区块链论文速读 CCF A--CCS 2025 (2) 附pdf下载

Ne0inhk

23 Mar 2026 — 13 min read

Conference：ACM CCS 2025

CCF level：CCF A

Year：2025

Conference time：October 13-17, 2025

区块链论文速读 CCF A--CCS 2025 (1) 附pdf下载

Title:

On Frontrunning Risks in Batch-Order Fair Systems for Blockchains

关于区块链批处理订单公平系统中的抢跑风险

Authors:

Key words:

Blockchain, Batch-Order Fairness, Decentralized Sequencing, Fron-trunning Attack

区块链、批量订单公平性、去中心化排序、抢跑攻击

Abstract:

In timing-sensitive blockchain applications, such as decentralized finance (DeFi), achieving first-come-first-served (FCFS) transaction ordering among decentralized nodes is critical to prevent frontrunning attacks. Themis [CCS'23], a state-of-the-art decentralized FCFS ordering system, has become a key reference point for high-throughput fair ordering systems for real-world blockchain applications, such as rollup chains and decentralized sequencing, and has influenced the design of several subsequent proposals. In this paper, we critically analyze its core system property of practical batch-order fairness and evaluate the frontrunning resistance claim of Themis. We present the Ambush attack, a new frontrunning technique that achieves nearly 100% success against the practical batch-order fair system with only a single malicious node and negligible attack costs. This attack causes a subtle temporary information asymmetry among nodes, which is allowed due to the heavily optimized communication model of the system. A fundamental trade-off we identify is a challenge in balancing security and performance in these systems; namely, enforcing timely dissemination of transaction information among nodes (to mitigate frontrunning) can easily lead to non-negligible network overheads (thus, degrading overall throughput performance). We show that it is yet possible to balance these two by delaying transaction dissemination to a certain tolerable level for frontrunning mitigation while maintaining high throughput. Our evaluation demonstrates that the proposed delayed gossiping mechanism can be seamlessly integrated into existing systems with only minimal changes.

在对时间敏感的区块链应用（如去中心化金融（DeFi））中，在去中心化节点之间实现先到先得（FCFS）的交易排序对于防范抢跑攻击至关重要。Themis [CCS'23] 作为最先进的去中心化 FCFS 排序系统，已成为现实世界区块链应用（如 Rollup 链和去中心化排序）中高吞吐量公平排序系统的关键参考，并影响了后续多项提案的设计。本文对 Themis 的核心系统属性——实用批处理顺序公平性进行了批判性分析，并评估了其抗抢跑能力的宣称。我们提出了一种名为“伏击（Ambush）”的新型抢跑技术，仅需单个恶意节点且攻击成本微乎其微，即可对实际批处理顺序公平系统实现近100%的成功率。该攻击会在节点间引发微妙的临时信息不对称，而这种现象正是由于系统高度优化的通信模型所允许的。我们发现了一个根本性的权衡难题：即在这些系统中平衡安全性与性能的挑战；具体而言，强制节点之间及时传播交易信息（以缓解抢跑）很容易导致不可忽视的网络开销（从而降低整体吞吐量性能）。我们证明，通过将交易传播延迟至可容忍的范围以缓解抢跑，同时保持高吞吐量，仍可实现二者之间的平衡。我们的评估表明，所提出的延迟闲聊机制只需极小的改动，即可无缝集成到现有系统中。

Pdf下载链接:

https://dl.acm.org/doi/10.1145/3719027.3744879

Title:

Aegis: Tethering a Blockchain with Primary-Chain Stake

Aegis：通过主链质押将区块链进行绑定

Authors:

Key words:

Byzantine Consensus, BFT, Byzantine fault tolerance, Blockchain,Reconfiguration

拜占庭共识、BFT、拜占庭容错、区块链、重配置

Abstract:

