Creating malicious full nodes to censor validators

Hi, I’ve been thinking about an attack to censor specific validators, and was wondering if it is viable, and if so, whether it could be avoided.

My thoughts are that a malicious user could create several modified full nodes. Those full nodes would only gossip the addresses of other malicious full nodes. Also those full nodes would never gossip votes or proposals from a selected validator. By doing so, if there are enough malicious full nodes, messages of a certain validator would maybe not reach all other validators.

So I was wondering if this would be viable. I was hoping for some other thoughts. And maybe I got it completely wrong.

The attack you’re suggesting is theoretically possible, although in practice would be very difficult to ever pull off. People have thought about network attacks like these in context of other p2p networks such as Bitcoin (imagine if you could prevent miners from mining blocks to improve your own mining profits).

One simple countermeasure (which I don’t believe is implemented in Tendermint yet, although would be easy to if needed): just ensure you aren’t connected to too many peers in a similar range of IP addresses, since presumably an attacker’s IPs are all close together. Although, this doesn’t protect against botnets.

Another is to peer your validator node with various “sentry nodes”, which are nodes hosted elsewhere which are owned or trusted by you. This would mean the attacker must run their eclipse attack against each of your sentry nodes, which is difficult since they won’t even know which nodes are yours.

An attacker at the ISP level would probably be most likely to censor a validator though.

So tl;dr: it’s possible, although easy to prevent and hard to pull off.

1 Like

Thanks for the answer :slight_smile:.
I’m aware of the sentry nodes, I just thought since there seems to be no incentive to run full nodes, that it would be easy to out number the sentry nodes. But it’s probably not viable.

Curious what you mean by “no incentive to run full nodes”? In any case, I think the key to making this work would be to censor not only the validators, but their sentries as well. This will be strictly necessary in the case of a well architected validator, as such should not communicate with anything other than its own sentry nodes. The question then becomes if you can identify all those sentry nodes associated with a given validator. I suspect you could if you have enough nodes to connect to all the other advertised nodes in Cosmos Net; then you could observe the sentries that first send out new blocks proposed by the target validator and given timing data from a number of blocks, probably narrow it down pretty accurately. At that point, you could stop advertising those sentry addresses, but it’s definitely a long shot that everyone peering with you will also forget them. As mappum mentioned, the easy defense here is to peer with other trusted validators, which is something I’ve noticed all the serious validator operators are working on. It is also worth noting that on the off-chance you were successful, any decent validator operator would notice and bring up in the chat, which would likely get the attacker noticed and have punitive measures taken against them, such as by governance action.