Fact: Steemit Sybil Attacked the Steem Blockchain

in #steem5 years ago

I've been having a number of Twitter conversations today about the Tron/Steemit/Steem drama. There are a lot of people very concerned about this situation and rightfully so. On February 15th, I tweeted this:

image.png

If you've been paying attention the last few weeks, things have gotten really interesting, bringing a lot of media attention such as:

People are emotionally connected to this story because it may impact the way their blockchain property is defined and secured. For a really interesting discussion on property (and this whole Steem debate), check out this conversation:

The second part of the conversation was really interesting because it challenged some of my perspetives on property, mainly that if it's not rivalrous, is it really property? I also appreciated the distinction between value and property. Many, I think, are more concerned with their value being negatively impacted than they are about their property.

There are many sides to the current discussion. Some see the actions of the community consensus witnesses as "theft" because they (temporarily) froze tokens they did not own according to non-blockchain legal frameworks. They did so with support of token holders as demonstrated on chain by the one witness who ran v0.22.3 (which also disabled voting rights, but didn't hinder transfers) being voted out of consensus. They responded here. Some argue there is a legal case to be made about the expectations set on that property and there may even be a fraud cause in the future between Ned and Justin for selling something without full disclosure about the commitments associated with that stake.

I personally think this won't go anywhere because, as has been pointed out on Twitter, the Steemit about page contradicts whatever things Ned said publicly about the Steemit stake (and, in a sense, even the 2017 roadmap statements).

image.png

But then there's also this... so... yeah.

image.png

We can go back and forth on this, but ultimately it comes down to the rules on a blockchain are defined by the consensus algorithm of that blockchain. If those rules are followed and those in consensus control are asked to take action to protect the chain, that's in line with the rules. Not everyone may agree, but the rules are still the rules.

The valid chain is based off DPoS consensus. The ninja-mined stake has a complicated past (witnesses were asked by some to fork it off the chain last year, something I will not support). v22.2 temporarily froze the issuer tokens (it was a difficult decision), hoping to communicate with the new owner who had not talked to the community yet (but did make statements, some saw as threats, about the future of their token and blockchain). The response from the new owner was immediate and positive, saying a community town hall would take place. Unfortunately that meeting was pushed far enough into the future to coordinate with exchanges to vote with customer stake to take over and centralize the chain with 20 sock puppets.

Exchanges voting with customer funds was always a theoretical threat to DPoS (HF14 on Steem introduced decline_voting_rights as a way to help with these things, but that's back when the power down was two years, now it's 13 weeks). Now it's a historical reality.

The rules (currently, until they are updated to remove this threat) also allow custodial holdings to vote without the intentions of the "owners" (I use quotes because not your key, not your token) taken into account.

What really happened here and what concerns me most is a Sybil Attack.

In a Sybil attack, the attacker subverts the reputation system of a network service by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder.

If you're not familiar with Sybil attacks and why they are so dangerous to Byzantine Fault Tolerant systems like blockchains, I suggest being less vocal on Twitter until you do.

Steem was Sybil attacked.

Steemit and Justin Sun did it.

Are you okay with that?


(P.S. We have friends staying with us this weekend who planned their trip months in advance. I will not neglect their friendship. I may not be super available this weekend.)

Sort:  

Steem is designed for an easy 1/3 + 1 attack. What is more, it's designed through the multivote rule to be 100% controlled by a very small number of top SP holders.

I've asked in comments several witnesses about opinion. If I'm not mistaken, none did.

@lukestokes Are you OK with the 30 for 1 centralization rule? https://steempeak.com/palnet/@hotbit/steem-blockchain-multivote-security-vulnerability

Why no community witness had the courage to express his support or the lack of thereof for the centralization multivote rule?

The nature of the issue of with imbalance caused by the witness voting setup has been discussed publicly ad nauseum in the past by me (a witness) and numerous other people. It is true that I personally have never heard some of the top witnesses comment on it, but then I haven't heard some of them comment on much at all.

Solutions to prevent this will be explored. I'm not yet convinced 1t1v (one token, one vote) is the best approach, but it may be an improvement.

As shown in my article, current voting rules cause centralization and recently allowed exchanges to set up all 20 top witnesses.

Interesting, that community witnesses talk a lot about decentralization but avoid any discussion about the power centralizing voting rule.
Another similar post didn't get much traction among the big guys either or didn't get upvotes from the big guys either.

When I brought it up years ago, crickets.

