Researchers from the University of Bern in Switzerland issued a report claiming that the Ripple consensus protocol “can neither ensure security nor ensure activity”.
Yesterday, on the blog of the Cryptography and Data Security Research Group of the University of Bern, researchers Christian Cachin, Amores-Sesar, and Jovana Mićić published an analysis report stating that the Ripple consensus protocol may allow users to “double spend” and stop the transaction process. .
The three researchers created an example of the Ripple protocol using different numbers and types of nodes to illustrate that the Ripple protocol may not be able to ensure security and liveness (the network continues to process transactions and make progress). According to their example, failures or the presence of malicious nodes may “have a devastating effect on the health of the network.”
The researchers said: “Our analysis results show that the Ripple protocol relies heavily on synchronization and timely message delivery, the existence of a trouble-free network, and a priori agreement signed by Ripple, which is about a public with a unique node list (UNL). Trusted node.”
“If one or more of these conditions are violated, especially if an attacker becomes active inside the network, then the system may severely crash.”
David Schwartz, the chief technology officer of Ripple, quickly responded to Cachin on Twitter and questioned the results of the analysis. David Schwartz believes that such a situation is “unrealistic”, claiming that any attacker must “segment the network” and control some of its UNLs in order to appear as the researcher said.
I would love to see such a report, and thank it for discovering and pointing out the shortcomings of the Ripple consensus protocol. Any opportunity to help improve the security and reliability of the Ripple consensus protocol or block space is usually good. –David Schwartz (JoelKatz) December 3, 2020
Schwartz said: “The general idea of UNL is that attackers have only one chance to disrupt the activity of UNL, and then they can no longer attack it.” He added:
“A security attack also requires a lot of control over the spread of messages on the network, so this type of attack cannot be achieved. This is why the Bitcoin network cannot be divided.”
No researcher has yet responded to the criticism of Ripple’s CTO of its research results. The research team admitted in its initial analysis that these attacks were “purely theoretical and did not appear on real-time networks.”
