Towards the Comprehensive Understanding of Mempool DoS Security in Ethereum (Work in Progress)

While awareness has been recently raised on Ethereum mempool security, the current state of the art lacks a comprehensive understanding of the subject: The only known attack, DETER (CCS'21), is manually discovered, and it remains an open problem whether attacks other than DETER exist that disable the mempool at an asymmetrically low cost. In this paper, we propose automatic exploit generation techniques to discover new mempool-DoS attack. By employing model checking, we discover a new attack pattern beyond DETER. By further leveraging attack synthesis techniques, we generate exploits from the patterns to adaptively bypass defenses adopted in real Ethereum clients. Our evaluation result shows that while the recent Ethereum clients (e.g., Geth V1.10.14 and OpenEthereum V3.3.5) have mitigated the existing DETER attacks, they are vulnerable to the newly discovered attacks that achieve high success rates (88% - 96%) and low costs (as low as zero Gas/Ether).