Unlike other Proof of Stake cryptocurrencies, Tezos does not have the concept of preferred block validators, as this would imply trust. Tezos is 100% trustless platform, where every dynamic aspect is decided by self-adjusting algorithms.
Liquid Proof of Stake
Tezos uses a Liquid Proof of Stake system where validators are chosen on the fly based on data stored on the blockchain.
It is, therefore, an on-chain Proof of Stake system, with no external influence from manually selected parameters of any kind.
This is great in theory, but it raises the odds that the system could get attacked by a rogue participant.
So, how does Tezos protect itself from adversaries?
Let’s take a look at some common attacks and how Tezos guards itself against them.
Proof of Stake Attacks
First, we need to know what we’re protecting ourselves against.
We know that Proof of Work (PoW) cryptocurrencies, like Bitcoin, are vulnerable to 51% hash rate attacks. Although such an attack is absurdly expensive to carry out against a popular cryptocurrency like Bitcoin, it’s still something all PoW systems must consider.
So, what are the Proof of Stake (PoS) vulnerabilities? How does Tezos deal with each threat model?
Let’s take a look.
In a sybil attack, one user generates multiple personas to inject fraudulent votes into the system.
Fake users attempt to fool the system into believing several people are voting for something.
Sybil attacks are a very common Proof of Stake attack vector.
The simplest way to guard against sybil attacks is to make it expensive to create users.
Tezos requires a minimum of one roll (currently 8000 XTZ) for a baker to enter the staking lottery. At the time of this writing, one roll cost approximately U$ 16,000.
A rogue user who attempted to disrupt the Tezos network would have to invest millions of $ to buy enough rolls to be able to have a significant amount of votes in the protocol amendment and baking processes.
Just like attacking Bitcoin would require tens of millions of dollars per block, a sybil attack against Tezos would require millions of dollars in XTZ tokens. After the rogue user invests millions of $ in XTZ, it becomes more profitable to play by the rules and delegate their stake!
Just like Proof of Work, the Tezos PoS strategy guards against fraud by leveraging game theory. It’s much more profitable to play by the rules than to attempt to defraud the system.
As mentioned earlier, Tezos does not have manually chosen validators.
There’s no human influence in which bakers are chosen at any given time. Everything’s based on probability. The more XTZ you own, the higher the odds you’ll be chosen as the baker for the next block.
A rogue baker would, therefore, attempt to multiply their earnings by several means.
A common Proof of Stake fraud is to try to double bake a single block, thus doubling their block reward.
Tezos protects itself against this by requiring bakers to make a security deposit. Security deposits are counted in terms of bonds. Each bond equals 512 XTZ tokens.
When a baker signs a block, one of his bonds gets locked up for a period of 5 cycles (~15 days).
If a baker uses their turn to attempt to defraud the system, such as attempting to sign multiple blocks, their bonds get burned. The security deposit thus works against baking fraud by making it very expensive to attempt to subvert the system.
Denial of Service (DoS)
Proof of Stake coins are susceptible to various kinds of Denial of Service (DoS) attacks.
In a DoS attack, the adversary attempts to consume maximum system resources, normally by injecting large amounts of fake data into the system, as to deny access to legitimate users.
In a Proof of Work system such as Bitcoin, this kind of attack is very expensive because verifying SHA256 hashes is very inexpensive and crafting valid hashes for invalid blocks is just as expensive as legitimate mining. Thus it is not in anyone’s interest to try and generate valid hashes for invalid blocks.
Things are a bit more complicated in Proof of Stake. Since the information about a hash being valid or not (like counting how many zeroes in the prefix) is not embedded in the hash itself, the PoS system must check against some other trusted data source to see if a received block is legitimate. Remember, in PoS any block hash can be valid, because there’s no concept of network difficulty or zero-prefix hashes.
Since the verification of a valid block consumes system resources, if a rogue player decided to broadcast terabytes of invalid blocks, they could effectively grind the PoS network to a halt, with most nodes verifying fake blocks instead of legitimate ones.
Again, Tezos protects itself against this by making it expensive to generate valid looking blocks.
Tezos has the concept of endorsements.
Similarly to requiring security deposits, Tezos rewards bakers for verifying other bakers’ blocks. In order to verify and endorse someone else’s baked block, a baker must have made a 64 XTZ deposit.
When a Tezos node receives a block from the network, it checks how many endorsements the block has. This is a very inexpensive computation, just like Bitcoin nodes count zeroes in hashes. A block with zero or no endorsements is discarded. The block with the most endorsements is the only valid block.
In order to try and defraud this mechanism, a sybil-like attack would be required where someone would have to purchase endorsement rights, making it too expensive. Again, game theory comes into play. Endorsing valid blocks instead of trying to defraud the system would be more profitable.
Once an attack is detected, nodes may employ some kind of client-side host blacklist to avoid receiving more block spam from the same Internet address.
In this article we took a look at some common Proof of Stake attacks and how Tezos protects itself against them.
Game theory is one of the biggest weapons against fraud. Throughout the Tezos system, it’s always more profitable to invest the attack funds into legitimate participation.
The returns for honest baking and endorsing are much higher than risking a short lived attack which could cause your funds to be burned and lost.
Denial of Service attacks do not require active participation on the blockchain, therefore they are harder to punish for. A solution is presented where valid blocks get endorsed by users, a process by which requires a minimum investment. Nodes can then check for valid blocks by counting endorsements, which is a very inexpensive computational operation.
Featured image credit: Wikimedia Commons