Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
This issue describes a feasible way to gain a dishonest majority in the first two epochs.
Gaining an early dishonest majority
If an attacker can control their index in the deposit tree (this seems feasible), then it would take
Influencing future shuffling
An attacker with a block-producer majority gains the standard 1-bit of control by submitting/withholding a block.
Additionally, an attacker can also choose thier randao reveal (to some degree) by choosing their private key. Note that the attacker has a long time (now until genesis) to compute these private keys.
Some rough calculations show that gaining full control of future shufflings is infeasible, but some degree of control is possible.
Breaking eth1 linking
If used with above attack (influencing future shuffling), it may be feasible for the attacker to produce a majority of the blocks the
We have not looked into the feasibility of this attack.
As discussed, Paul and I agreed that the simplest way to avoid this attack is to use the