Researchers find exploit in 26 proof-of-stake coins; Cardano unaffected

31 Jan, 2019 | Updated: 31 Jan, 2019
by Will Heasman
Analysis
Researchers find exploit in 26 proof-of-stake coins; Cardano unaffected

A study undertaken by a group of student researchers has found a vulnerability within proof-of-stake (PoS) cryptocurrencies which could affect up to 26 coins, however, it appears Cardano (ADA) is not one of them…  

The vulnerability, dubbed “fake stake” allows a malicious actor to crash a network node running PoS, without having a majority stake, hence the name.

The researchers made the 26 affected cryptocurrencies aware of the potential exploit, producing the list below detailing both which cryptocurrencies are exploitable, and whether or not they had fixed the issue.  

the exploit lies within those cryptocurrencies running proof of stake version 3 (PoSv3), this consensus model is based off Bitcoin’s UTXO model, essentially copying a Proof of work concept and reworking it for PoS; something which evidently caused exploits.

“Essentially, [Fake Stake attacks] work because PoSv3 implementations do not adequately validate network data before committing precious resources (disk and RAM). The consequence is that an attacker without much stake (in some cases none at all) can cause a victim node to crash by filling up its disk or RAM with bogus data. We believe that all currencies based on the UTXO and longest chain Proof-of-Stake model are vulnerable to these Fake Stake attacks.” Reads the researcher's post.

In laymen terms, they tried to jam a PoW puzzle piece into a PoS puzzle…

Cardano appears to be invulnerable to these types of attacks, due to the fact that the project team built ADA from the ground up rather than simply using an existing model. IOHK specifically mentions the finding of this recent flaw in an official blog post, detailing how they did things differently:

“For Cardano, IOHK took a different approach. Instead of finding a minimal variation of bitcoin, we relied on world-leading academics and researchers to create a new protocol and codebase from scratch, with the requirement that it should provide equivalent (or better) security guarantees than bitcoin, but rely entirely on stake. The result is the Ouroboros protocol3, the first provably secure PoS protocol, upon which Cardano is built”

Read more: Charles Hoskinson says it could take 10+ years for crypto to regain 2017 high

Follow Chepicap now on Twitter, YouTubeTelegram and Facebook!

Poll

Do you own any affected cryptocurrencies?

(40 votes)

Add a comment

It's a shame that documents such as this are not more visible to the investment community. Maybe people feeling compelled to say Cardano is slow to move and needs to be like other project that make being first to market a Number 1 priority....would be more inclined to sip on a nice warm glass of shut-the-hell-up!

Not doing, "due diligence", with regard to coding security and ensuring scale ability features on mission critical applications i s a foolish rookie mistake! Projects having to go back to the drawing board should not be regarded as further -long than Cardano!

Skimping on these areas has a potential catastrophic effect
06 Feb, 2019 - 17:58

Check out the latest news

You will be logged out and redirected to the homepage