ETH 2.0 Phase 0 Reviewed by Auditers, with Attack Vector Warnings
Working with the Ethereum 2.0 team, security consultant Least Authority reviewed Ethereum’s network update to Proof of Stake (PoS) from Proof of Work (PoW), specifically its upcoming initial phase – Phase 0: Beacon Chain.
In their report, the auditor described the specifications as “well thought out and comprehensive,” adding that it’s “clear that security was strongly considered by the Ethereum 2.0 team during the design phase.”
Two important things had to be considered: 1) there’s no other large-scale implementations of a PoS system and its real-life use to compare this one with; 2) the audit consisted of reviewing a specification as opposed to a coded implementation. Therefore, the attack vectors they identified “were necessarily based on certain assumptions and theory,” said the team, meaning that there may be some difference between the model and implementation in practice, and specifically for ETH 2.0.
That said, given that it’s critical to lay a strong foundation for a network, Least Authority found two areas with vulnerabilities that may make them potential attack vectors, saying that these would benefit from further review and additional documentation: Block Proposer Election System and the Peer-to-peer (P2P) networking layer.
Meanwhile, the Ethereum team had an Into the Ether livestream hangout: Quarantine Edition, yesterday. As specifications for Phase 1 are already being worked on, Prysmatic Labs Co-founder and Ethereum Protocol Developer, Preston Van Loon, said that there’s no reason to wait for Phase 0 to be fully done before starting the work on other phases, and that they are being developed simultaneously. That’s why these phases are “kind of like an incremental add-on” so he expects Phases 1 and 2 to roll out faster than Phase 0.
At pixel time (13:19 UTC), ETH trades at c. USD 135 and is down by 0.6% in a day, trimming weekly gains to less than 9%. The price dropped by 48% in a month and is down by 3% in a year.