Here is a list of exploits that It’d be awesome to see getting built! These are all known bugs, but I wanted to draw attention to them for GoS participants.
---- Tendermint issues ----
- https://github.com/tendermint/tendermint/issues/2972 - This ones is fairly simple, to exploit just spam the mempool with txs. This may be limited as we don’t batch tx gossips, so you may be unable to spam fast enough. However, if you could, you could delay a proposer’s block creation by a significant amount of time. The expected amount of delay due to spam is actually greater than what I indicated in the issue. This will likely cause them to miss their proposal window. I also highly suspect there are similar classes of attack based off of adversarial mutex locking within the system.
- https://github.com/tendermint/tendermint/issues/3044 - This is the issue that got lots of attention on the riot. (Not actually a bug in that it was intended behavior when built) Essentially, you shouldn’t vote on another proposer’s first round, if you would propose in the second round. If you successfully propose in the second round, then you get rewards, but you also propose in the subsequent height. (this also holds for higher round numbers)
- https://github.com/tendermint/tendermint/issues/2653 - Time warp attacks (For extra inflation)! This is the rational thing to do, so you don’t need a 1/3rd cabal to do it. (e.g. every rational validator should do this, as its profitable for all of them) With a sufficiently sized seed group, you can even make your script coercive. e.g. If you detect that the proposer has a history of picking times later than present time for other people’s blocks, you use a future time. Otherwise use present time. Due to proposer inflation bonuses, the trend should cause proposers who don’t do this to lose income.
---- SDK issues ----
-
https://github.com/cosmos/cosmos-sdk/issues/2562 - To exploit this, make a governance parameter change proposal to increase the liveness slashing window significantly. This shouldn’t be contentious as liveness slashes are 0%. The purpose of this would be to increase storage requirements by a significant margin. The impact would be aiding in killing cheap low disk-space cloud sentries. Since our genesis allows for 300 validators iirc, if you made the window size 100k blocks, this would induce about ~1.8GB increase in storage requirements. (I’d expect it to be much higher in practice, due to several IAVL implementation level inefficiencies)
In conjunction with the above, spam photinos to a bunch of new accounts. You can mod the client to make this 0 fees when you propose. Since photinos are worthless except for this attack, its zero cost. This also has a significant increase in state size. - https://github.com/cosmos/cosmos-sdk/issues/2525 - Its a valid cryptoeconomic attack on the current setup that increases your rewards. This is actually risk-free, as the liveness slashing factor is 0. You can also combine this with the second tendermint issue for extra increase in stake. There may be a slight problem with this, as the game of stakes victory condition was changed to be based off of uptime instead of stake, but this may be worth executing if uptime requirements are only based off the final N days. (I have no knowledge of the details of this)
All statements here are my own. Hopefully some of these get exploited on GoS