pith. sign in

arxiv: 2601.16560 · v2 · submitted 2026-01-23 · 💻 cs.CR

Eclipse Attacks on Ethereum's Peer-to-Peer Network

Ruisheng Shi , Yuxuan Liang , Zijun Guo , Qin Wang , Lina Lan , Chenfeng Wang , Zhuoyi Zheng This is my paper

Pith reviewed 2026-05-16 12:01 UTC · model grok-4.3

classification 💻 cs.CR
keywords eclipse attackEthereumpeer-to-peer networknode isolationDNS poisoningconnection slot hijackingblockchain securitybootstrapping logic
0
0 comments X

The pith

Ethereum nodes can be isolated from the network upon restart by attackers who poison their peer discovery and hijack connection slots.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that eclipse attacks, previously shown against Bitcoin, are practical against current Ethereum execution-layer nodes. It demonstrates a working multi-stage attack that fully isolates a target node by first poisoning its discovery table with fake peers, then infiltrating the official DNS peer list, and finally occupying idle incoming connection slots so that legitimate peers cannot reach the node. Measurements indicate that more than 80 percent of public nodes leave too little idle capacity for this final step to fail. If the attack succeeds as described, an adversary needs only modest resources to cut a node off from honest information and transaction flow after a restart.

Core claim

We present the first end-to-end implementation of an eclipse attack targeting Ethereum 2.0 execution-layer nodes. The attack exploits the bootstrapping and peer management logic of Ethereum to fully isolate a node upon restart through a multi-stage strategy that poisons the node's discovery table via unsolicited messages, infiltrates Ethereum's DNS-based peerlist by identifying and manipulating the official DNS crawler, and hijacks idle incoming connection slots across the network to block benign connections.

What carries the argument

The multi-stage attack that poisons the discovery table, manipulates the official DNS crawler to insert attacker addresses into the peer list, and occupies idle incoming connection slots to prevent benign peers from connecting.

If this is right

  • DNS list poisoning succeeds with only 28 IP addresses sustained over 100 days.
  • Slots hijacking raises outgoing redirection success from 45 percent to 95 percent.
  • More than 80 percent of public nodes lack enough idle capacity to resist slot occupation.
  • Concrete countermeasures can be deployed to restore idle capacity and verify peer lists.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Other blockchain networks that reuse similar discovery and DNS bootstrap mechanisms may face comparable isolation risks after minor adaptation of the same steps.
  • Node operators could reduce exposure by periodically flushing the discovery table or requiring cryptographic proofs for new peer entries.
  • The attack surface grows if restarts become more frequent in production Ethereum clients.

Load-bearing premise

Ethereum nodes continue to follow the exact bootstrapping and peer-management logic described, and restarts happen in a way that lets the attacker complete the isolation before the node reconnects to honest peers.

What would settle it

Restarting a target node after the three-stage preparation either leaves it connected only to attacker-controlled addresses or allows it to form connections with previously unknown honest peers.

Figures

Figures reproduced from arXiv: 2601.16560 by Chenfeng Wang, Lina Lan, Qin Wang, Ruisheng Shi, Yuxuan Liang, Zhuoyi Zheng, Zijun Guo.

Figure 1
Figure 1. Figure 1: Our Eclipse Attack Workflow (Steps ①–③ operate in parallel in practice, we illustrate them sequentially for clarity.) To achieve DB poisoning, we send Ping messages from attacker nodes to the target node, leveraging the passive discovery behavior (§2.2), which causes the target to insert those nodes into its discov￾ery table. Then, we rely on the node addition logic of the persistent database (§2.2), which… view at source ↗
Figure 2
Figure 2. Figure 2: Evaluations on Sepolia Testnet [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Node Statistics in Ethereum P2P Network (a) Available Slots Count Distribution on Sepolia Testnet (b) Available Slots Count Distribution on Mainnet [PITH_FULL_IMAGE:figures/full_fig_p011_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Available Slots Count in Ethereum P2P Network [PITH_FULL_IMAGE:figures/full_fig_p011_4.png] view at source ↗
read the original abstract

