The Ripple protocol guarantees neither safety nor liveliness, according to researchers from the University of Bern

[ad_2][ad_1]
  • According to the Cryptology and Data Security Research Group of the University of Bern, Ripple Network does not guarantee security.
  • The analytics report warns Ripple to correct potential protocol violations in time.

A recent report and analysis by the Cryptology and Data Security Research Group of the University of Bern concludes that the Ripple protocol does not guarantee security or liveliness under the stated assumptions.

Ripple’s consensus protocol aims to ensure that the same transactions are processed and that the validated logs are consistent across the network. It should protect the system from attacks and failure modes, such as malicious actors who might try to control or interrupt the system at any given time.

Analysis shows how Ripple’s consensus protocol can be breached using seven nodes. The configuration basically consists of six valid nodes and one damaged node, called the Byzantine node.

Nodes 1, 2 and 3 (white) adopt UNL1, dashed vertically, while nodes 5, 6 and 7 adopt UNL2, dashed horizontally. Node 4 (gray) is Byzantine.

Using this particular configuration, the researchers were able to make two correct nodes perform different transactions, which fundamentally violates the agreement condition of the consensus protocol. Although this was a demonstration with only seven nodes, the researchers showed the same type of breach using an arbitrarily large number of nodes as well.

The liveliness of Ripple’s consensus protocol is also at risk

In simultaneous computation, liveliness refers to a set of properties of concurrent systems. The analysis report shows how the liveliness of the consensus protocol can be violated even when all nodes are the same and only one is the Byzantine (bad) node.

The researches were able to bring the protocol into a state that rendered it unable to produce a proper registry and it eventually stopped making progress. The report’s conclusion says Ripple may be at risk of adding:

Previous work on Ripple’s consensus protocol has already raised some concerns about its liveliness and security. In order to better analyze the protocol, this work presented an abstract and independent description derived directly from the implementation. Additionally, this work has identified relatively simple cases, where the protocol can violate security and / or life, and which have devastating effects on network health. Our analysis illustrates the need for very tight synchronization, tight interconnection and error-free operations between participating validators in the Ripple network.

It is important to note that these attacks are theoretical only and have not been proven with a live network. However, these hypothetical attacks often resulted in real ones in the end, which means Ripple must try to fix them in time.

.[ad_2]Source link