Research Summary: Mitigating Game Theoretic Vulnerabilities in Chainlink

TLDR

• This research discussed the vulnerability of Schelling game security models in Chainlink systems.
• Chainlink provides DeFi protocol with off-chain data on price feeds and incentivizes participants through a coordination game. However, it has been discovered that the coordination game can be misaligned when the expected profit of dishonest behavior outweighs the expected profit of honest behavior which is usually induced by an external adversary.
• The research proposed two models to mitigate this occurrence. The first is to decrease the expected profits of dishonest behavior. The second is to make incentives transparent by allowing the majority of the LINK token holders to fork the network and burn the token in possession of dishonest behavior. This research is important because Chainlink is probably the most used decentralized oracle solution in DeFi protocols for pricing feeds.

Core Research Question

How can game-theoretic security vulnerabilities in Chainlink be mitigated?

Citation

Dekker, H., Ersoy, O., and Erkin, Z. (2021). Mitigating game theoretic vulnerabilities in Chainlink. Retrieved from https://repository.tudelft.nl/islandora/object/uuid:b9a62989-f7b3-4334-af27-c4cde929d7df

Background

• Oracles: These are mechanisms that provide blockchain networks with data that only exists outside of the networks, such as asset prices.
• Chainlink: A decentralized oracle network that provides real-world data to smart contracts on the blockchain.
• DeFi: Financial services that operate on distributed networks with no central intermediaries.
• DeFi oracles: Third-party service enabling blockchain smart contracts to access external, real-world data.
• Hard fork: A radical change to a network’s protocol that makes previously invalid blocks and transactions valid, or vice-versa.
• Schelling point: This is a coordination game where people respond based on what they think the other person’s response will be.
• Short selling: A trading strategy that speculates on the decline in a security’s price.
• LINK tokens: This is an ERC677 token that inherits functionality from the ERC20 token standard and allows token transfers to contain a data payload.
• Misaligned incentives: In this paper is when the expected profit of dishonest behavior outweighs the expected profit of honest behavior, which can happen through manipulation of the incentives by an external adversary.
• p+ε attack: This is a collusion strategy in a schelling game where an attacker essentially bribes voters with more payoff to choose a specific option.
• Strictly dominant Strategy: A strategy is strictly dominant if that strategy always yields a player the largest expected profit compared to other strategies, regardless of the strategy chosen by the other players.

Summary

• DeFi protocols often require off-chain data to compute and determine pricing feeds and thus rely on oracles to supply them with this off-chain information. DeFi protocols usually rely on centralized oracles which may be unreliable since there is a possibility of the operators of the Oracle gaining more from dishonest behavior.
• Chainlink was established to offer decentralized oracle infrastructure and thus mitigate the security risk created by centralized oracle. In the chainlink protocol, nodes are induced to provide correct answers by using a scheming game-based system.
• The Chainlink protocol rewards nodes for providing honest answers and punishes dishonest nodes. In addition to these security measures, the Chainlink whitepaper proposed a super-linear staking mechanism that divided the protocol into Tier 1 and Tier 2. Tier 1 stakes a security deposit to vote honestly and which will be lost if Tier 2 is alerted of a manipulation of Tier 1 outcome. If Tier 2 majority nodes decide that the majority votes of Tier 1 are manipulated, the aggregated security deposits will be rewarded to the single node that alerted Tier 2.
• However, where Tier 2 is completely dishonest itself, dishonest behavior will dominate the strategy of Tier 1 and thus produce dishonest results. In the Chainlink Schelling game, the Tier 2 nodes are incentivized by future revenue which makes it difficult for users to verify whether Tier 1 has been incentivized to produce honest behavior. This situation as agreed by the researchers presents a security vulnerability that can be manipulated in favor of dishonest voters.
• To mitigate this lack of transparency and allow users to verify whether honest behavior is a strictly dominant strategy for Tier 1 nodes, the researchers proposed two models that can mitigate these vulnerabilities and introduce transparency in Chainlink.
  • The first is a proposal requiring chainlink Tier 2 nodes to hold LINK tokens on the assumption that the market value of the LINK tokens will substantially decrease when it is found out that the system has been compromised. However, a dishonest majority may bypass this mitigation by short selling through a protocol for loanable Funds or DeFi derivative markets.
  • The second mitigation proposed builds on the first mitigation by enabling a majority of LINK token holders to fork the network and burn the tokens held by malicious Tier 2 nodes.

