Asymmetric Mempool DoS Security: Formal Definitions and Provable Secure Designs

A mempool is a security-critical subsystem in a public blockchain. Recent mempool attacks, notably asymmetric DoS, have shown their ability to severely damage the Ethereum network. This paper tackles the open research problem of designing principled and non-intrusive defenses against asymmetric mempool DoSes with provable security. It presents the first mempool economic-security definitions based on mempool-observable conditions. It then presents SAFERAD, a framework of secure mempool designs with provable security against asymmetric DoSes. To defend against dual attacks by evicting and locking a victim mempool, SAFERAD adopts a non-trivial design of enforcing an upper bound of the attack damage under the locking attacks and a lower bound of the attack cost under the eviction attacks. With a prototype implementation on Geth and evaluation under real transaction traces, the results show SAFERAD has low overhead in latency and block revenue, implying non-intrusiveness and practicality.