What is an Eclipse attack?
Most attack scenarios on the public blockchain are difficult to implement. They require a large amount of computing power, which makes them infeasible. But hacking a single node or user is not a rare phenomenon.
An Eclipse attack is an attack executed within the Peer-to-Peer network. It can only be deployed in a decentralized environment, as it targets single nodes that accept incoming and outgoing connections from other nodes.
For example, the bitcoin network, by default, has a maximum of 117 incoming and 8 outgoing TCP connections.
In an Eclipse Attack, the attacker attempts to redirect the target's connection from its neighboring nodes to the ones under the attacker's control. As a result, the victim is isolated from all honest peers, but remains connected to the attacker's node.
In other words, an Eclipse Attack is about gaining control over access to information on a P2P network.
How do attackers eclipse nodes?
Attackers usually use a botnet to accomplish this task. For this purpose, they create a phantom network from host nodes to flood the target node with multiple IP addresses that it can synchronize with during the next connection to the blockchain.
From this point on, the hacker simply waits for the target to connect to those nodes.
Sometimes it takes several attempts to hit the timeframe between automatic reconnections.
In essence, this attack works a lot like fishing. The hacker uses false connection addresses as bait and waits for the node to lap it up. Then he makes a quick strike and gets his “catch” to the shore, far from the native element.
What kind of "fish broth" can be made of a successful Eclipse Attack?
During an Eclipse Attack, the attacker hides the actual state of the blockchain ledger from the target and gains several options for generating criminal profits.
1. Double spending. If the attacker's nodes account for 25% of the total network hashing power, and the target node accounts for 26%, they can get the coveted 51% and a chance of double-spending by taking control of a node. That is, a hacker can send funds to a controlled node that have already been sent to other addresses. Then the compromised node receives information about a false transaction and returns all the money to the attacker's address. The fraud will be revealed only when the victim of the attack gets free and connects to the correctly working nodes.
2. Stealing processing power of a miner. The hacker hides the information about blocks that have already been mined from the target, thereby pushing the victim to waste processing power on useless calculations. In this way, the attacker increases their personal hash power and wins the validation race (we extensively covered this case in our article about selfish mining). Or they may combine their hash rate with the target's power for more efficient mining and get all the fees.
Are there any ways to prevent an Eclipse Attack?
This is so far a purely theoretical question.
An attack can be eliminated if the peer-to-peer network design enables synchronization with the blockchain through random nodes. The network, where each node connects to the neighboring node, will always be at risk of being attacked.
Some security experts also suggest an alternative safe system, where each node connects to a large number of targets. That is, the network with an increased number of TCP connections. But this would greatly complicate the blockchain architecture and slow down transaction speed during the synchronization.