Method

• The researchers deployed mathematical and logical proof to explain how the model proposed can mitigate the game theoretic vulnerabilities in Chainlink.
• To show the security vulnerability of chainlink, the researchers used a hypothesis to show that where Tier 2 node is completely reliable, providing correct data will strictly dominate providing incorrect in Tier 1 node, unless the profit by corruption exceeds a certain lower bound. However, where Tier 2 is dishonest completely, dishonest behavior becomes the dominant strategy for Tier 1.
• To improve Tier 2 incentives, the researchers proposed a mechanism that requires Tier 2 nodes to lock certain LINK tokens in a smart contract for a certain amount of time under the assumption that the market value of LINK tokens will substantially decrease when the market finds out the system has not functioned correctly.

Results

• The researchers discovered that while some game theoretic analyses of blockchain-based systems exist, no formal study has been done on the incentives securing the Chainlink system.

• The research discovered that Tier 2 node incentives in Chainlink lack transparency which creates game-theoretic vulnerability.

  Current Tier 2 Incentives
  As we have shown, what strategy is strictly dominant for Tier 1 nodes depends on an honest Tier 2. In Table 4 we show the incentives of Tier 2 node N2 as proposed, while the variables are defined in Table 3.

  

  cl1815×917 39.2 KB
  
  
  

  cl2859×409 14.9 KB

• Since the value of 𝐹 is not known by users, and depends on multiple ambiguous factors such as the desire of nodes to keep participating in the Chainlink system in the future, users can not verify whether or not 𝐹 + Δ𝐹 > 𝑀 + 𝐵 + 𝑆 and thus whether Tier 2 (and consequently Tier 1) is well incentivized to act honestly. It is not clear either how to estimate the value of Δ𝐹. This value may be positive on grounds of a share of future Chainlink data requests going from dishonest to honest nodes, but the value may also be negative if this dishonest consensus of Tier 2 would lead to a decrease in future Chainlink usage.

• The study proposes mitigation which enables users to assess the agent incentives of Chainlink nodes such that they can verify whether honest behavior is a strictly dominant strategy for all participants.

Discussion and Key Takeaways

• Schelling game vulnerability: The researchers explained that lack of transparency in Tier 2 nodes in schelling game orchestrates game theoretic vulnerability in chainlink because users will not be able to determine whether Tier 1 nodes have been incentivized to produce honest votes.
• Chainlink security model: They discovered that the current security model in the Chainlink whitepaper lacks transparency making it vulnerable to malicious Tier 2 nodes
• Mitigations: The researchers proposed two mitigation models for this vulnerability.
  • The first mitigation is to lock up a certain amount of LINK tokens in a smart contract for a certain period on the assumption that the market value of the token will be decreased when the market finds out that the system was dishonest.
  • The second mitigation builds on the first mitigation by allowing the majority of LINK token holders to fork the network and burn the token held by malicious Tier 2 nodes to make Tier 2 nodes transparent because users can verify whether or not Tier 1 has been incentivized by Tier 2 nodes to produce honest votes.

Implications and Follow-ups

• This paper sets the tone for discussion on the vulnerability of incentive mechanisms of Chainlink and schelling game theory.

Applicability

• The research will be useful to Decentralized Oracle Network (DON) developers in crafting new DON.
• The research will help protocols like DeFi that use Chainlink for off-chain data to understand the network’s flaws and how to work around them.
• The research explains the risk vulnerability of schelling game used in Chainlink and how it can be resolved, therefore, it promotes a better understanding of web3 generally.

DONs are additionally mostly built on Ethereum and other chains, and LINK acts as the utility token for the Chainlink network, which solves the “oracle problem” by offering “reliable tamper-proof inputs and outputs for complex smart contracts on any blockchain” in addition to acting as a trust-minimized middleware. The LINK project might connect blockchains to use cases from the conventional world of finance, including payment gateways, financial agreements, and insurance, in addition to serving as a key stepping stone for DeFi.
describing ongoing DON design enhancements that, among other goals, are particularly focused on guaranteeing network security as Chainlink scales and maintaining node operators’ sufficient incentives to support Oracle services. Chainlink discussed DONs and how they converse with each other in both directions.

