I. Introduction
I. Introduction
Different from the centralized oracle machine based solely on a trusted third party, the NEST distributed oracle machine hopes to allow as many users on the chain as possible to participate in the process of determining the price conversion relationship, thereby further improving the reliability of the output data results of the oracle machine performance and the security of the entire oracle system.
It is precisely because of this characteristic that distributed oracles often encounter problems that data cannot be effectively verified, such as malicious miners providing malicious quotations to affect prices. In order to solve this problem, NEST designed a quotation-taker submission verification mechanism, which allows the verifier to trade according to the quoted price to obtain the assets pledged by the quoter, and re-propose a quotation for correction. In this way, the NEST distributed oracle machine can effectively limit malicious quotations to a certain extent, and can also correct malicious quotations in a timely manner.
However, the smooth operation of this method for price correction is based on the fact that taker transactions and new quotation transactions can appear in new blocks on the chain in a timely manner within the verification period. As we all know, the current group of miners in the entire blockchain network is no longer working alone as it was at the beginning. In order to ensure the stability of income, miners will organize together to form a mining pool to achieve the integration of computing power.Because under the consensus of Proof of Work (PoW), greater computing power means a higher probability of gaining benefits.
The essential problem caused by the emergence of mining pools is their monopoly on transaction packaging rights.Because in the public chain, only the miners or mining pools that have dug the block can decide which transactions should be included in the next block, and the mining pool often has an overwhelming advantage in computing power compared to a single individual miner. Under certain circumstances, those mining pools with larger computing power will choose to package some transactions that are beneficial to themselves or have higher transaction fees, even though these transactions may not be the first to be announced on the chain.
When this situation occurs in the NEST distributed oracle machine, the submitted new quotation cannot be verified in time within the verification period, which will eventually cause NEST to output wrong price data, which will cause some mining pools to capture arbitrage Opportunities, which in turn threaten the environmental security of the entire DeFi ecosystem.secondary title
2. Attack process and analysis
In order to facilitate the explanation of this attack method, we first assume that all members participating in mining are mining pools (a single miner can also be regarded as a mining pool with a small computing power), and each mining pool has different sizes of computing power. , and each other knows their respective computing power ratios.
First of all, before launching an attack, malicious mining pools can pre-hoard cryptocurrencies for arbitrage through flash loans and other methods. For example, malicious mining pools will hoard a large amount of ETH in advance, and then manipulate the price ratio between ETH and USDT to achieve arbitrage.
Next, the malicious mining pool will make a quotation to NEST, which will have a huge difference from the current actual market price. Since there is a huge difference between the quotation and the actual market price, it means that there is a huge arbitrage space. Therefore, during the verification period with a duration of S blocks, according to NESTs own order verification protocol, there must be a verifier who proposes a taker transaction and makes the most reasonable correction to the offer to obtain the maximum benefit.
At this time, when assembling the blocks of each verification period, all mining pools are faced with two identical choices, pack the transaction into the next block being assembled by themselves (or their own quotation for this quotation Make a taker and requote) or not package the quote into the next block being assembled (or not propose this taker transaction). Since all mining pools know each others computing power ratio and the strategy choices they can adopt between each other, during the verification period, whether each mining pool chooses to correct the quotation can actually be regarded as the decision of all mining pools. Multiple mutually independent complete information static games played together. And the one that can determine the final result of the whole game is the so-calledNash Equilibrium, is the income of each participant in various decision-making combinations, because each participant will choose the decision that maximizes his own income in various situations.The prisoners dilemma is a typical static game with complete information.
If a mining pool chooses to revise the quotation, then it is obvious that the mining pool can get benefits immediately. We assume that the profit corresponding to the revised quotation is a. And if a mining pool does not choose to correct a quotation, it seems that the mining pool cannot get immediate benefits, but the mining pool can also hoard the cryptocurrency involved in the malicious quotation, and finally carry out arbitrage after the quotation is established. We can set this final payoff to be b and usually have b > a.
But we need to notice that in the blockchain, only the mining pool that has dug a new block can obtain the bookkeeping right, that is to say, even if a mining pool chooses to correct the malicious quotation immediately, it can only obtain a income, and this probability is proportional to the computing power of the mining pool, so we can express the income of a mining pool choosing to correct the quotation as Pia. Similarly, if the quotation is not revised, after the quotation is established, the income that a mining pool can obtain is also Pib. However, once the quotation is corrected, the subsequent game will no longer exist, which means that all mining pools will not get b income. Therefore, in fact, when the mining pool decides the transaction content of each block during the verification period, all its The two benefits considered are actually as follows:
Among them, T represents the decision of the mining pool, Y represents the modification of the quotation, and N represents the non-modification of the quotation; Pn represents the probability that no modification of the quotation will appear in all subsequent verification period blocks.
secondary title
3. Analysis and summary
As mentioned above, the mining pool may rely on its own advantages in computing power to delay and hinder the correction and update of quotations, thereby using the NEST oracle machine for arbitrage.But this is not just a problem faced by the NEST oracle machine. In fact, the concept of decentralization of the entire blockchain is being impacted by the phenomenon of mining pools. Therefore, how to solve the problems caused by mining pools is up to us. An inevitable challenge on the road to true decentralization.
