The P2P Bucketing System in Witnet

Image for post
Image for post
Image for post
Image for post
Eclipsing implies monopolizing all the connections made by a peer.

Using buckets to store network information

Image for post
Image for post
Bucketing system example for tried and new tables
Image for post
Image for post
Bucket mapping for tried table as implemented in Bitcoin core
Image for post
Image for post
Bucket mapping for new table as implemented in Bitcoin core

Difficulty on eclipsing connections from the tried table

Image for post
Image for post
X refers to the number of outgoing connections monopolized by the attacker
Image for post
Image for post
Probability of an attacker eclipsing a node at synchronization time
Image for post
Image for post
Success rate of an attacker with random eviction/selection for different proportions of the tried table controlled and different number of outgoing connections
Image for post
Image for post
Expected number of addresses in tried when t addresses are trying to be inserted. Equation taken from [1].
Image for post
Image for post
Number of adversarial addresses needed to fill the table for different table sizes
Image for post
Image for post
The probability X is bounded by the number of honest addresses this time
Image for post
Image for post
Probability of eclipsing with test-before-evict
Image for post
Image for post
Attacker probability bound for different honest address proportions and maximum outgoing peers
Image for post
Image for post
Probability of eclipsing when c*n monopolized connections are needed with the test-before-evict countermeasure
Image for post
Image for post
Attacker bounded probability for different number of outgoing peers requiring at least 80%.
Image for post
Image for post
Attacker bounded probability for different number of outgoing peers requiring at least 80% consensus with 20% anchor connections

Considering the "new” table

Image for post
Image for post
Number of connections selected from tried
Image for post
Image for post
Probability of eclipsing when addresses are selected from tried and new randomly and addresses in new are honest
Image for post
Image for post
Attacker bounded probability for different number of outgoing peers requiring at least 80% consensus with 20% anchor connections and addresses randomly selected from tried and new
Image for post
Image for post
Consensus required vs probability of an attacker being able to make eclipsed node fork

Takeaways — Witnet bucketing parameters

Conclusions

References

Thanks you for taking the time to read!

Researcher at Witnet Foundation. Crypto and football lover

Get the Medium app