The Main Attack Methods Against Blockchain P2P Networks

3 min readJan 9, 2022


Typical blockchain P2P network architectures mainly include Bitcoin, Ethereum, fabric, etc. To solve the security problem of P2P network, we should first understand the main attack methods against it.

Existing attack methods include Sybil Attack and Eclipse Attack at the design layer and DDoS Attack (Denial of Service Attack) at the application layer.

DDos Attack

The traditional DDoS attack is divided into two steps: the first step is to use viruses, Trojan horses, buffer overflows and other attack methods to invade a large number of hosts and form a botnet; The second step is to launch a DDos attack through a botnet.

Different from the traditional centralized system, DDoS attacks against blockchain systems can be divided into active attacks and passive attacks.

Active attack: By actively sending a large number of fake messages to the network, the reflecting node receives a large number of notification messages instantaneously through the transaction synchronization mechanism of the blockchain.

The attacker can evade IP inspection by spoofing the source address, making it more difficult to track and locate the source of the attack. And a large amount of traffic flows through the network, which will lead to a decrease in the routing function of the network.

Passive attack: Passive attack is different from active attack, in that the attack node waits for query requests from other nodes and then attacks by returning a spurious response.

In a real-world environment, attackers often deploy multiple attack nodes, include the target host multiple times in a response message, and combine other co-implementation vulnerabilities.

Eclipse attack

An eclipse attack is a network-level attack carried out by other nodes, which aims to isolate the node by blocking the most up-to-date block information from entering the attacked node.

The attack method is to encircle and occupy the victim’s point-to-point connection time slot, and keep the read node in an isolated network to achieve the purpose of isolating the node.

Both the current Bitcoin and Ethereum networks have been confirmed to be affected by eclipse attacks.

1) An eclipse attack against the Bitcoin network, where an attacker can control a sufficient number of IP addresses to monopolize the effective connection between all the compromised nodes.

The attacker can then requisition the victim’s mining power and use it to attack the blockchain’s consensus algorithm or for “duplicate payments and private mining.”

2) An eclipse attack against Ethereum, where an attacker can monopolize all the input and output connections of the victim node, so that the victim node is isolated from other normal nodes in the network.

An attacker’s eclipse attack can then trick the victim into looking at the incorrect Ethernet transaction details, allowing the seller to hand over the item to the attacker before the transaction is completed.

Sybil Attack

In the main P2P network, especially the public chain network, the same data usually needs to be backed up to multiple distributed nodes to maintain the stability of the network due to the reasons such as node joining and exit at any time.

This is called the data redundancy mechanism. Sybil attacks are effective means to attack the data redundancy mechanism.

In blockchain networks, attackers can forge their own identities to join the network. After they master several nodes or node identities, they will threaten the blockchain network.

Such as reducing the search efficiency of the nodes, transmitting unauthorized files , destroying the security of file sharing, consuming the connection resources of nodes, etc.

Hoping that these can provide reference for the development of application system based on block chain network. Stay tuned for more blockchain security information.




Lunaray takes a leading position in smart contract auditing and consulting service for blockchain security.