Dockeyhunt Eclipse Attack

#### Introduction

An Eclipse attack is a type of peer-to-peer attack in which the attacker monopolizes all incoming and outgoing connections of the victim, isolating it from the rest of the nodes on the network. This allows the attacker to control the information coming to the victim and manipulate his actions on the network. In this article, we will look at the mechanisms of the Eclipse attack, its consequences for the Bitcoin and Ethereum networks, and also offer recommendations for protecting against such attacks.

#### Eclipse attack mechanism

An Eclipse attack begins with the attacker creating multiple nodes on the network and attempting to establish connections with the target node. The goal is to occupy all available slots for the victim’s incoming and outgoing connections. Once this is achieved, the victim is isolated from the rest of the network and can only receive the information that the attacker provides.

#### Examples of attacks on Bitcoin and Ethereum

1. Attack on the Bitcoin Network: The study “Eclipse Attacks on the Bitcoin Peer-to-Peer Network” ( https://eprint.iacr.org/2015/263.pdf)  describes how an attacker can use an Eclipse attack to manipulate blocks and transactions, which may lead to double spending and other types of fraud.

2. Attack on the Ethereum Network: The study “Low-resource Eclipse Attacks on the Ethereum Peer-to-Peer Network” ( https://eprint.iacr.org/2018/236.pdf)  shows that an Eclipse attack can be carried out with minimal resources, which makes it accessible to a wider range of attackers. As a result of the attack, the attacker can control information about the state of the blockchain, which can lead to various types of attacks, including attacks on smart contracts.

#### Security recommendations

To protect against Eclipse attacks, we recommend:

1. Increase the maximum number of connections per node: This will make it difficult for an attacker to monopolize all connections, as he will need to create more nodes to attack.

2. Limit the number of hosts with a single IP address: This will prevent the possibility of creating a large number of hosts from a single IP address, which is one of the attackers’ strategies when carrying out an Eclipse attack.

#### Conclusion

The Eclipse attack poses a serious threat to peer-to-peer networks such as Bitcoin and Ethereum. Understanding the mechanism of this attack and implementing appropriate security measures can significantly reduce the risk of its success. Increasing the maximum number of connections per host and limiting the number of hosts with the same IP address are effective measures to improve network security.

#### Links

1. Eclipse attacks on the Bitcoin peer-to-peer network:  https://eprint.iacr.org/2015/263.pdf
2. Low-resource Eclipse attacks on the Ethereum peer-to-peer network:  https://eprint.iacr.org/2018/236 .pdf

Dockeyhunt Eclipse Attack


By