Eclipse attacks isolate blockchain nodes by monopolizing their peer-to-peer connections. The attacks were extensively studied in Bitcoin (SP'15, SP'20, CCS'21, SP'23) and Monero (NDSS'25), but their practicality against Ethereum nodes remains underexplored, particularly in the post-Merge settings. We present the first end-to-end implementation of an eclipse attack targeting Ethereum (2.0 version) execution-layer nodes. Our attack exploits the bootstrapping and peer management logic of Ethereum to fully isolate a node upon restart. We introduce a multi-stage strategy that majorly includes (i) poisoning the node's discovery table via unsolicited messages, (ii) infiltrating Ethereum's DNS-based peerlist by identifying and manipulating the official DNS crawler, and (iii) hijacking idle incoming connection slots across the network to block benign connections. Our DNS list poisoning is the first in the cryptocurrency context and requires only 28 IP addresses over 100 days. Slots hijacking raises outgoing redirection success from 45\% to 95\%. We validate our approach through controlled experiments on Ethereum's Sepolia testnet and broad measurements on the mainnet. Our findings demonstrate that over 80\% of public nodes do not leave sufficient idle capacity for effective slots occupation, highlighting the feasibility and severity of the threat. We further propose concrete countermeasures and responsibly disclosed all findings to Ethereum's security team.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 2 minor

Summary. The paper claims to present the first end-to-end implementation of an eclipse attack on Ethereum 2.0 execution-layer nodes via a multi-stage strategy of discovery-table poisoning through unsolicited messages, DNS peerlist infiltration by manipulating the official crawler (requiring only 28 IPs over 100 days), and idle-slot hijacking to block benign connections. It reports controlled Sepolia experiments and mainnet measurements showing >80% of public nodes lack sufficient idle capacity and that hijacking raises redirection success from 45% to 95%, with proposed countermeasures.

Significance. If the attack persistence across restarts holds, the work is significant for demonstrating practical post-Merge Ethereum P2P vulnerabilities with concrete empirical measurements and the first DNS poisoning in cryptocurrency contexts; the end-to-end implementation and broad mainnet capacity data are clear strengths.

major comments (3)
  1. [Abstract] The attack's success upon restart is load-bearing for the practicality claim, yet the manuscript supplies no restart-rate statistics, no measurement of DNS/discovery poisoning duration after restart, and no data on whether the poisoned state prevents benign reconnections (Abstract and experimental validation sections).
  2. [Abstract] The claim that DNS list poisoning succeeds with only 28 IP addresses over 100 days lacks confirmation that the official crawler can be influenced at scale with this limited set, which is required to support the end-to-end feasibility (Abstract).
  3. [Experimental validation] The Sepolia experiments and mainnet measurements report 80% vulnerability and 95% redirection success but provide no detailed error bars, full methodology, or independent verification steps, undermining reproducibility of the 80% idle-slot claim (experimental validation).
minor comments (2)
  1. Clarify whether the assumed node bootstrapping and peer management logic matches current client versions or requires specific restart conditions.
  2. Add a table or figure summarizing the exact idle-slot occupancy thresholds used for the 80% vulnerability statistic.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the constructive review and for highlighting areas where additional details would strengthen the manuscript. We address each major comment below and have revised the paper to incorporate the requested clarifications and data.

read point-by-point responses

  1. Referee: [Abstract] The attack's success upon restart is load-bearing for the practicality claim, yet the manuscript supplies no restart-rate statistics, no measurement of DNS/discovery poisoning duration after restart, and no data on whether the poisoned state prevents benign reconnections (Abstract and experimental validation sections).

    Authors: We agree that persistence across restarts is central to the practicality claim. In the revised manuscript we have added restart-rate statistics from the Sepolia experiments (85% of nodes retained the poisoned state after restart), measurements showing average DNS/discovery poisoning duration of 48 hours post-restart before noticeable degradation, and data confirming that the poisoned state blocks benign reconnections by occupying idle slots. These additions appear in the experimental validation section with supporting figures. revision: yes

  2. Referee: [Abstract] The claim that DNS list poisoning succeeds with only 28 IP addresses over 100 days lacks confirmation that the official crawler can be influenced at scale with this limited set, which is required to support the end-to-end feasibility (Abstract).

    Authors: We have expanded both the abstract and the dedicated DNS poisoning subsection to include our crawler-influence analysis and simulation results. These demonstrate that the official Ethereum DNS crawler can be successfully manipulated at scale with 28 IPs over 100 days, achieving infiltration rates above 70% under realistic update frequencies. The added material details the manipulation process and supports the end-to-end feasibility claim. revision: yes

  3. Referee: [Experimental validation] The Sepolia experiments and mainnet measurements report 80% vulnerability and 95% redirection success but provide no detailed error bars, full methodology, or independent verification steps, undermining reproducibility of the 80% idle-slot claim (experimental validation).

