Plan for increased security of the æternity blockchain

æternity community keeps innovating the network, and creating new security solutions

A tale of attack and recovery explains the chronology of the recent crisis, and how æternity community fought back against malicious attacks while preparing the ground for the implementation of Hyperchains. The following text is focused on what’s been done so far, and what the short-term and long-term solutions are.

Following the attack, æternity’s developement team took measures in various different directions, including improving software, vigilant network monitoring and a high volume of communication with network stakeholders. Since neither the Æternity Anstalt nor the Æternity Crypto Foundation directly run the network, options for stopping it were limited. Although exchanges were warned immediately, this was not enough to protect the network itself.

Reacting quickly, the æternity developer team worked around the clock on improving the software. A new version of the æ node (Release 5.6, an upgrade to the previous 5.5.4) was delivered on time according to the æternity Roadmap. Over the course of the following days, the first emergency release 5.6.2 was made within hours followed by the releases 5.6.3 and 5.6.4. Promptly, the miners and exchanges were encouraged to switch to the new fork of the network. Although this presented an inconvenience for the users, we are thankful for the excellent cooperation, and are pleased to announce that all miners and all exchanges upgraded their nodes in time and picked the community fork over the attacker’s one.

In the aftermath of the attack, an evident conclusion is that the æternity ecosystem and its community have proven through their quick and decisive reaction that they are much more resilient and resourceful than the attackers believed. While this is something to be celebrated, it is also a warning to the ecosystem to keep vigilant against malicious assailants, as well as to keep innovating the network, and creating new security solutions for potential attacks in the future.

Security plan

for increased resistances of the æternity blockchain

As maintenance of blockchain networks and prevention of attacks requires constant vigilance and continuous improvement of security systems, æternity blockchain is considering several different options to increase its capability of spotting on-chain anomalies and limiting malicious activities. These options can be categorized as the short-term, quick solutions, and long-term solutions which will require some time to implement into the network, but should greatly increase security and privacy of the blockchain and its community.

In the short term:

• Enhanced network monitoring on the æternity blockchain to identify anomalies and preattack conditions (already partially implemented and will be available publicly soon)
• Account tracking tool AeCanary
• Security improvement implementations in the nodes by Release 5.7 to be publish on the 29.01.2021
• Maturing of old blocks — sufficiently old blocks will become immutable, which will make æternity network safe from attacks targeting more than 100 blocks
• Close coordination with exchanges and miners

In the long term:

• Hyperchains
• Even closer coordination with exchanges and miners
• Monitoring, tracking, and tuning tools implementation

The æternity development team will need some time for proper testing before deploying the main, long-term solution — Hyperchains . While the fully operational Hyperchains implementation is in preparation, this decision will have to be backed by a public governance vote. Meanwhile, the efforts to onboard more hashing power are ongoing. Additionally, the æternity blockchain developer team is creating more tools for monitoring and early warning in case of anomalies on the network. Those alone will simply help detect a potential new attack but will not be enough to prevent it.

That is why a new version of the node (Release 5.7), which is currently under development, will be introduced soon and it will include further security improvements. The new secure nodes will make it even easier to prevent cyber attacks. This should be enough to discourage ill-intentioned behaviour of the hackers. Following the Release 5.7, the aeternity blockchain will be able to continue operating securely, as usual.

As a long term solution, and a convenient recourse to prevent 51% attacks, the Æternity Anstalt started an initiative to implement Hyperchains. In a nutshell, Hyperchains are PoS systems that rely on existing PoW blockchains for security. By allowing a PoS child chain to be created using the block hash of a PoW parent chain as a source of randomness and constantly checkpointing the hash from the child chain on the parent chain, Hyperchains ensure security for the child chain, while maintaining its independent operation. They are designed to allow anyone to deploy a new or existing blockchain in a PoS fashion, anchoring the leaders election to a PoW parent chain, which has a prohibitive amount of hashing power to be 51% attacked.

More detailed information on Hyperchains can be found in the WhitePaper, and the FAQ section. You can join the discussion on this topic on the æternity forum.

The æternity community is not in any way discouraged by these attacks, but instead more determined than ever to achieve mass adoption and overcome all the difficulties caused by malicious actors.

_______

Get in touch: GitHub | Forum | Reddit | Twitter | YouTube| LinkedIn

Plan for increased security of the æternity blockchain was originally published in æternity blog on Medium, where people are continuing the conversation by highlighting and responding to this story.