Thank you @Stallonaking for your comment

Hello @samuel94, Weldon job, I notice that
Chainlink proposed a unique security model as an improvement to their current security model, with a mechanism called super-linear staking. But this model has been criticized for relying too much on trust in participants of the system who have previously shown good behaviour.

I think the game theoretic risks and possible mitigations of these risks in this security model have not been formally scrutinized. I think I equally observed that the second mitigation as you highlighted serves as a method of last resort, and hard forks are not expected to happen often, the possibility of such a fork might require changes in the functionality of DeFi protocols relying on Chainlink. I just have some few general questions for you.

1. Having known that this model has been criticized, what is your your recommendation on that?

2. is it obvious that when more worth is traded through DeFi conventions, more benefit can possibly be acquired by defiling the pre-owned prophets like Chainlink?

3. is it unworkable to quantify the apparent worth of this future income according to the viewpoint of Level 2 hubs for clients depending on Chainlink prophets?

4. At what point can incentive be skewed?

Thank you @Henry for your comments. The two solutions have been proposed by the researcher, one us to enable participants lock certain amount of tokens in the smart, do that in the even the system is compromised, market value of the token will go down, thus making them to lose their tokens. This it is believed will prevent dishonest behaviour.

The second solution is to fork the whole system making it possible for malicious token holders to lose their tokens .

Imagine that you’re a sheep farmer. You purchase a dog and a lion and tame them until they become gentle enough to protect your sheep from wolves. The dog manages the sheep while the lion checks the dog to ensure it doesn’t hurt the sheep. So what happens when the lion decides to prey on the sheep?

My analogy looks like a lazy one. However, I trust that you got a hint of the point. This analogy is synonymous to the case of Chainlink where the lion represents Tier 2 nodes, the dog represents the Tier 1 nodes, and the sheep represents the users on the network.

I hope that you get an additional understanding of the whole concept of game theory in Chainlink after reading this comment. I’ll align my writing with that of the original contributor @Samuel94 to talk about:

• Incentive and security on Chainlink
• Users and why they matter
• Why Chainlink matters in the first place.

Incentive and security on Chainlink
Every decentralized network or blockchain has a way of rewarding those (validators) helping the network function as intended. This is popularly known as an incentive mechanism. For Bitcoin and other Proof of Work blockchains, the block reward and transaction fees serve as the incentive.

However, Chainlink is not a blockchain. In its 2021 whitepaper, it proposed using two types of nodes to help the network function as intended. The nodes are divided into two tiers: 1 and 2. Tier 2 is superior to Tier 1 just like in the lion-dog analogy. Tier 2 nodes ensure that Tier 1 nodes act honestly.

To participate as a Tier 1 node, you’re required to buy a stipulated amount of Link tokens and lock up as a collateral to ensure you act honestly. If by stroke of chance you decide to act dishonestly, your tokens will be slashed and given to the whistle blower, that way, you are punished and the whistleblower is rewarded for good behavior.

The decision to slash your token is made by tier 2 nodes.

However, Tier 2 can act dishonestly too, thus the reason for the vulnerability and the subsequent proposed solutions.

Why Chainlink matters in the first place

Smart contracts do not have the capacity to settle internal transactions that depend on external events.

If a football gambling site is built on a blockchain, and gamblers make their bets on the smart contract, the smart contract needs the help of an oracle to supply it with the football match outcomes. This way the conditions of the smart contract can be met. This is what oracles like Chainlink do.

Chainlink is a decentralized oracle as opposed to centralized oracles whose data can easily be manipulated or hijacked.

CoinGecko recognises Chainlink as the most popular oracle based on its current $2.8 billion market cap.

Top DeFi protocols such as Aave, Compound, and Synthetix depend on ChainLink to settle their transactions. Chainlink supports over 14 blockchains and Layer 2s in addition to having processed over 6 trillion + transactions.

I believe you can now understand the importance on Chainlink on blockchain ecosystem.

Users and why they matter
The very first goal of blockchain technology is to encourage and promote decentralization, security, and privacy for users. And all this has to happen without the need for an individual to trust another individual, hence called a trustless system.

According to @Samuel94 from this research summary, the researchers notice that users cannot tell if the incentive mechanism in Chainlink ensures the nodes in Chainlink act honestly. In other words, user can’t directly tell the security situation for Chainlink mechanism by examining its incentive mechanism.

If a user cannot directly tell that a blockchain or associated network is open and secure, it breaks the basic rule of decentralized networks and could hinder the growth of such a network.