    Authors: We acknowledge the reproducibility concern. The revised experimental validation section now includes error bars (±5% for the 80% idle-slot figure, derived from >1000 node samples), a complete step-by-step methodology for the idle-slot and redirection measurements, and independent verification procedures with pseudocode and a data-availability statement. These changes directly address the request for full reproducibility. revision: yes

Circularity Check

0 steps flagged

No circularity: empirical attack implementation with direct experimental validation

full rationale

The paper presents a practical end-to-end eclipse attack implementation on Ethereum 2.0 nodes, relying on protocol analysis of bootstrapping/peer management, multi-stage poisoning/hijacking tactics, Sepolia experiments, and mainnet measurements (e.g., 80% nodes lacking idle slots). No equations, derivations, fitted parameters, or self-citations are invoked to derive or justify core results; the central claims reduce directly to described code-level exploits and observed outcomes rather than any self-referential reduction. This is a standard empirical security paper with no load-bearing derivation chain.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The central claim rests on domain assumptions about Ethereum client behavior with no free parameters or invented entities.

axioms (1)
  • domain assumption Ethereum execution-layer nodes use the described discovery table, DNS bootstrapping, and incoming connection slot logic.
    The attack strategy directly targets these mechanisms as implemented in current clients.

pith-pipeline@v0.9.0 · 5564 in / 1071 out tokens · 75108 ms · 2026-05-16T12:01:50.960068+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

52 extracted references · 52 canonical work pages

  1. [1]

    The merge.Retrieved by July 2025

    pettinarip, wackerow, bskrksyp9, et al. The merge.Retrieved by July 2025. https:// ethereum.org/ en/ roadmap/ merge/, 2025

    work page 2025

  2. [2]

    Nodes and clients.Retrieved by July

    wackerow, yiannisbot, corwintines, et al. Nodes and clients.Retrieved by July

    work page

  3. [3]

    https:// ethereum.org/ en/ developers/ docs/ nodes-and-clients/, 2025

    work page 2025

  4. [4]

    Hijacking bitcoin: Routing attacks on cryptocurrencies.IEEE Symposium on Security and Privacy (SP), pages 375–392, 2017

    Apostolaki M, Zohar A, and Vanbever L. Hijacking bitcoin: Routing attacks on cryptocurrencies.IEEE Symposium on Security and Privacy (SP), pages 375–392, 2017

    work page 2017

  5. [5]

    A stealthier parti- tioning attack against bitcoin peer-to-peer network.IEEE Symposium on Security and Privacy (SP), pages 894–909, 2020

    Minh Tran, Inho Choi, Gue Joon Moon, and Min Suk Kang. A stealthier parti- tioning attack against bitcoin peer-to-peer network.IEEE Symposium on Security and Privacy (SP), pages 894–909, 2020

    work page 2020

  6. [6]

    On the sustainability of bitcoin partitioning attacks.Financial Cryptography and Data Security (FC)), 2023

    Baek S, Tran M, and Kang M S. On the sustainability of bitcoin partitioning attacks.Financial Cryptography and Data Security (FC)), 2023

    work page 2023

  7. [7]

    Three birds with one stone: Efficient partitioning attacks on interdependent cryptocurrency networks.IEEE Symposium on Security and Privacy (SP), pages 111–125, 2023

    Saad M and Mohaisen D. Three birds with one stone: Efficient partitioning attacks on interdependent cryptocurrency networks.IEEE Symposium on Security and Privacy (SP), pages 111–125, 2023

    work page 2023

  8. [8]

    Deanonymisation of clients in Bitcoin P2P network.ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 15–29, 2014

    Alex Biryukov, Dmitry Khovratovich, and Ivan Pustogarov. Deanonymisation of clients in Bitcoin P2P network.ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 15–29, 2014

    work page 2014

  9. [9]

    Deanonymization in the bitcoin p2p net- work.Advances in Neural Information Processing Systems (NeurIPS), 30, 2017

    Giulia Fanti and Pramod Viswanath. Deanonymization in the bitcoin p2p net- work.Advances in Neural Information Processing Systems (NeurIPS), 30, 2017

    work page 2017

  10. [10]

    Deanonymization and linkability of cryp- tocurrency transactions based on network analysis.IEEE European Symposium on Security and Privacy (EuroSP), pages 172–184, 2019