Blockchains implement decentralized monetary systems and applications. Recent advancements enable what we call tethering a blockchain to a primary blockchain, securing the tethered chain by nodes that post primary-chain tokens as collateral. The collateral ensures nodes behave as intended, until they withdraw it. Unlike a Proof of Stake blockchain which uses its own token as collateral, using primary-chain tokens shields the tethered chain from the volatility of its own token. State-of-the-art tethered blockchains either rely on centralization, or make extreme assumptions: that all communication is synchronous, that operators remain correct even post-withdrawal, or that withdrawals can be indefinitely delayed by tethered-chain failures. We prove that with partial synchrony, there is no solution to the problem. However, under the standard assumptions that communication with the primary chain is synchronous and communication among the tethered chain nodes is partially synchronous, there is a solution. We present a tethered-chain protocol called Aegis. Aegis uses references from its blocks to primary blocks to define committees, checkpoints on the primary chain to perpetuate decisions, and resets to establish new committees when previous ones become obsolete. It ensures safety at all times and rapid progress when latency among Aegis nodes is low.

区块链实现了去中心化的货币系统和应用。最近的技术进步使得我们能够将一条区块链“绑定”到主链上，通过节点将主链代币作为抵押品来保障被绑定链的安全。该抵押品确保节点按照预期行为，直到它们提取抵押品为止。与使用自身代币作为抵押的权益证明（PoS）区块链不同，使用主链代币能使绑定链免受自身代币价格波动的影响。当前最先进的绑定区块链要么依赖中心化机制，要么基于极端假设：即所有通信均为同步的、节点运营商在提取抵押品后仍保持正确行为，或者绑定链故障可无限期延迟提取操作。我们证明，在部分同步的情况下，该问题无解。然而，在“与主链的通信是同步的，而锚定链节点间的通信是部分同步的”这一标准假设下，该问题是有解的。我们提出了一种名为 Aegis 的锚定链协议。Aegis 利用其区块对主链区块的引用来定义委员会，利用主链上的检查点来延续决策，并在旧委员会过时后通过重置来建立新委员会。该协议在 Aegis 节点间延迟较低时，既能确保始终如一的安全性，又能实现快速进展。

Pdf下载链接:

https://dl.acm.org/doi/10.1145/3719027.3744885

Title:

Denial of Sequencing Attacks in Ethereum Layer 2 Rollups

以太坊第二层Rollup中对排序攻击的防范

Authors:

Key words:

Layer 2 Rollups, Denial of Sequencing Attacks

第二层Rollup，序列拒绝攻击

Abstract:

Layer 2 rollups offer promising solutions to address Ethereum's scalability issues. However, the centralized nature of the sequencer in these rollups makes them vulnerable to denial of service attacks, in which adversaries overwhelm the sequencer with invalid transactions that cannot be included in blocks, thereby exhausting its computational resources for transaction processing. To mitigate such threat, layer 2 rollups implement the legality check mechanism to filter out invalid transactions before they reach the sequencer.

In this work, we unveil a novel denial of sequencing attack that disrupts the liveness of layer 2 rollups at zero cost by bypassing the legality check. Specifically, our attack enables an adversary to craft malicious invalid transactions that bypass the legality check but are ultimately discarded by the sequencer after execution. As a result, the adversary can exhaust the sequencer's computational resources without incurring any fees. To construct such malicious transactions, we propose two approaches: a side-channel based approach and an incomplete check based approach, both of which rely on underlying vulnerabilities in rollups. Additionally, we investigate two widely used rollups, i.e., Arbitrum and Polygon zkEVM, and uncover four unknown vulnerabilities within them, which can be exploited to launch our attack using the two proposed approaches. Through extensive experiments conducted in a local environment, we demonstrate that all our attack variants, each exploiting distinct vulnerabilities, lead to severe attack effects at zero cost. Moreover, we discuss three feasible mitigations against our attack. At the time of writing, both the vulnerabilities and our attack have been acknowledged by the respective official teams, who have awarded us bug bounties to highlight the severity of our findings.