I have been involved in conversations on the EOS side of things about this also and though 1t1v may be better, what high value DPoS chains are using that approach now? Making changes can introduce risks.

I agree, this needs to be talked about more, especially now.

You are the (almost) only one from the people somewhere on the witnesses list who addressed this issue at all.
Thumbs up for this. Thanks.

From my perspective of small fry, it's a delicate political issue the majority of people (witnesses) do not want to talk about in public.

A hard cap limit on mvests witness influence per account in combination with limited number of votes or 1t1v is an improvement.

Steem is designed for an easy 1/3 + 1 attack.

That is very innacurate...1/3 +1 only gives the "attacker" the ability to block a hardfork but you cannot takeover consensus...for that you need 2/3 +1.

What is more, it's designed through the multivote rule to be 100% controlled by a very small number of top SP holders.

It designed for the majority stake to dictate consensus. The number of accounts holding the SP is irrelevant to the consensus logic. This favors centralization.

The real threat is voter apathy. Before this whole incident started only about 28% of the stake was voting (it might have been less so I might be wrong on the exact number). With that level of participation and combined with the 30 vote rule you only need 29% of the stake to take over the witness positions.

Mix in some colusion with exchanges and you have exposed the DPOS vulnerabilities.

The solution seems obvious...limit the number of seats that an account can vote on and incentivize voting (maybe direct a portion of the inflation for that). Although limiting the amount of positions introduces other risks (such as the blockchain forking if no one can control consensus).

"...for that you need 2/3 +1..."

No. All you need is 51% of stake voting. That is what determines how many witnesses control consensus.

Worse, the weight of stake is currently subject to vast multiplication via the 30 votes availed stakeholders. To wit:

User A has 1M Steem. Casting 30 witness votes worth 1M Steem each gives them 30M Steem influence on governance. User B has 100 Steem. Casting 30 witness votes gives them 3000 Steem influence on governance.

The difference between the stake held by these users is 999,900 Steem. The difference between their influence on governance is 29,997,000 Steem. This multiplication of stake weight dramatically centralizes influence on governance, which consensus witnesses have failed to previously resolve.

Clearly, this is a problem, and strongly lends support to accusations of corruption of Steem governance. It's long past time for this deception and centralization of Steem governance to end - possibly too late to save the Steem community from the Sybil attack it has promoted. Other limitations on stake influence on governance is necessary, but accurate weighting of stake influencing governance is absolutely a necessary component of securing Steem from Sybil attacks.

I am provided estimates of Tron's present stake of ~100M Steem. This theoretically enables Tron to deploy 3B Steem influence on governance. That is utterly untenable now, or ever.

That is correct with the current voting rules.

That is very innacurate...1/3 +1 only gives the "attacker" ...

https://steempeak.com/steemtron/@lauch3d/there-is-no-51-attack-in-steem

Good thing we can agree on reducing the number of witness candidates a vote can be cast on. Most importantly, should be 1SP = 1 vote. One can vote on 5 candidates, but each would get only 0.2SP worth of votes.
30 is too many, no average person can make an educated decision about so many candidates. See my post for the details.

The workaround against both options is to simply split the stake to different accounts. Both make it more difficult to overtake the chain with a minority stake but it's better than the alternative.

The current setup allows for a 51% attack instead of the theoretical 2/3 +1 that is needed today...that is very clear.

Limiting the number of blockproducers that a stakeholder can determine has other tradeoffs so it's a complex problem.

The workaround against both options is to simply split the stake to different accounts.

No, it's not. See A splitting stake to A1 and A2 in my article. He can maximize usage of his stake, but still unable to take all the seats.

Limiting the number of blockproducers that a stakeholder can determine has other tradeoffs so it's a complex problem.

If you can point out these tradeoffs. I can't see any. 1 SP = 1 vote simply allows for better decentralisation. JS made an educated decision about 20 candidates, but the average person would not :)

I can imagine a situation where 2 or 3 different versions of the code are running side by side that create different forks that do not agree on the last irreversible block. Each version being supported by different cartels with no clear way of breaking the tie.

this.

Maybe witness will finally understand this after the shitshow is over and finally securing the chain as intended.

Maybe not...

Are there other high value DPoS chains doing 1t1v?

I'm open to pushing for changes, for sure, but please also recognize exchanges voting with customer stake to Sybil attack a chain is unprecedented. It was always a theoretical risk, but was previously considered low probability.

I can't offer a solution at the moment because i haven't spent enought time to research. But there a good start to solve is the fact that 1 stake can vote 30 times. The bigger stakes are the ones defining who are the witnessess. It would be like whoever got the most money decided who the country congressman are.

