When the tide goes out, we see who is wearing a swimming costume
The vulnerabilities of Proof of Stake exposed
We have witnessed a meltdown in the crypto markets in April and May 2022, where there have been losses in value of tokens of 50% of many of the top projects. Proof of Work (PoW) chains such as Bitcoin or Ethereum may be bruised, but they are not fatally wounded.
Where it gets very interesting is the Proof of Stake(PoS) chains. Unlike PoW, which relies on computing scarcity, a PoS chain is secured on scarcity of tokens as the validators lock up tokens as Stakes, which gives them voting authority. In the “normal” market conditions, if someone wanted to buy up lots of tokens to mount an attack on the chain, the price would keep rising as the purchases are made; this would make an attack very difficult and certainly uneconomical.
What happens in a market of extreme fear and prices collapse, where there is a huge pressure from sellers? Could a buyer scoop up enough tokens to attack the chain? Before I examine why someone would want to do it, let’s look at how you could take over a PoS chain.
Ingredients
- A bucket full of tokens bought in a fire sale, you need to buy just over 33%, preferably 40–50%. Or you collude with token holders to delegate to you to bump up your voting authority by offering a share of the spoils?
Method
- Set up a validator node (or two)
- Stake the tokens acquired
- Use your voting power to approve changes to the binaries or smart contracts so that you can help yourself to the assets held on the chain or mint and/or burn tokens from other people’s accounts.
What is important to note is that in PoS or delegated PoS, voting authority comes with the size of the stake held with no upper bounds meaning it is possible for one or two validators to hold the majority.
The big question is why you would want to attack a chain where the tokens are nearly “worthless”, and everyone is trying to sell them?
What if the PoS chain’s native token has collapsed, but that the assets held on chains such as bridged Ethereum or Bitcoin have a greater value?
Let’s look at a simplistic case where a native token is actively trading at $0.08, and there are 100m tokens minted. The market capitalization is $8,000,000, and we need 40% to take over the network or $3,200,000. The Total Value Locked (TVL) of bridged assets, digital assets, and stable coins is $15,000,000 then the plan swings into action as the assets held on chain far exceed the cost of buying the native tokens and setting up the validator nodes.
How realistic is this? Given that in the space of 7 days to 12th May, we saw the price of Terra’s LUNA token go from $84.81 to $0.02, it is not unimaginable that such a thing could occur.
The pure tokenomics model of Delegated PoS or PoS, where size of Stake is all that matters, it becomes vulnerable when the value of the chain greatly diminishes, especially if the assets secured on the chain exceed the value of the tokens.
It is not only a case where the value of the tokens plummeting makes a chain vulnerable. Governance attacks can take different guises.
We saw the Juno Unity upgrade where the community used governance to move tokens against the holders will, as it was alleged that the tokens had been acquired in bad faith.
Beanstalk was exploited using governance to control the protocol and steal the tokens using flash loans from AAVE to acquire the required voting rights.
Proof of Engagement has layered approach
Proof of Engagement came about through many discussions and research, beginning with the question, “if we could design a consensus mechanism from the ground up, what would it look like?”. “We,” being Ethan Frey and I, with some help from our friends.
We didn’t need to start with a blank piece of paper, as PoS is a good starting point, but we were keen to address the issues we found when thinking about how it worked. We got a grant from InterChain Foundation to do some deep research and wrote the Proof of Engagement paper, which built on PoS and addressed our concerns around centralization, governance, and the incentive structure. In an earlier article, I wrote about securing a network with Proof of Engagement and outlined how PoE fosters collaboration as opposed to cooperation.
Ok, so we have done our research and put it into practice, so why would a PoE chain not be vulnerable to an attack as I outlined in a PoS chain?
The first line of defence is that voting authority is derived from a combination of stake and Engagement Points. Engagement Points (EP) must be earned and cannot be bought or transferred; moreover, to receive them, there is basic disclosure to mitigate Sybil attacks. Even if a big holding of tokens is accumulated to attack the network, the EPs will be missing, and thus it is harder to have the equivalent voting authority of the existing validator set.
The second line of defence is that there are 100 slots for validators, and for genesis, 70 validators were hand-selected, which makes it much harder to take over the network, which can run up to 33% dishonest validators before stopping.
The third line of defence is a sigmoid curve which has been implemented, so after a given point, it does not matter how many tokens you throw at the Stake, the voting authority is capped. You would need to corrupt a large number of validators to achieve 67% voting power; one validator cannot do this on their own.
The fourth line of defence is the Oversight Community which is self-sovereign and independent from the validators. The Oversight Community oversees the allocation of Engagement Points and has the authority through governance to punish validators through slashing or jailing, so if they became aware of an attack, they have the tools to disrupt.
The fifth line of defence is the Oversight Community governance; members are proposed and voted on; however, before they have full voting powers, they need to deposit escrow. The onboarding process and escrow means it is harder to take over the Oversight Community to prevent the slashing or jailing of hostile validators. The Oversight Community has the tools to slash a member’s escrow (and thus remove their voting powers until they add more tokens) or kick them out, again, this is done through a governance process of proposals and voting.
Why on earth did we build this? Such an attack seemed very remote, especially when we were seeing a nice inflow of money into the crypto space.
The motivation was to ensure that we built the most secure blockchain through the layers of defence in order that businesses can build on a chain and secure their assets. We envisaged that the assets managed on PoE networks to exceed the value of the native token used to secure the network, and we needed to ensure that they are protected from network attacks.
When inviting banks and investment funds to run on our network, do we really want to tell them a crypto winter would expose them to forgery of their digital currency and possible bankruptcy? Unlike much of the hack-a-week DeFi space, we focused on building the most secure foundation possible.
We implemented PoE for Tgrade, which will be launched soon.
