anthonyche
commented
2 years ago Contract DoERS-C includes three exploitable functions that aim at depleting CPU, memory and IO resources, respectively, on the victim node. Specifically, function exhaustCPU runs a loop of hashing computation. Function exhaustIO runs a loop of storage updates in order to incur IO operations。Function exhaustMem runs a single operation (EVM instruction CODECOPY) to allocate a large array in memory.
三种智能合约,分别针对消耗CPU, 存储空间和IO资源,在受害者节点上,消耗CPU的函数执行一系列循环的哈希计算, 消耗IO的函数执行一系列循环的存储更新来执行IO操作。 消耗内存的合约执行一个单一的操作,CODECOPY在内存中分配一个大数组。all take an argument called payload size, which controls the number of iterations of the loop
payloadsize控制循环中迭代的次数。The attacker client deploys the DoERS-C smart contract to Ethereum by sending a transaction. This step costs a small amount of Ether. 2) The attacker sends one or multiple eth_call RPCs to the victim node to trigger one of the three exhaustXX functions in DoERS-C
首先把DoERS-C部署到以太网上,通过一次“转账”,这一步会消耗一小部分的以太币,然后发送一个或若干个eth_call给受害者节点来触发这些恶意的功能。 By specifying a large payload size, the execution of these functions incurs a large amount of resource consumption on the victim node. The purpose here is to cripple the node’s functionality in block/transaction syn- chronization, serving co-siding RPCs, blockchain mining, etc 通过指定一个很大的负载大小,这些方法的执行会导致一个很大的资源消耗,目的是瘫痪节点的功能性,如块同步,转账同步, 挖矿等。
In practice, the configurations of Ethereum nodes may thwart the above basic attack For instance, Ethereum’s Gas limit, if configured, would limit the amount of computation that can be incurred by each DoERS request. To evade the protection, a sophisticated attacker should lower the payload size to avoid triggering the Gas limit, and instead send multiple such smaller DoERS requests at a certain rate to make the service unavailable to the victim. 在实践中,以太坊节点的配置可能会挫败上述基本攻击。例如,如果配置了以太坊的Gas限制,将限制每个DoERS请求可能产生的计算量。为了逃避保护,老练的攻击者应该降低有效载荷大小,以避免触发Gas限制,并以一定的速率发送多个这样的较小的DoERS请求,以使服务对受害者不可用。
Measuring Blackbox Load Balancers: Methodology
黑盒负载均衡器探测,方法
Given an incoming request, the load balancer makes a decision regarding which RPC peer on the service backend should the request be forwarded to. 给定一个传入的请求,负载均衡器会决定请求被转发到服务后端的哪一个RPC对等点
四个问题: Given two RPC queries from the same IP and with the same API key, does the load balancer forward them to the same RPC peer? 给定两个RPC查询,来自同一IP,同一个API key,负载均衡器会把他们传到同一个RPC 对等点上吗?
Given two RPC queries with different API keys, does the load balancer forward them to the same RPC peer? 给定两个查询,API keys 不一样,负载均衡器怎么传送?
Given two RPC queries from different IPs, does the load balancer forward them to the same RPC peer? 给定两个查询,IP不一样,负载均衡器?
Given two RPC queries with the same API keys and same IP but sent with T T seconds apart, does the load balancer forward them to the same RPC peer? 给定两个查询,API keys一样,IP一样,中间间隔的时间不一样,负载均衡器。??
To detect load balancing in a blackbox service, our key idea is to exploit the way that Ethereum clients including both Geth and Parity handle orphan transactions.
核心思想 : 利用以太网client处理 孤立转账事务(OT)的 方法
each Ethereum transaction is associated with a count, called nonce, from its issuing client. 每个以太坊交易都与来自其发行客户端的一个名为nonce的计数相关联
Given the nonce of the latest transaction of a client, an orphan transaction is a transaction sent from the same client and with a nonce no smaller than nonce+2 对于同一个客户端的转账,上一笔是nonce,下一笔就应该是nonce+2,这就是OT
Menace of DOERS
blockchain systems support the Gas-free execution of a smart contract on an individual RPC node, such as Ethereum’s eth_call RPC.Unlike the transaction-triggered smart contract execution, the eth_call-triggered execution occurs locally on the recipient RPC node, and its state update, if any, will not be propagated to or reflected in the global blockchain state. 区块链系统支持某个智能合约的无Gas执行,在一个孤立的RPC节点上,例如以太坊的eth_call RPC, 和一些转账(transaction)触发的智能合约执行一样,eth_call触发的执行发生在本地接收的RPC节点上,如果有状态更新的话,不回传播或反映到全局的区块链状态中。
our attack exploits a unique weakness – Gas-free contract execution on RPC-enabled Ethereum nodes
overcome the protection already in place on each Ethereum node, such as limiting each call’s Gas (i.e., Gas limit) and time (i.e., timeout), through strategically delivering continuous queries at an alarmingly low rate below the victim’s rate limit
Understanding how it works is critical to the success of an attack targeting a specific DApp or a specific client of the DApp. For this purpose, we performed an analysis and measurement study on Ethereum.
Mesurement and findings
More specifically, there are three types of nodes in an Ethereum network: the nodes not accept- ing any RPC requests (non-RPC nodes), the nodes with public RPC ports, responding to the requests from any web clients (public RPC nodes), and the nodes with private RPC ports, only communicating with specific web servers (private RPC nodes). 在以太坊网络中有三种节点 1是不接受任何RPC服务的节点,2是有公共RPC端口的节点,3是私有RPC服务的节点,只和特定的web服务交流
our research focuses on measuring these private nodes.
detected the presence of Gas limits on the private RPC nodes in nine leading RPC services. We proposed a detection technique that makes eth_calls with varying Gas amounts and performs a binary search to find out the Gas limit. The measurement reveals that five out of the nine major RPC services do not configure Gas limits of any kind and the other four set a rather nonrestrictive limit of more than 1.5 block gas. block gas limit就是一个块中所有交易可以消耗的最大gas量。
Further we looked into the load balancers deployed by the nine third-party RPC services. To reverse-engineer their operations, we developed a novel probing technique based upon orphan transaction, which stays on one node without being propagated to others.
Our approach delivers one orphan transaction through a given RPC service and then sends in the second one that attempts to double-spend the first. If both are assigned to the same node by the balancer, the second transaction will fail (as it double-spends the first one), and otherwise, it will also go through (as the two transactions reside on different nodes) 负载均衡器的探测技术
Our study reveals different load-balancing strategies, assigning requests to nodes according to the client’s IP (e.g., ServiceX5), service API key (e.g., ServiceX4) or timings of RPC calls (e.g., ServiceX6)
Based upon the discoveries, a DoERS attack can be adjusted to target a DApp, a client or the client’s visit to a given DApp, depending on their RPC services’ balancing strategies
The DOERS Attack and research formulation
Our threat model involves three actors: an attacker sends one or multiple malicious, crafted RPC requests to an Ethereum RPC service that also serves the regular RPC requests from a benign client
The Ethereum RPC service can be a single Ethereum node choosing to accept RPC requests (the basic model) or a a group of Ethereum nodes behind a frontend infrastructure (e.g., load balancing) to accept RPC requests