There is consensus, but no discussion if all congressman have the same agenda.

But using exchanges stakes to help the attack is no different than buying a shitton of tokens and doing the same thing.

Even if it was a theoretical risk with low probability it was a risk with high damage effect.

In risk management you don't only consider the probability, but how big is the damage if that event happen.

Is that design more aligned to a republic or democracy type system?

Each user must decide for himself in what proportion he makes to divide the votes for witnesses. He can vote for only one or break own vote into 30 parts - that's his personal right. I think the current DPOS system is far from ideal and pretty unfair.

How do you suggest we improve it?

As they wrote, change to one account only gets one vote; or votes correspond to their original SP, and one can vote to one single witness or divide it into any proportion as one like, then votes to any number of witness.

I think the one vote Idea will be a problem, because you could create several accounts and make a vote. I guess the second Idea is the better and fairest one.

No. That don't actually matter, cause the votes are original SP weighted. More accounts with the same SP don't have more effect.

I know, but I mean it wouldn't make much sense to have the first option because you could only make one vote based on your SP, but you could still split your SP into several accounts ( with less voting power on each account) with the possibility (all accounts together) to vote for more than one witness. That's why I think the second option would be better because it would prevent people from creating more accounts than actually needed and it is easier for the user to handle one account than two or more.

I think he listed some suggestions in the beginning of his comment.

Sorry @lukestokes but what is happening is a consequence of the witnessess actions.

Yes, Justin Sun did a shitty move, and it was an attack.

But this kind of attack was possible because you witnessess ignored the problem for a long time.

And you can't say that this was never brought up. But witnessess attitude were "Nah... It's fine"

Isn't it time for the witnessess to also be honest and own their own mistakes?

You got the community (including me) backing you guys up in this situation, but after this crisis end, well....

I don't think witnesses thought everything was fine because last year some considered hard forking out the steemit stake which may have been a far worse fiasco than this. I did not support it.

But you are correct. This happened on our watch. We took what action we could to protect the chain and something unprecedented happened where exchanges powered up and voted in sock puppets in a Sybil attack. That can happen right now to just about any DPoS chain. Hopefully we can improve DPoS governance to prevent this in the future.

What do you think we should have done instead? Forked out the stake? Done nothing to counter the statements made by Tron about moving everything over to their blockchain without even consulting the witnesses or the community?

I see a lot of complaining lately, but what would you have done if you were a witness? What would have been a better course of action to protect the chain?

If you say reach out and talk first, that's exactly what I tried to do. A mutual friend got me in touch with Justin (thought it took a few days). An email dialog started on Sun, Feb 23. He replied on Tue, Feb 25 saying Roy would reach out to me. I heard nothing for 7 days until I sent a follow up email, but by then the v0.22.2 softfork and v0.22.5 softfork and chain takeover were already done (along with the damage).

I would sincerely like to know what you think witnesses could have done better?

Loading...

Me, OK with Justin executing a coup d'état? No. But he doesn't listen to me.

Is CZ ok with this attack by Justin?

I have engaged with you in the past about this specific threat. ~Two years ago you and other consensus witnesses did not act to prevent this threat when I came to understand and discuss it. The responses I received generally took the form 'We do not agree' I got from @timcliff (or @smooth. Maybe you. Memory fails me atm).

Here we are. While that is in the past, I reckon it is important to acknowledge our failures and limitations in order to move forward based on real and factual data.

I don't care about acknowledgment, and am not here to say 'I told you so', but I do want to pierce the veil of nescience regarding foreknowledge. The fact is that during the entire existence of Steem, the founder's stake has been a threat of Sybil attack, and if the threat of majority stake effecting a 51% attack is not utterly eliminated going forward, there is no possibility of Steem being secure from Sybil attacks.

We (the Steem community) may or may not survive this attack. If we do, failing to prevent this vector for Sybil attacks will simply leave Steem as vulnerable to destruction as it has always been. The next thing I want from witnesses, while ongoing attempts to secure the chain continue, is specific proposals to eliminate this threat. You may find it useful to consider my recommendations from our prior discussions in order to reconsider their potential for success, or eliminate them from consideration as lacking potential to resolve the problem.

The witnesses that have been continually in the consensus for these last several years have profited (insofar as witnessing is profitable) from the centralizing multiplication of stake weight the current witness voting mechanism employs. It is difficult to dismiss this fact considering the potential of witnesses to actually secure the blockchain going forward, but since it's an existential matter presently (as far as Steem is concerned) I expect it is necessary and possible.

