Abstract
Ethereum is taken as the representative of the 2nd generation of blockchain system, and has been widely used in many applications. Different from Bitcoin system, Ethereum introduces the concept of account, so that the balance inquiry and transaction validation could be performed with lower complexity. Since the information of each account is not stored in the blockchain but in the local database, it is prone to be modified. This paper studied the balance inquiry process in Ethereum based on the source code, and found that the balance of an account could be easily modified, and the value will not be validated based on the state root in the block header when used for transaction validation. Tests based on a small scale private Ethereum network show that if the balance of an account is modified in the database on all participating nodes, the invalid transaction based on the modified balance would be taken as a valid one and packed in the blockchain. This could be a big problem for the application where a private blockchain is built based on Ethereum with small number of nodes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Buterin, V.: Ethereum white paper, June 2019. https://github.com/ethereum/wiki/wiki/White-Paper
Kehrli, J.: Blockchain 2.0 - from bitcoin transactions to smart contract applications (2016). https://goo.gl/CcDx4J
Chen, T., Zhu, Y., Li, Z., et al.: Understanding ethereum via graph analysis. In: IEEE INFOCOM 2018 - IEEE Conference on Computer Communications, Honolulu, HI, pp. 1484–1492 (2018)
Wang, S., Ouyang, L., Yuan, Y., et al.: Blockchain-enabled smart contracts: architecture, applications, and future trends. IEEE Trans. Syst. Man Cybern.: Syst. 49(11), 2266–2277 (2019)
Yuan, Y., Wang, F.-Y.: Blockchain: the state of the art and future trends. Acta Automatica Sinica 42(4), 481–494 (2016)
Han, X., Yuan, Y., Wang, F.-Y.: Security problems on blockchain: the state of the art and future trends. Acta Automatica Sinica 45(1), 206–225 (2019)
Wood, G., Antonopoulos, A.M.: Mastering Ethereum, Sebastopol, California. O’Reilly Medica Inc, Sebastopol (2018)
Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper, vol. 151, pp. 1–32 (2014)
Acknowledgments
This work is supported by the Tianjin Natural Science Foundation (19JCYBJC15700).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gao, Z., Zhang, D., Zhang, J. (2020). A Security Problem in Small Scale Private Ethereum Network. In: Zheng, Z., Dai, HN., Fu, X., Chen, B. (eds) Blockchain and Trustworthy Systems. BlockSys 2020. Communications in Computer and Information Science, vol 1267. Springer, Singapore. https://doi.org/10.1007/978-981-15-9213-3_18
Download citation
DOI: https://doi.org/10.1007/978-981-15-9213-3_18
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-9212-6
Online ISBN: 978-981-15-9213-3
eBook Packages: Computer ScienceComputer Science (R0)