Risks of validators being targeted by a worm/virus to trigger slashing?

Cryptocurrency News and Public Mining Pools

Risks of validators being targeted by a worm/virus to trigger slashing?

Imagine your retirement fund is 32 ETH, you run a solo home validator to secure the network and get staking rewards.

Imagine years from now a nation state develops a worm virus targeting Ethereum validators (be it by network scanning or by infecting the PCs/Laptops/etc of people who run validators where it can then infect the validator on their local network). The worm uses zero day exploits to gain access to the validator, then either gains access to the signing key on disk (if possible), or accesses it in memory where it's already decrypted. The worm then creates duplicate attestations, triggering slashing of the validator. The slashing means you've lost your entire retirement fund.

In a world of Zero Day Vulnerabilities which are vulnerabilities discovered in software and sold to the highest bidder without public disclosure, and in a world with markets for trading zero days, are people who run Ethereum validators completely reliant on the security of the host OS to protect against attacks like this?

Stuxnet was a worm developed likely by a nation state to directly target specific nuclear enrichment centrifuges in Iran, causing physical damage to the systems. It used previously unknown zero day vulnerabilities in Windows systems to gain access.

What if this happened again, but with a zero day worm targeting Ethereum Validators, spreading from validator to validator to cause mass slashing? The obvious answer here is decentralisation, that large sets of validators on one network with one OS, etc where a worm can easily spread is a bad thing. And that it would have little impact on Ethereum itself (unless it spread significantly).

However the risk for solo home validators heavily invested in ETH seems extremely high. If someone gains access to the validator (remotely or in person), they could find a way to trigger a double attestation simply because our top level computer architecture is not secure by default – computers run whatever code they're told to.

So how do we mitigate against this? It would mean nothing to the Ethereum network for a solo validator to get slashed, but it would mean everything to the owner of that validator.

FYI: I'm bullish ETH.

u/vbuterin kindly requesting perspective on this.

submitted by /u/seventai
[link] [comments]