Starting with 1 Steem = 1 witness vote (or 100% VP depletion without recharge for witness votes), and executing code preventing exchanges from voting on witnesses, how do we secure Steem from this threat?

Thanks!

Are there other high value DPoS chains using 1t1v?

Major stake holders who think 1t1v is the correct way to secure the chain should announce they will only vote for witnesses who will push for this change to be made.

"Are there other high value DPoS chains using 1t1v?"

I dunno. I only care about Steem.

While you're right in your next statement, that's about the kind of commitment we have been hearing from Roy Liu regarding powering down the exchanges and withdrawing Tron's puppet witnesses.

Do please differentiate yourself from Roy. I'd like your forthright consideration, not lawyerspeak.

Saying, "I don't know" but advocating for an untested change to be implemented doesn't work. 1t1v may actually be ideal, but until things are really thought through and tested, it could end up being a bad change and the witnesses would again be blamed for moving too quickly or going with changes that haven't been shown to be successful elsewhere.

Maybe EOS will go to 1t1v before Steem, and we'll learn a lot from them. I don't know.

You are the parties, you witnesses, we Steemers have elected to understand and effect necessary governance of the chain.

Please assess the facts and take a position based on your understanding - and not whatever some other chain I have no interest in or governance of does or doesn't do - so that Steem can proceed to deal with novel circumstances that aren't replicated elsewhere.

The math is simple. Make a decision and take a stand, which is what Steem needs from it's governance now. Failing to do this will result in delivery of the chain to it's extant majority stakeholder, as has been made clear. Even implementing 1t1v is not proposed to prevent that stake advantage. All it does make possible is accurately weighting the stake of voters per their holdings. Sun's stake is magnified 30x by 1t30v, and that's the present circumstance.

I think that before pushing for an solution we must examine the problem using a solid game theory model. Else we riak introducing other attack vectors. EDIT: having stake does not equal knowing what is the best solution.

"having stake does not equal knowing what is the best solution."

No, but it sure equals the power to ram your favored solution/problem through. Pretty sure that's what @lukestoke's reply meant.

Find a better approach to governance that DPoS stake-weighted voting and it can be seriously explored. I have yet to see one that doesn't have much more serious problems (like China's centrally controlled reputation system). Read Skin in the Game for a deeper understanding for what stake-weight does have some value (but I agree, is far from perfect, especially for those who have skin in the game in other formats outside of token holdings).

Availed of the same grasp of alternate political mechanisms as you discuess, I do not propose any of them. All I am proposing is the equalization of stake undertaking governance of Steem, by eliminating the 30x multiplication of the weight of substantial stake - such as held by Tron now - over governance.

Accurately weighting our skin in the game is all I presently advocate, not replacing it with some other mechanism. It's a simple thing, and confounds potential abusers of the extant system, such as we are demonstrably and existentially threatened by today as a currency and society.

Jesus god. Why can't you actually look up the words you use before getting a popular article out and sharing it on twitter?

This is NOT a sybil attack. STEEM is sybil resistant, else noganoo would be the overlord since a long time.

In a Sybil attack, the attacker subverts the reputation system of a network service by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder.

Are you claiming the 20 witnesses pushed into consensus by a single individual were not "pseudonymous identities" but known, trusted members of the community voluntarily put into a position of leadership by the community according to the intended design of DPoS?

STEEM, clearly, is not Sybil resistant enough. This was a Sybil attack. Pretending otherwise is not defensible. If noganoo had enough stake (or enough influence to get exchanges to do what they did), he could attack the chain through this Sybil strategy just the same.

Creating 20 new accounts didn't give them more influence in the network. Their stake was already there. A sybil attack is when creating more and more accounts will give you more and more power in the network. Imagine a 1 acc = 1 vote democratic system, this wouldn't be sybil resistant, as creating more and more accounts would lead to you having more and more voting power. On steem everything is based on stake alone, creating more accounts doesn't give you any advantage whatsoever.

There's no more or less sybil resistant, it's binary, black or white.

