AltcoinsTechnology

Researcher: Ethereum Network’s Reliance on "Fast" Sync Could Expose a Major Security Flaw

The crypto community has been enthralled in recent days by recent developments regarding Ethereum’s total supply – which remains a mystery despite attempts from Ethereum developers and community members to clarify the confusion.

Pseudonymous researcher “Datavetaren” is now noting that a flaw within the default network structure of Ethereum could open the gates for a bad actor to arbitrarily adjust the cryptocurrency’s monetary supply for themselves.

This potential exploit could come about due to the network’s heavy reliance on a "fast" sync mode that Ethereum Geth nodes default to.

This Fast Sync Exploit Could Allow Attackers to Adjust the Ethereum Monetary Supply

Concerns regarding the lack of clarity surrounding Ethereum’s circulating supply have led one researcher to muse the possibility that savvy attackers could exploit the network and adjust the monetary supply however they choose.

Ethereum nodes, by default, run fast syncs that help increase the speed at which the node connects to the network.

Rather than starting from the genesis block, a fast sync allows the node to only sync two weeks of transactions by locating the chain with the most proof-of-work.

Datavetaren discussed this facet of the Ethereum network while speaking to The BTC Times, saying:

In Ethereum, it's impossible to compute the money supply in advance for a given block height. Also, everybody that joins the Ethereum network relies on ‘fast sync’ that blindly accepts an older state to be true.

 He further explained that the heavy reliance on fast sync exposes what could be a major flaw for the network, with a savvy attack allowing bad actors to create an “arbitrary money supply for themselves.”

With a proper attack, syncing a new fast node allows the attacker to come up with an arbitrary money supply for themselves. It's scary to think what could go wrong if an exchange had to restart their Ethereum node from scratch.

Currently, the time required to conduct a full sync of the Ethereum blockchain is north of 30 days, which is part of the reason why Ethereum users have become so reliant on fast syncs. An Ethereum full node takes up over four terabytes of computational space, according to Etherscan.

 Datavetaren elaborated on the process to conduct such an attack in a recent thread of tweets, in which he explains that the system could be gamed if someone creates a reorganization of the blockchain that extends further than two weeks.

The only thing to ‘game the system’ is if you can create a reorganization that is more than 2 weeks. Then ‘fast sync’ will not be the same as ‘full sync’ which is highly problematic. There's no more consensus.

The scenario in which this becomes a real possibility is if the blockchain splits in two due to a large disagreement within the Ethereum community and denigrates the hash power existing on each chain. 

DISCLAIMER:

At the BTC Times, we decided to responsibly cover news about altcoins from time to time, provided that we consider them relevant for Bitcoin or interesting for our readers. The goal of these articles will always be to inform, explain, clarify, debunk, and expose, sticking to the objective facts and qualified technical opinions, and never to promote, advertise, or legitimize "coins", "tokens", or other investment propositions.

author avatar image

written by

Cole is a journalist who has been covering the crypto market since 2017. His interest in Bitcoin was first sparked in 2013 and has only grown since.