Consensus algorithms facilitate agreement on and resolution of blockchain functions, such as smart contracts and transactions. Ethereum uses a Proof-of-Stake (PoS) consensus mechanism, which depends on financial incentives to ensure that validators perform certain duties and do not act maliciously. Should a validator attempt to defraud the system, legitimate validators will identify this and then staked cryptocurrency is `burned' through a process of slashing. In this paper, we show that an attacker who has compromised a set of validators could threaten to perform malicious actions that would result in slashing and thus, hold those validators to ransom. We use game theory to study how an attacker can coerce payment from a victim, for example by deploying a smart contract to provide a root of trust shared between attacker and victim during the extortion process. Our game theoretic model finds that it is in the interests of the validators to fully pay the ransom due to a lack of systemic protections for validators. Financial risk is solely placed on the victim during such an attack, with no mitigations available to them aside from capitulation (payment of ransom) in many scenarios. Such attacks could be disruptive to Ethereum and, likely, to many other PoS networks, if public trust in the validator system is eroded. We also discuss and evaluate potential mitigation measures arising from our analysis of the game theoretic model.

翻译：共识算法促成区块链功能（如智能合约和交易）的达成与解决。以太坊采用权益证明共识机制，该机制依赖经济激励确保验证者履行特定职责且不作恶。若验证者试图欺诈系统，合法验证者会识别并启动罚没程序，将质押的加密货币销毁。本文证明，已攻破一组验证者的攻击者可威胁实施导致罚没的恶意行为，从而挟持这些验证者进行勒索。我们运用博弈论研究攻击者如何通过部署智能合约（为勒索过程中攻击者与受害者提供共享信任根）等手段胁迫受害者付款。博弈论模型发现，由于缺乏系统性保障机制，验证者倾向于全额支付赎金。在此类攻击中，财务风险完全由受害者承担，除妥协（支付赎金）外，多数场景下其无法采取任何缓解措施。若公众对验证者系统的信任被侵蚀，此类攻击可能对以太坊乃至其他许多权益证明网络造成破坏性影响。我们还基于博弈论模型的分析结果，讨论并评估潜在的缓解措施。