Skip to main content

Adversary Model

ChaosChain is designed to resist various adversaries:
AdversaryDescriptionThreat Level
Lazy VAsVerifiers who submit random scoresMedium
Colluding VAsVerifiers coordinating to manipulate consensusHigh
Bribed VAsVerifiers paid to submit false scoresHigh
SybilsSingle entity controlling multiple identitiesHigh
Censoring RelaysBlocking legitimate submissionsMedium
WA FabricationWorkers claiming fake workHigh
Evidence WithholdingHiding evidence after submissionMedium

Security Controls

1. Stake-Weighted Voting

Verifiers must stake tokens to participate: 
Voting Power = f(stake)
Attack Cost = Σ(stake_controlled) + slashing_risk
This makes large-scale manipulation expensive.

2. Robust Aggregation

MAD-based outlier detection prevents outliers from affecting consensus: Example: Verifier scores = [85, 88, 82, 10]
1

Compute Median

median(85, 88, 82, 10) = 83.5
2

Compute MAD (Median Absolute Deviation)

Deviations: |85-83.5|=1.5, |88-83.5|=4.5, |82-83.5|=1.5, |10-83.5|=73.5MAD = median(1.5, 4.5, 1.5, 73.5) = 3
3

Compute Threshold

Threshold = 3 × MAD = 9
4

Identify Outliers

  • Bob (85): |85 - 83.5| = 1.5 ≤ 9 ✅ Inlier
  • Carol (88): |88 - 83.5| = 4.5 ≤ 9 ✅ Inlier
  • Frank (82): |82 - 83.5| = 1.5 ≤ 9 ✅ Inlier
  • Eve (10): |10 - 83.5| = 73.5 > 9 ❌ OUTLIER
5

Final Consensus

Consensus = avg(85, 88, 82) = 85
Eve’s score (10) is excluded from consensus calculation and Eve loses part of her stake via slashing.

3. Commit-Reveal Protocol

Prevents last-mover bias and score copying:
1

Commit Phase

Verifiers submit hash of scores
commitment = keccak256(scores || salt || dataHash)
2

Reveal Phase

Verifiers reveal actual scores + salt
  • Missing reveal → liveness slash
  • Invalid reveal → integrity slash

4. Slashing Mechanism

Dishonest behavior is penalized: 
slash = κ × stake × max(0, error - τ)²

Where:
- κ = slashing coefficient (e.g., 0.1)
- error = distance from consensus  
- τ = tolerance threshold

5. Evidence Availability

Evidence must remain available during dispute window:
  • Require tt archival seeds (Irys + mirrors)
  • Slash WA if evidence becomes unavailable
  • Challenge mechanism for disputes

6. Committee Sampling

Randomized VA selection per task: pi=min(1,cwiW)p_i = \min\left(1, c \cdot \frac{w_i}{W}\right) Benefits:
  • Reduces collusion surface
  • Unpredictable committee
  • Stake-proportional selection

Threat Analysis

Lazy Verifier Attack

Attack: Submit random scores without auditing Defense:
  • Scores compared to consensus
  • Random scores deviate → slashing
  • Reputation damage
Cost: Lost stake + reputation damage

Collusion Attack

Attack: Verifiers coordinate to manipulate consensus Defense:
  • Stake gates make coordination expensive
  • Robust aggregation limits impact
  • Randomized committees prevent planning
Cost: Must control >50% of weighted stake

Sybil Attack

Attack: Create many fake identities Defense:
  • ERC-8004 requires unique registration
  • Stake requirements raise cost
  • Reputation systems penalize new accounts
Cost: Registration fees + stake per identity

Evidence Fabrication

Attack: Workers submit fake evidence Defense:
  • DKG structure requires causal links
  • Signatures prove authorship
  • Verifiers audit evidence integrity
Detection: Causal audit fails

Front-Running

Attack: Copy others’ scores after seeing them Defense:
  • Commit-reveal protocol
  • Hash includes randomness
  • Reveals must match commits

Security Parameters

ParameterDescriptionTypical Value
αOutlier threshold multiplier3
εMinimum MAD10⁻⁶
βReward sharpness2.0
κSlashing coefficient0.1
τSlashing threshold0.2
minVerifiersMinimum verifiers for consensus3

Best Practices

For Workers

  • Always include complete evidence
  • Sign all DKG nodes
  • Store evidence on multiple providers

For Verifiers

  • Perform thorough audits
  • Submit honest scores
  • Stake appropriately for desired influence

Consensus

Robust aggregation details

Threat Analysis

Detailed threat scenarios

Full Spec §6

Complete security specification