Attacks/Cheats/Weaknesses of Shards

Chain Control

1. Hijack the main chain: the main chain controller can manipulate the main chain block to control the process of sampling eligible collator.
2. 1% sharding attack: if the sampling process fails to select with high randomness, it’s possible for an attacker to start 1% attack in the shard: if there are 100 shards, the attacker can focus on attack one particular shard, they only need 1% hash rate (PoW)/deposit (PoS) to control the shard.
3. 30% sharding attack: ERP#1340
4. DoS attacks: ERP#1048 - slight influence???

Economics

Note that the proposer-collator separation scheme is no longer planned for in-protocol use as per this post: Exploring the proposer/collator split. Instead a proposer/notary scheme is planned as per this post and this post.

1. [Proposing-collating separation scheme] Proposer withholding attack: the proposer griefs collators by not revealing collation bodies.
2. [Proposing-collating separation scheme] Collator stealing proposer’s fee: the collator might be able to tamper proposer_address and proposer_signature of the proposal.
3. [Proposing-collating separation scheme] Proposer reversion bribes: the proposer offers collations with high fees that are off of the canonical chain, thereby offering a clear bribe to build on top of a secondary chain, with the goal of reverting transactions.

Stateless Client and Access List

1. Censorship: stateless client model loses censorship resistance

Execution

1. DoS executors by reverting: Allowing cross-shard transactions and state execution to happen faster than finality means that executors can be forced to redo all their work on all shards if only one shard suffers a short-range reversion.

Others

1. Loose finality in loosly coupled fork choice rule: in loosely coupled fork choice rule, it’s even harder to have a more explicit finality on shard chain than PoW main chain.