Security Review of Ethereum Beacon Clients

23 Sep 2021  ·  Jean-Philippe Aumasson, Denis Kolegov, Evangelia Stathopoulou ·

The beacon chain is the backbone of the Ethereum's evolution towards a proof-of-stake-based scalable network. Beacon clients are the applications implementing the services required to operate the beacon chain, namely validators, beacon nodes, and slashers... Security defects in beacon clients could lead to loss of funds, consensus rules violation, network congestion, and other inconveniences. We reported more than 35 issues to the beacon client developers, including various security improvements, specification inconsistencies, missing security checks, exposure to known vulnerabilities. None of our findings appears to be high-severity. We covered the four main beacon clients, namely Lighthouse (Rust), Nimbus (Nim), Prysm (Go), and Teku (Java). We looked for bugs in the logic and implementation of the new security-critical components (BLS signatures, slashing, networking protocols, and API) over a 3-month project that followed a preliminary analysis of BLS signatures code. We focused on Lighthouse and Prysm, the most popular clients, and thus the highest-value targets. Furthermore, we identify protocol-level issues, including replay attacks and incomplete forward secrecy. In addition, we reviewed the network fingerprints of beacon clients, discussing the information obtainable from passive and active searches, and we analyzed the supply chain risk related to third-party dependencies, providing indicators and recommendations to reduce the risk of backdoors and unpatchable vulnerabilities. Our results suggest that despite intense scrutiny by security auditors and independent researchers, the complexity and constant evolution of a platform like Ethereum requires regular expert review and thorough SSDLC practices. read more

PDF Abstract
No code implementations yet. Submit your code now

Categories


Cryptography and Security

Datasets


  Add Datasets introduced or used in this paper