IMPORTANT SECURITY ANNOUNCEMENT
The PAWS Team would like to inform the community of an incident recorded on the PAWS blockchain and the actions we have taken to mitigate the issue and will be taking in the next coming days to fix it.
What does this mean for you?
What does it mean for the average investor or user of our network? Nothing at all. Your funds are safely stored in your wallet or at our partners services. There have been no theft of any of your holdings. The attackers have been able to take a larger share of the staking rewards than they were entitled to, which is theft from the community. We have now reduced the influence from these attackers, by enabling staking on our large wallets containing the Donation Fund and the Operational Fund, reducing influence from any malicious party. We will keep this in place, until the updated wallets have been released and the entire network has been upgraded. We do need your help with the following: Once we make the announcement that wallets need to be updated, we urge all of you to download the new software from our GITHUB and upgrade your wallet. DO not under any circumstances download any software from anywhere else but our github repository which can be found in #official-links and under the "Wallets" link on our website. If you know of someone that has a wallet, make sure they update the wallet before doing ANY transfers.
String of events
On 13/1/2019 we started recording strange transactions on the blockchain in the PAWS network, that we initially treated as an anomaly or a wallet that had gone crazy. The transactions started from 1 address containing 942 PAWS, which was then split in many small amounts on many addresses.
Over a period of 2-3 days, we noticed that someone or more likely something was moving the small amounts from those addresses to new addresses, sometimes with only minutes in between. The transactions contained many input addresses and many output addresses with unequal sizes. This is not something that can be created with our wallet.
Other symptoms were that the multisend features seized to work on many wallets, and the machines staking the big wallets were showing bigger memory and cpu consumption. The multisend feature is probably affected by the larger memory consumption caused by the large transactions being placed on the network.
Our analysis showed, that these actions were causing the initiator of these transactions to gain more staking rewards than he was entitled to. And that also meant, that this person was able to validate more blocks that he was supposed to. And finally, the large blocks did put an additional strain on many of the machines running wallets, as the blockchain was growing faster that it should normally, and using more RAM and CPU on validating block.
We did not consider these actions to be a bug or a mistake. To us it looked like a deliberate action from someone, to either hurt the network or obtain funds they were not entitled to.
On 21/1/2019, we reached out to a number of fellow community blockchain projects, as we observed similar patterns on their blockchains. Responses were positive. We also managed to make contact with the PIVX community later that day. This was not an easy task, but we got in touch with some good people that could work with us on finding the problem.
The only addresses that are owned by PAWS that are staking, are the 6 corporate masternode addresses. Since we could clearly see, this was an issue with staking and was not impacting the masternode reward distribution. The largest staking addresses were the 6 corporate masternodes, but those were not able to prevent the attacker from taking more than 25% of the staking rewards. We decided after a few days to activate staking of our Operational Fund (PXFUND), which meant a significant lower portion of staking rewards went to the attacker. The Operational Fund contains a significant number of coins, which means that it can win a large number of staking rewards. Activating staking on this address, obviously means that PAWS is getting those rewards that we always promised should go to the community. During a short period we also added the Donation Fund to the pool of staking addresses (PDFUND) which caused 75% of the staking rewards to go to PAWS operated addresses, very little to the community and almost none to the attacker.
Since this is a serious situation, we have bypassed that promise for now, until the situation is under control. We will obviously disable staking of those addresses, as soon as the problem is fixed. And we might find a way to return those staking rewards to the community at a later point in time.
Details of the problem can be found in a paper published by 3 students of the University og Illinois and their mentor. In the summer of 2018, they explored possible vulnerabilities with regards to validation of Proof-of-Stake before committing resources. What started as a paper to proof whether or not it was possible to exhaust resources in the PoS blockchain, also uncovered other issues related to inadequate validation. What we have been experiencing is what is called stake grinding, which is an attack vector to try and manipulate the stake selection algorithm in ones own favour. This can be used to obtain funds they are not entitled to, but it can also lead to taking control of the network
What we have been experiencing is called stake amplification, which is mentioned in the medium.com article in the bottom of this article. What it means is that one can obtain a heavy staking weight, usually reserved for wallets with many coins, with a relatively small amount of coins by amplifying the weight of those coins. In practise this is achieved by adding lots of transactions to the blockchain that are not necessarily valid but will give weight to your staking addresses. Those transactions are accepted due to inadequate validation checks that will allow such transactions if hidden away in a bunch of valid transactions. Permanent Solution
After we got in touch with the PIVX community and some of their developers, we have been able to find a solution. This is being tested in our testnet as we speak. Once the fix has been implemented in our wallet, we will release a new version of the wallet. This is a mandatory update. All investors that use a PAWS wallet as well as investors with one or more masternodes, will have to update their wallet. We realise that this is cumbersome and stressful for some, but we will provide instructions and an update script to help those operating their own masternode. Those that use (shared) hosting services will not have to worry, as the upgrade will be performed by our partners. Also exchanges will have to update the wallet, which might cause a small downtime in service. The release of the new wallet is scheduled before the end of this month. It is needless to say, that we will be on discord supporting all of you that need help with upgrading their masternodes.
We are convinced, that the attacker is using the same mechanisms to attack several other PoS blockchains gaining the same advantages. We will be working with those teams that are interested to resolve the issue on their blockchain as well. In the end it is in the interest of all our projects and their honest investors that the blockchain they use to transfer and store their funds are secure and safe.
We will continue to monitor our blockchain in the future as we have done until now and act as necessary to protect our investors and our own interests. This incident report emphasizes that we want a open and transparent dialog with our community. Links to detailed information (especially the section on stake amplification): https://medium.com/@dsl_uiuc/fake-stake-attacks-on-chain-based-proof-of-stake-cryptocurrencies-b8b05723f806
We would like to thank:
Sanket Kanjalkar, Joseph Kuo, Yunqi Li, Andrew Miller
University of Illinois, Urbana Champaign
For their finding and the detailed doc they have created http://fc19.ifca.ai/preproceedings/180-preproceedings.pdf