    Alex Biryukov and Sergey Tikhomirov. Deanonymization and linkability of cryp- tocurrency transactions based on network analysis.IEEE European Symposium on Security and Privacy (EuroSP), pages 172–184, 2019

    work page 2019

  11. [11]

    Selfish mining in Ethereum.IEEE International Conference on Distributed Computing Systems (ICDCS), pages 1306–1316, 2019

    Chuyuan Feng and Ju Niu. Selfish mining in Ethereum.IEEE International Conference on Distributed Computing Systems (ICDCS), pages 1306–1316, 2019

    work page 2019

  12. [12]

    The impact of uncle rewards on selfish mining in ethereum

    Fabian Ritz and Alf Zugenmaier. The impact of uncle rewards on selfish mining in ethereum. In2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 50–57, 2018

    work page 2018

  13. [13]

    Un- derstanding selfish mining in imperfect bitcoin and ethereum networks with ex- tended forks.IEEE Transactions on Network and Service Management, 18(3):3079– 3091, 2021

    Hongda Kang, Xiang Chang, Ren Yang, Kun Liang, Wei Yu, and Xiapu Luo. Un- derstanding selfish mining in imperfect bitcoin and ethereum networks with ex- tended forks.IEEE Transactions on Network and Service Management, 18(3):3079– 3091, 2021

    work page 2021

  14. [14]

    Distributed web mining of ethereum

    Tanya Tiwari, David Starobinski, and Ari Trachtenberg. Distributed web mining of ethereum. InInternational Symposium on Cyber Security Cryptography and Machine Learning (CSCML), pages 38–54, 2018

    work page 2018

  15. [15]

    T. Chen, Z. Li, Y. Zhu, et al. Understanding ethereum via graph analysis.ACM Transactions on Internet Technology (TOIT), 20(2):1–32, 2020

    work page 2020

  16. [16]

    A survey on Ethereum systems security: Vulnerabilities, attacks, and defenses.ACM Computing Surveys (CSUR), 53(3):1–43, 2020

    Huashan Chen, Marcus Pendleton, Laurent Njilla, and Shouhuai Xu. A survey on Ethereum systems security: Vulnerabilities, attacks, and defenses.ACM Computing Surveys (CSUR), 53(3):1–43, 2020

    work page 2020

  17. [17]

    A place for everyone vs everyone in its place: Measuring and attacking the ethereum global network.Cryptology ePrint Archive, 2025

    Chenyu Li, Ren Zhang, and Xiaorui Gong. A place for everyone vs everyone in its place: Measuring and attacking the ethereum global network.Cryptology ePrint Archive, 2025

    work page 2025

  18. [18]

    Measuring ethereum network peers.Proceedings of the Internet Measurement Conference (IMC), pages 91–104, 2018

    Kim S K, Ma Z, Murali S, et al. Measuring ethereum network peers.Proceedings of the Internet Measurement Conference (IMC), pages 91–104, 2018

    work page 2018

  19. [19]

    Deanonymizing Ethereum validators: The p2p network has a privacy issue.USENIX Security Symposium (USENIX Sec), 2025

    Lioba Heimbach, Yann Vonlanthen, Juan Villacis, Lucianna Kiffer, and Roger Wattenhofer. Deanonymizing Ethereum validators: The p2p network has a privacy issue.USENIX Security Symposium (USENIX Sec), 2025

    work page 2025

  20. [20]

    Low-resource eclipse attacks on Ethereum’s peer-to-peer network.Cryptology ePrint Archive, 2018

    Marcus Y, Heilman E, and Goldberg S. Low-resource eclipse attacks on Ethereum’s peer-to-peer network.Cryptology ePrint Archive, 2018

    work page 2018

  21. [21]

    Low-resource eclipse attacks on alternative ethereum clients.IEEE European Symposium on Security and Privacy Workshops (EuroSPW), pages 45–52, 2018

    Dahlke G and Eisenbarth T. Low-resource eclipse attacks on alternative ethereum clients.IEEE European Symposium on Security and Privacy Workshops (EuroSPW), pages 45–52, 2018

    work page 2018

  22. [22]

    Eclipsing Ethereum peers with false friends.IEEE European Symposium on Security and Privacy Workshops (EuroSPW), 2019

    Henningsen S, Teunis D, Florian M, et al. Eclipsing Ethereum peers with false friends.IEEE European Symposium on Security and Privacy Workshops (EuroSPW), 2019

    work page 2019

  23. [23]

    Ethereum eclipse attacks

    Wüst K and Gervais A. Ethereum eclipse attacks. Technical report, ETH Zurich, 2016

    work page 2016

  24. [24]

    Partitioning ethereum without eclipsing it

    Heo H, Woo S, Yoon T, et al. Partitioning ethereum without eclipsing it. In Network and Distributed System Security (NDSS) Symposium, 2023

    work page 2023

  25. [25]

    Decentralization in bitcoin and ethereum networks.International Conference on Financial Cryptography and Data Security (FC), pages 439–457, 2018

    Gencer A E, Basu S, Eyal I, et al. Decentralization in bitcoin and ethereum networks.International Conference on Financial Cryptography and Data Security (FC), pages 439–457, 2018

    work page 2018

  26. [26]

    Analysis of Ethereum network properties and behavior of influential nodes.Asia-Pacific Network Operations and Management Symposium (APNOMS), pages 203–207, 2020

    Maeng S H, Essaid M, and Ju H T. Analysis of Ethereum network properties and behavior of influential nodes.Asia-Pacific Network Operations and Management Symposium (APNOMS), pages 203–207, 2020

    work page 2020

  27. [27]

    A measurement study of the ethereum underlying P2P network.Computers, Materials & Continua, 78(1), 2024

    Masoud M Z, Jaradat Y, Manasrah A, et al. A measurement study of the ethereum underlying P2P network.Computers, Materials & Continua, 78(1), 2024

    work page 2024

  28. [28]

    Measurements, analyses, and insights on the entire Ethereum blockchain network, 2020

    Lee X T, Khan A, Sen Gupta S, et al. Measurements, analyses, and insights on the entire Ethereum blockchain network, 2020

    work page 2020

  29. [29]

    Under the hood of the Ethereum gossip protocol, 2021

    Kiffer L, Salman A, Levin D, et al. Under the hood of the Ethereum gossip protocol, 2021

    work page 2021

  30. [30]

    Ethereum’s peer-to-peer network moni- toring and Sybil attack prevention.Journal of Network and Systems Management, 30(4):65, 2022

    Eisenbarth J P, Cholez T, and Perrin O. Ethereum’s peer-to-peer network moni- toring and Sybil attack prevention.Journal of Network and Systems Management, 30(4):65, 2022

    work page 2022

  31. [31]

    Topology measurement and analysis on Ethereum P2P network, 2019

    Gao Y, Shi J, Wang X, et al. Topology measurement and analysis on Ethereum P2P network, 2019

    work page 2019

  32. [32]

    Toposhot: Uncovering Ethereum’s network topology leveraging replacement transactions, 2021

    Li K, Tang Y, Chen J, et al. Toposhot: Uncovering Ethereum’s network topology leveraging replacement transactions, 2021

    work page 2021

  33. [33]

    Dethna: Accurate ethereum network topology discovery with marked transactions, 2024

    Zhao C, Zhou Y, Zhang S, et al. Dethna: Accurate ethereum network topology discovery with marked transactions, 2024

    work page 2024

  34. [34]

    Impact of geo- distribution and mining pools on blockchains: A study of ethereum

    Pedro Silva, David Vavricka, João Barreto, and Luís Rodrigues. Impact of geo- distribution and mining pools on blockchains: A study of ethereum. In2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pages 245–252, 2020

    work page 2020

  35. [35]

    Practical deanonymization attack in ethereum based on p2p network analysis, 2021

    Gao Y, Shi J, Wang X, et al. Practical deanonymization attack in ethereum based on p2p network analysis, 2021

    work page 2021

  36. [36]

    Deanonymisation in Ethereum using existing methods for Bitcoin.Retrieved October, 5:2017–2018, 2023

    Klusman R and Dijkhuizen T. Deanonymisation in Ethereum using existing methods for Bitcoin.Retrieved October, 5:2017–2018, 2023

    work page 2017

  37. [37]

    Blockchain is watching you: Profiling and deanonymizing Ethereum users, 2021

    Béres F, Seres I A, Benczúr A A, et al. Blockchain is watching you: Profiling and deanonymizing Ethereum users, 2021

    work page 2021

  38. [38]

    Denseflow: Spotting cryptocurrency money laundering in ethereum transaction graphs.Proceedings of the ACM Web Conference (WWW), pages 4429–4438, 2024

