First 34% Tendermint Attack ever

Article rescued from old and lost ColmenaLabs blog
Date: 19 Sep 2019

Sentinel Hub testnet "sentinel-turing-1" has been the scenario of the first 34%
attack on a Proof of Stake ever.

The attack was coordinated by DelegaNetworks and DragonStake validators and assisted by Sentinel Core Dev Team. They helped a lot with our attack plan and tests. Thank you guys!

The 34% attack started on September the 18th at block 823,404 11:39 UTC.

Yes, 404 stands for "Blockchain not found error" ;-)

At sentinel's testnet genesis time  "2019-07-24T11:00:00.0Z" there was an even
distribution of stake among 30 validators. 10000000000 tsent each.

"value":{"denom":"tsent","amount":"10000000000"}

Network parameters were taken from previous cosmos testnets without further
discussion.

"params":{"mint_denom":"tsent","inflation_rate_change":"0.130000000000000000","inflation_max":"0.200000000000000000","inflation_min":"0.070000000000000000","goal_bonded":"0.670000000000000000","blocks_per_year":"6311520"}

Full genesis file can be found here: sentinel-turing-1_genesis.json

Right after the genesis block DragonStake validator
started to gain some voting power advantage thanks to compound interest.
DelegaNetwork was also taking position very soon. After a
couple of days, Wimel and me (DerFredy) had the impression that this network was
kind of accelerated. We realized that in a few months the network maturity would
be like years in a mainnet. That represented an opportunity to demonstrate the
kind of risks that Proof of Stake networks are facing because of voting power
centralization.

We waited patiently and when the chance arrived we talked to the developers. We
already had attacked and had helped to fix the network before. So they totally
supported our plan and they took us seriously. Some previous contributions could
be found in "La Colmena GitHub repository".
This is the announcement with sent to the Sentinel Validators Telegram group:

After some exciting minutes where the network was totally stopped, we realized
that this was probably the first 34% attack on an Proof of Stake blockchain in
the world.
The consensus only reached 52% of voting power online. No blocks where produced
at this time.

The few minutes that the network halted were enough to check that there wasn't
anything that someone apart from Wimel and me could have done to make it live
again. Since blocks couldn't be produced, no transactions could be processed. In
an exceptional case like this one, the network should be forked to keep it
running. There is nothing else that can be done.

In this scenario we were tempted to ask a ransom to start the blockchain again
:-D

Lesson learned here is clear enough for other Proof of Stake blockchains to
catch the message:

We were able to perform this attack joining the voting power of just 2
validators.
In Cosmos Hub that number is 5 and the Iris Hub could be attacked by 10
validators. Whether we are trying to sell "Security" to the global financial
system it seems mandatory to focus our efforts in increasing those numbers.
After this major episode in Sentinel Hub testnet we have some ideas that could
help to mitigate the effects of centralization:

• Create and feed a well provisioned "Community Decentralization Pool"
• Good genesis validators token distribution
• Drastic reduction of network inflation
• Tokenomic mainly based on network fees instead of block rewards

From "La Colmena" we really want to thank all Sentinel devs for their patience and efforts, and for always being so receptive with our suggestions. Special thanks to Ironman and Takumi.

We feel really comfortable with Sentinel devs and we love the project.
Especially because this project is almost the only one that started with a
successful launch of useful products (dVPN client) before dealing with the blockchain. Many networks do payment oriented development, but Sentinel believes in a utility first approach.

Stay tuned

https://DragonStake.io