Blockchain networks are made for users to meet their needs and such needs include security and transparency.

@Samuel94, from this research summary, the researchers notice that users cannot tell if the incentive mechanism in Chainlink ensures the nodes in Chainlink act honestly. In other words, user can’t directly tell the security situation for Chainlink mechanism by examining its incentive mechanism.

If a user cannot directly tell that a blockchain or associated network is open and secure, it breaks the basic rule of decentralized networks and could hinder the growth of such a network.

Blockchain networks are made for users to meet their needs and such needs include security and transparency.

@Samuel94 from this research summary, the researchers notice that users cannot tell if the incentive mechanism in Chainlink ensures the nodes in Chainlink act honestly. In other words, user can’t directly tell the security situation for Chainlink mechanism by examining its incentive mechanism.

If a user cannot directly tell that a blockchain or associated network is open and secure, it breaks the basic rule of decentralized networks and could hinder the growth of such a network.

Blockchain networks are made for users to meet their needs and such needs include security and transparency.

@Samuel94, this is an invaluable work presented in a simple language, good job!

@Ulysses you have even made it simpler with easy analogy. This should be up for comment of the month

This is an amazing summary @Samuel94. It is an enlightening piece.

This research made us to understand that the Tier 2 is at the helm in helping to mitigate this attack.

However, Tier 2 has its own security flaws, hence, the 2 mitigation approaches proposed by the researcher, where the second approach builds on the outcome of the first.

Since the first mitigation approach does not completely mitigate on dishonest behaviour as majority may bypass through short selling,

is there a means to curb this, as it still leaves it vulnerable?

Also, Tier 2 nodes needs to lock some certain amount of LINK token for some period of time; is there a duration for this?

Is there a possibility that during/after this time in which the LINK token is locked, and the market value of LINK token does not decrease, that the system has functioned correctly?

Thank you @Chrisarch .The second model proposed by the researcher is a way to curb it.

Also, the time limit is determined by the transaction. Once the transaction is extant, the LINK token will remain locked

@Samuel94 Thank you very much for this fantastic summary.

The idea is that after a manipulation by a dishonest Tier 2 majority, honest Chainlink participants initiate a hard fork of the network. Such hard forks are used if a substantial part of a community
participating in a blockchain network, no longer accept a previous state of the network For the Chainlink system it means, that stakeholders
can create a new copy of the network in which the malicious participants lose their tokens st (value of LINK token held).

The assumption is that the market recognizes that an
attack has been attempted, and recognizes the new
fork as the legitimate network. As a consequence,
the tokens in the original network would become
worthless, and since the tokens of adversaries have
been removed in the new network, effectively, they lost st.

@Samuel94 I apprecaite the work you have put in coming up with this summary. I will attempt to answer your research question and I hope this adds to this body of knowlege.

Chainlink is a decentralized oracle network that allows smart contracts on the blockchain to securely access off-chain data and other external resources. As with any decentralized system, Chainlink is vulnerable to game-theoretic security vulnerabilities, which are vulnerabilities that arise due to the incentives and motivations of the participants in the system.

There are a number of ways in which game-theoretic security vulnerabilities in Chainlink can be mitigated. Some potential approaches include:

1. Designing the system to have appropriate incentives: Ensuring that the incentives for the participants in the system are aligned with the goals of the system can help to mitigate game-theoretic vulnerabilities. For example, in the case of Chainlink, this could involve designing the system to incentivize the provision of accurate data by oracles.

2. Ensuring diversity and decentralization: A decentralized and diverse network can be more resilient to game-theoretic vulnerabilities, as it is less likely that a single group of actors can coordinate to manipulate the system.

3. Implementing reputation systems: Reputation systems can be used to incentivize good behavior and discourage malicious behavior in the system. In the case of Chainlink, this could involve implementing a reputation system for oracles that rewards oracles that provide accurate data and punishes those that provide incorrect or malicious data.

4. Using cryptographic techniques: Cryptographic techniques, such as zero-knowledge proofs and secure multiparty computation, can be used to help prevent malicious actors from manipulating the system.

Overall, game-theoretic vulnerabilities are a significant challenge in decentralized systems, and there is no single solution that can completely mitigate these vulnerabilities. Instead, it is likely that a combination of approaches will be needed to effectively address these challenges.