The Basic Bitcoin Eclipse Attack

The goal of the attack is to manipulate the peer-to-peer network, so the victim node is obscured from the network because the attacker controls the traffic going to and from the victim node. The attacker would then try a double-spend attack and prevent the victim from getting information back about the bitcoin transaction.  The attacker could also coopt the victims mining resources or do selfish mining.

The Eclipse Attack depends on filling the ‘tried’ and ‘new’ tables of victim node with information pushed onto it by the attacker.  The attacker takes advantage of the Bitcoin Eviction Discipline which allows the attacker to send the victim node fresher IP addresses than what is currently stored in the ‘tried’ table.  The discipline forces the ‘tried’ table to pop older stale IP as the victim node receives fresh connection information from the attacker which is written into the ‘new’ table.

The attacker fills the target node with his information using ADDR messages because nodes in the bitcoin network are designed to accept unsolicited ADDR messages and store the IP addresses in the ‘new’ table.  The problem is that these new addresses are not tested for connectivity and can be trash IP addresses that are not part of the bitcoin network.  The attacker simply keeps sending trash ADDR messages until he overloads the victim node’s ‘new’ table with unusable IP addresses.

The attack is completed when the node restarts and tries to connect to the Bitcoin network using the IP addresses stored in the new and tried tables.  Once the victim node restarts it likely connects to the attacker IP addresses that were pushed onto the tables earlier because the victim node defaults to IP addresses on the ‘tried’ table since the ‘new’ table is filled with trash IP addresses it cannot connect to. This attack requires the attacker to have access to blocks of IP addresses that can pushed onto the tables before a restart occurs.

Once the victim node restarts and connects to the attacking node, the attacking node can then perform additional attacks such as the double-spend.  Since the victim node connections have been flooded by the attacker, it cannot connect to legitimate bitcoin nodes in the network, so it cannot receive information about the transaction and is therefore ‘Eclipsed’ from the network and vulnerable to additional attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *