Perks of dPoS: Neglectful Ark delegate almost caused a complete ARK blockchain outage

Ark is one of the projects that uses delegated proof of stake mechanism to reach consensus on its network. One of the many inherent traits of this type of consensus is its reliance on the humans to be prudent and precise in their actions. In this case, the delegates that run and secure the network are responsible to have solid technical knowledge in order to run a block producing node.

One of those delegates on ARK was either negligent or IT illiterate since he committed a terrible noob blunder. As this post explains in more detail:

“A short recap on what was going on today:

One of the delegates published the first 10 of the 12 words that makeup his passphrase in a the vendor field of a transaction. This happened over a year ago and came to public light today.

The remaining 2 words of his passphrase were quickly generated with brute force and the complete passphrase was published on 4chan/biz with the instructions how to use a delegate passphrase to disrupt the Ark blockchain.

If the passphrase would have been used to “double forge” as suggested on 4chan it would have caused some serious outages. Luckily none of the users there managed or tried to do so before said delegate was unvoted from the 51.”

Another user chipped in to explain how this already happened on Ark network:

“With the ARKcommader you only need the 1st passphrase to enable a node to forge.

What does that mean? It means that anyone could have spun up a node, input his public key and his 1st passphrase and the forging status would have been set to “true”.

This is precisely what caused the network to crash last time. Someone had 1+ nodes forging. When this happens then when their turn in the round comes to forge and both nodes have the ‘right’ to validate the block then it causes issues. If they both validate the block it causes a double forge (high level explanation) and then the network doesn’t know which block to believe. This is what caused the ‘Great October Depression’ (coined here, and now).

So, long story short, someone could have easily used this person phrase to intently double forge and eff the network up.”

This could have caused a complete outage of the blockchain as it would come to a grinding halt if a hacker double forged the blockchain. The delegate was completely irresponsible as another post suggests that he knew about this incident for at least a week:

“He did not, which was incredibly irresponsible of him. He knew his passphrase was leaked for a week at best, and over a year at worst, and he did nothing. It took the leak going public today for him to mobilize and ask his whales to unvote him.”

As I pointed out at the top of the article, this type of blockchain governance is dependent on human action which is often filled with intentional or involuntary errors. Lucky for ARK, they are low tier crypto that no serious hacker keeps an eye on, otherwise – this could have been a total fiasco for them and their reputation.

intelligent crypto
How are  regular people making returns of as much as 70% in a year with no risk?  By properly setting up a FREE Pionex grid bot - click the button to learn more.
Crypto arbitrage still works like a charm, if you do it right! Check out Alphador, leading crypto arbitrage bot to learn the best way of doing it.

Petar Jovanović
Petar Jovanović

As the Head of Content at Captainaltcoin, I bring years of experience in the crypto industry. With a strong belief in the potential of the web3 market since 2017, I'm passionate about sharing valuable insights and knowledge. Feel free to connect with me on LinkedIn and let's discuss the exciting world of cryptocurrencies and decentralized technologies!

We will be happy to hear your thoughts

Leave a reply

CaptainAltcoin
Logo