Clients of permissionless blockchain systems, like Bitcoin, rely on an underlying peer-to-peer network to send and receive transactions. It is critical that a client is connected to at least one honest peer, as otherwise the client can be convinced to accept a maliciously forked view of the blockchain. In such an eclipse attack , the client is unable to reliably distinguish the canonical view of the blockchain from the view provided by the attacker. The consequences of this can be catastrophic if the client makes business decisions based on a distorted view of the blockchain transactions. In this paper, we investigate the design space and propose two approaches for Bitcoin clients to detect whether an eclipse attack against them is ongoing. Each approach chooses a different trade-off between average attack detection time and network load. The first scheme is based on the detection of suspicious block timestamps. The second scheme allows blockchain clients to utilize their natural connections to the Internet (i.e., standard Web activity) to gossip about their blockchain views with contacted servers and their other clients. Our proposals improve upon previously proposed eclipse attack countermeasures without introducing any dedicated infrastructure or changes to the Bitcoin protocol and network, and we discuss an implementation. We demonstrate the effectiveness of the gossip-based schemes through rigorous analysis using original Internet traffic traces and real-world deployment. The results indicate that our protocol incurs a negligible overhead and detects eclipse attacks rapidly with high probability, and is well-suited for practical deployment.

中文翻译：

---

检测对工作量证明区块链的 Eclipse 攻击的去中心化和轻量级方法

无需许可的区块链系统的客户端，如比特币，依靠底层的点对点网络来发送和接收交易。客户端必须连接到至少一个诚实的对等方，否则客户端可能会被说服接受区块链的恶意分叉视图。在这样一个日蚀攻击 ，客户端无法可靠地区分区块链的规范视图和攻击者提供的视图。如果客户基于对区块链交易的扭曲观点做出商业决策，则其后果可能是灾难性的。在本文中，我们调查了设计空间，并为比特币客户端提出了两种方法来检测针对他们的日食攻击是否正在进行。每种方法在平均攻击检测时间和网络负载之间选择不同的权衡。第一种方案基于可疑块时间戳的检测。第二种方案允许区块链客户端利用他们与互联网的自然连接（即标准 Web 活动）与联系的服务器和其他客户端谈论他们的区块链视图。我们的提议改进了先前提议的日蚀攻击对策，而无需引入任何专用基础设施或对比特币协议和网络进行更改，我们将讨论实现。我们通过使用原始互联网流量跟踪和实际部署的严格分析证明了基于八卦的方案的有效性。结果表明，我们的协议产生的开销可以忽略不计，并且以高概率快速检测到日食攻击，非常适合实际部署。