Hope you see my point. I overall agree with your article though, I just think a single word you used is wrong :) What happened is more of a bribe attack (justin bribed exchanges to vote for him to control the network)

It was a bribe attack as well, and I do see your point where a fully-sybil attackable system does of course have no restrictions at all in terms of the cost of account creation and those accounts giving a single actor more vote weight. I feel you are not validating my position that the stake wasn't used just to create one witness account but directly created 20 which, according to the "sybil resistant" rules or Steem, gave them full control (or "more influence in the network" if you like) of the chain. Steem is remarkably Sybil resistant in most regards. It still got Sybil attacked because one majorly staked individual was able to act as 20 accounts. That to me is a clear Sybil attack on what should be Sybil-resistant system. We have work to fix DPoS.

I see your point, but I don't think 'owning 1 acc' as being a real limitation to your power. Justin could vote for 1 real account + 29 community witnesses and still use his power fully. Instead he did 20 dummy accounts and voted 20 times for himself. He's taking a shortcut, but essentially his total witness voting power (influence) remained the same number.

Also, you can see how making more than 20 wouldn't have changed anything. If he did that with 30, 40, 50 puppet accounts, it wouldn't optimize his strategy further.

Justin could vote for 1 real account + 29 community witnesses and still use his power fully.

And that would not have been a Sybil attack. He also could not take over the chain with this approach unless those 29 witnesses agreed with him. In that case, it would have been done according to the proper design of DPoS (again, not a Sybil).

Yes, he only needed 20 (technically only needed 15) to do what he wanted to do. The moment "pseudonymous identities" were used to accomplish this, it became a Sybil attack. You are a technical person who has been in this space a while and you of all people should understand this. I don't think it's at all helpful to deny what took place. What is helpful is calling it exactly what it is and figuring out how to prevent it in the future.

To your point, there are other attack vectors also demonstrated here (bribe attack, centralized custodial stake without skin in the game, etc), but the real one which broke Steem, IMO, was this Sybil attack where fake accounts were able to act as a single individual. As you say, it's supposed to be Sybil resistant. It was not in this case.

I just think we disagree on the overall definition of sybil attack. Creating 19 new accounts didn't give him extra influence in the network, because influence = stake, and their stake actually decreased from creating these new accounts.

If for you creating 20 puppet accounts is a sybil attack ... well then so be it, it won't be the first word that's butchered by laymen because of misunderstandings.

The ultimate level of "influence in the network" is full control which requires more than one account. It wasn't just creating multiple accounts that made this a Sybil attack. As you've already mentioned, Steem has fairly good protections against that attack. It's the combination of stake and creating multiple pseudonymous identities which made this attack possible and that is, to me, undeniably a Sybil attack. I'm confused why you're stuck on this point because multiple pseudonymous identities was clearly required to pull this off. Those accounts were not real people. They were one person pretending to represent 20 different entities. DPoS is designed to have individual block producers, not one producer pretending to be individual block producers. These 20 accounts may be running in the same datacenter or even the same server for all we know!

From: https://steempeak.com/dpos/@dantheman/dpos-consensus-algorithm-this-missing-white-paper

Under normal operation block producers take turns producing a block every 3 seconds

How is it "taking turns" if they are all the same person in control because of this Sybil activity pretending to be multiple, separate accounts?

The DPOS algorithm is divided into two parts: electing a group of block producers and scheduling production. The election process makes sure that stakeholders are ultimately in control because stakeholders lose the most when the network does not operate smoothly. How people are elected has little impact on how consensus is achieved on a minute by minute basis. Therefore, this document will focus on how consensus is reached after the block producers have been chosen.

The election process failed because exchanges don't have skin in the game. They didn't vote with their tokens so they don't care if it impacts the token price negatively.

I think this document didn't spend enough time on the election process as that's where this Sybil attack became a reality.

Who is more stupid:

A girl with Dawn Syndrome or Extreme Communists who don't understand basic economy?

image.png

P.S. PARTY COMMISARS, DO FLAG YOURSELVES

I don´t understand why people are upset, when exchanges use customers stake for voting. Everyone in the crypto-community knows the drill: NOT YOUR KEY = NOT YOUR COINS. So why would anyone who cares about votings in the commuity leave their stack on an exchange.
And the people who did leave it on an exchange DID their vote. They voted for not really taking care what happens with their stake. Anyone should simply stop whining.

I'll guess, what should be on the table is...
Q: should exchanges have the ability to power up Steem or not?

That's certainly part of what is being discussed to prevent this from happening again in the future.

If you stop them, couldn't they just transfer it to another account that can power up?

No, Sybil Attack ain't cool, but a clear situation/case is something else...

Coin Marketplace

STEEM 0.20
TRX 0.25
JST 0.038
BTC 96483.87
ETH 3356.14
USDT 1.00
SBD 3.20