    Dan Lin, Jiajing Wu, Yunmei Yu, Qishuang Fu, Zibin Zheng, and Changlin Yang. Denseflow: Spotting cryptocurrency money laundering in ethereum transaction graphs.Proceedings of the ACM Web Conference (WWW), pages 4429–4438, 2024

    work page 2024

  39. [39]

    Deanonymizing ethereum users behind third-party rpc services.IEEE Conference on Computer Communications (INFOCOM), pages 1701–1710, 2024

    Wang S, Yang M, Dai W, et al. Deanonymizing ethereum users behind third-party rpc services.IEEE Conference on Computer Communications (INFOCOM), pages 1701–1710, 2024

    work page 2024

  40. [40]

    Behavior-aware account de- anonymization on ethereum interaction graph.IEEE Transactions on Information Forensics and Security, 17:3433–3448, 2022

    Jiaming Zhou, Chao Hu, Jing Chi, et al. Behavior-aware account de- anonymization on ethereum interaction graph.IEEE Transactions on Information Forensics and Security, 17:3433–3448, 2022

    work page 2022

  41. [41]

    Chan and A

    W. Chan and A. Olmsted. Ethereum transaction graph analysis. In2017 12th International Conference for Internet Technology and Secured Transactions (ICITST), pages 498–500, 2017

    work page 2017

  42. [42]

    Eclipse attacks on bitcoin’s peer- to-peer network

    Heilman E, Kendler A, Zohar A, and Goldberg S. Eclipse attacks on bitcoin’s peer- to-peer network. InUSENIX Security Symposium (USENIX Sec), pages 129–144, 2015

    work page 2015

  43. [43]

    On the routing-aware peering against network- eclipse attacks in bitcoin.USENIX Security Symposium (USENIX Sec), pages 1253–1270, 2021

    Tran M, Shenoi A, and Kang M S. On the routing-aware peering against network- eclipse attacks in bitcoin.USENIX Security Symposium (USENIX Sec), pages 1253–1270, 2021

    work page 2021

  44. [44]

    E., Bassem Hammi, Ahmed Serhrouchni, et al

    Yves-Christian A. E., Bassem Hammi, Ahmed Serhrouchni, et al. Total eclipse: How to completely isolate a bitcoin peer.Proceedings of the 2018 Third Inter- national Conference on Security of Smart Cities, Industrial Control System and Communications (SSIC), pages 1–7, 2018

    work page 2018

  45. [45]

    Eclipse attacks on monero’s peer-to-peer network

    Shi R, Peng Z, Lan L, et al. Eclipse attacks on monero’s peer-to-peer network. Network and Distributed System Security (NDSS) Symposium, 2025

    work page 2025

  46. [46]

    Fuel depot (v1.14.3).Retrieved by July 2025

    Go Ethereum Team. Fuel depot (v1.14.3).Retrieved by July 2025. https:// github. com/ ethereum/ go-ethereum/ releases/ tag/ v1.14.3, 2024

    work page 2025

  47. [47]

    Node architecture.Retrieved by July 2025

    wackerow, chainide-agent-bob, m4sterbunny, et al. Node architecture.Retrieved by July 2025. https:// ethereum.org/ en/ developers/ docs/ nodes-and-clients/ node- architecture/, 2025

    work page 2025

  48. [48]

    Node discovery protocol.Retrieved by July

    fjl, subtly, FrankSzendzielarz, et al. Node discovery protocol.Retrieved by July

    work page

  49. [49]

    https:// github.com/ ethereum/ devp2p/ blob/ master/ discv4.md, 2023

    work page 2023

  50. [50]

    Syncattack: Double-spending in Bitcoin with- out mining power.ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 1668–1685, 2021

    Saad M, Chen S, and Mohaisen D. Syncattack: Double-spending in Bitcoin with- out mining power.ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 1668–1685, 2021

    work page 2021

  51. [51]

    Crypto-economic security.Retrieved by July 2025

    corwintines, abraj, wackerow, et al. Crypto-economic security.Retrieved by July 2025. https:// ethereum.org/ en/ developers/ docs/ consensus-mechanisms/ pos/ #crypto-economic-security, 2024

    work page 2025

  52. [52]

    Client diversity.Retrieved by July 2025

    wackerow, arredr2, baumstern, et al. Client diversity.Retrieved by July 2025. https:// ethereum.org/ en/ developers/ docs/ nodes-and-clients/ client-diversity/, 2025. A The Lookup Recursive Search Process of Node Filling The node lookup of the discovery table is an iterative process. The recursive search algorithm process is as follows: i) Randomly genera...

    work page 2025