent, or the operator could go offline with your locked funds or even change the data in the child chain… By watching both the child chain and the root chain, you can detect these sorts of anomalies and react as soon as possible by exiting or challenging other users who exit.
Let’s be honest, who has the patience or know-how to watch these two chains and make timely exits to keep your funds secure? Not so many people.
That’s where Plasma Guard comes in 🎉
Plasma Guard is a MESG Application that uses the OmiseGO plasma chain and the OmiseGO Watcher. The goal is simple: make sure that your funds on plasma are secure, and if they aren’t, facilitate an exit or submit the necessary proofs to the root chain.
By accessing your private key, this application uses the OmiseGO Watcher to monitor the root chain and child chain for every invalid event (Byzantine event), then triggers the appropriate action on your behalf.
For example, let’s say a bad actor tries to exit with a UTXO that had already been spent.
The application will receive an event invalid_exit event then will automatically challenge this exit on the root chain.
With this challenge in place, a bad actor cannot withdraw the funds, and all the funds you deposited would still be yours.
Plasma Guard Demo:
This project could be used at different levels:
User level: Every user of a Plasma chain can run this application to make sure their funds are secure. This app may be useful for a Plasma chain with massive deposits that users don’t trust anyone to secure.
Developer level: Developers who create an application/business using Plasma can run this to secure some mechanisms, but will not be able to secure everything for users.
Business level: Create a product that uses the private key of the user to actively watch the plasma chain to exit on behalf of the user automatically. This could be risky, but would be a good intermediary solution if the product provides a good way to exit on behalf of the user.
I hope that you can get creative and find your own use of this project. So, feel free to have a look at it, run it and play with Plasma. Also, help is always welcome: there is still a lot of work to do to be able to handle all the possible byzantine events.
Application: https://github.com/mesg-foundation/application-plasma-exit
OmiseGO Watcher Service: https://github.com/mesg-foundation/service-plasma-omisego-watcher
Ethereum Contract Service: https://github.com/mesg-foundation/service-ethereum-contract