第二层Rollup为解决以太坊的可扩展性问题提供了极具前景的解决方案。然而，这些Rollup中排序器的中心化特性使其容易受到拒绝服务攻击：攻击者会向排序器发送大量无法被纳入区块的无效交易，从而耗尽其处理交易的计算资源。为缓解此类威胁，第二层Rollup实现了合法性检查机制，以在无效交易到达排序器之前将其过滤掉。

在本研究中，我们揭示了一种新型的“排序拒绝”攻击，该攻击通过绕过合法性检查，以零成本破坏第二层 Rollup 的活性。具体而言，我们的攻击使攻击者能够构造恶意无效交易，这些交易虽能绕过合法性检查，但在执行后最终会被排序器丢弃。结果，攻击者无需支付任何费用即可耗尽排序器的计算资源。为构造此类恶意交易，我们提出了两种方法：基于侧信道的方案和基于不完整检查的方案，二者均依赖于 Rollup 底层的漏洞。此外，我们研究了两种广泛使用的 Rollup 方案——Arbitrum 和 Polygon zkEVM，并发现了其中的四个未知漏洞，这些漏洞可被利用来通过上述两种方法发起攻击。通过在本地环境进行的广泛实验，我们证明了所有攻击变体（每种均利用不同的漏洞）都能在零成本的情况下造成严重的攻击后果。此外，我们还讨论了三种可行的缓解措施。截至本文撰写之时，相关官方团队已确认这些漏洞及我们的攻击，并向我们颁发了漏洞赏金，以彰显我们发现问题的严重性。

Pdf下载链接:

https://dl.acm.org/doi/10.1145/3719027.3765100

Title:

Realizing Corrupted-Shard Tolerance: A Sharding Blockchain with Preserving Global Resilience

实现受损分片容错：一种在保持全局弹性前提下的分片区块链

Authors:

Key words:

Sharding Blockchain, Consensus, Byzantine Fault Tolerance

区块链分片、共识、拜占庭容错

Abstract:

Blockchain sharding is a promising approach to enhancing scalability by partitioning the network into smaller, parallel shards. However, existing sharding blockchains that rely on Byzantine fault tolerance protocols require large shard sizes to meet strict security thresholds, limiting scalability, while relaxing security parameters can lead to liveness and safety violations. In this work, we present Camael, a secure sharding blockchain that achieves corrupted-shard tolerance through effective detection and processing mechanisms for both liveness and safety violations. Specifically, fake liveness violations forged by malicious nodes are accurately detected via a two-phase reporting and confirmation mechanism, while concealed safety violations are efficiently identified using a lightweight snapshot mechanism. Furthermore, a state determination process ensures overall system consistency. Malicious nodes are precisely identified through a conviction mechanism, which enables the replacement of the targeted nodes and the reconfiguration of the shards. Notably, Camael ensures security while preserving a global fault tolerance of 1/3 and tolerating corrupted shards, with each shard accommodating up to 2/3 malicious nodes. Extensive experiments conducted on 2000 AWS EC2 nodes across 4 regions demonstrate that Camael improves throughput by 3.56 times compared to the baseline (Kronos, NDSS'25), achieving a throughput of 109.3 ktx/sec, while the violation processing requires only 1.64 sec.

区块链分片是一种极具前景的方法，通过将网络划分为更小的并行分片来提升可扩展性。然而，现有依赖拜占庭容错协议的分片区块链需要较大的分片规模才能满足严格的安全阈值，这限制了可扩展性；而放宽安全参数则可能导致活性与安全性违规。在本研究中，我们提出了一种名为Camael的安全分片区块链，它通过针对活性与安全性违规的有效检测和处理机制，实现了对受损分片的容忍。具体而言，恶意节点伪造的虚假活性违规会通过两阶段报告与确认机制被准确检测出来，而隐蔽的安全性违规则借助轻量级快照机制得到高效识别。此外，状态确定过程确保了系统的整体一致性。通过定罪机制可精确定位恶意节点，从而实现目标节点的替换及分片的重新配置。值得注意的是，Camael在确保安全性的同时，保持了1/3的全局容错率并能容忍分片受损，每个分片最多可容纳2/3的恶意节点。在 4 个区域的 2000 个 AWS EC2 节点上进行的广泛实验表明，与基线方案（Kronos，NDSS'25）相比，Camael 将吞吐量提高了 3.56 倍，达到 109.3 ktx/sec，而违规处理仅需 1.64 秒。