The Cardano Minimum Attack Vector (And why you should care)
The story of Cryptocurrencies is one of decentralization, we all know and praise decentralization as the ultimate force coming to change the fabric of society forever.
But what is decentralization? Why is it important ? And how do we measure it ?
What is decentralization
Decentralization is the notion that power and control of a system can be distributed over a set of participants, in such a way that no one single entity can assume control of the system.
This brings a lot of very interesting properties that promote equality, security and democracy.
The most important property is the security, thanks to decentralization, no central database/server exists for an attacker to hack, there is no manager or CEO that can be blackmailed, there is no board of directors that can manipulate the system for their own profit.
How to measure the decentralization of a system
You can use many metrics to measure the decentralization of a system:
Minimum Attack Vector (MAV)
The minimum attack vector is the minimum subset of participants that one would need to take under control in order to attack or manipulate the network, by having control of over 51% of the created blocks one could cause havoc to the network
When talking about attacks that can happen against the MAV participants, and by extension the Cardano network, 2 distinct attacks can be specified with very different requirements on the attackers side, and very different risks against the network.
1) Compromising of Hot-keys:
Hotkeys are the keys an operator uses to run his stake-pool on the network.
If an attacker is able to get access to this keys he would be able to cause a lot of trouble, he could perform a double spend (forking the network) or dos against the network (using the vrf keys), slowing the network.
In this scenario stake pool operators can rotate certificates and utilize hidden nodes to restore the network, even though this will cause issues.
2) Compromising of Cold-keys:
Cold-keys are the backbone of the encryption we use for creating and managing Stake-pools.
If an attacker gets access to the cold keys of the MAV it is possible the attacker would be able to completely destroy the network.
If this happens then no hard-fork or quick and dirty patch by the SPO community will save us, the attacker will have the ability to react to every move we make with the exact counter move.
Restoring the network will be a herculean task and probably impossible without violating immutability or introducing censorship to the consensus of the network.
What are the tools someone could use to attack the network?
This is irrelevant, even if an SPO is 100% honest and trustworthy, it is foolish to believe that enemies of Cardano will only use Sybil or bribery, most likely in a full scale attack, the attacker will use all tools available to him.
At the moment we have not detected any such threats, but anyone that works with security of any kind(physical or digital), will tell you that you have to secure whatever it is you are doing before you are under attack. If you try to close your holes while the enemy is trying to get in, you are going to have a bad time.
Why should I care
If you hold ADA tokens then you are directly invested in the health of the network. You are at the same time the one that has the most to lose, and the one that has the power to protect it.
It is also very simple to understand that the more secure the network is the more valuable it is, this has a direct correlation to the value of the tokens you are holding.
What is the current MAV of the Cardano network
According to the data by ADApools.org and blockfrost.io, we can clearly see that the current MAV is 22, this is by far less than the ideal MAV=250.
The participants of the MAV are :
These are the organizations someone would need to control in order to Control the entire Cardano network.
This is better than anything else currently on the market, but far short from ideal.
How can we improve the Cardano MAV
The most obvious and simple way is to try and convince the delegators of MAV pools to redelegate to a pool outside the MAV! This is the only solution that works.
Moving stake from one single pool to another will have no effect, the same as moving stake from one MAV pool to another , the concentration remains the same.
What is next
I have created a new twitter profile (@CardanoState), this profile will publish on-chain data about the Cardano network, one of these reports will be the Current MAV, this will give the Cardano community a goal-post and a way of measuring our progress. A chance to celebrate when the MAV goes UP and a call to arms when the MAV moves down.
I welcome all of you to follow and be part of the biggest decentralization effort in the history of the world.
We have an opportunity with Cardano to build and own something fair, resilient, and powerful. Something that transcends nation-states, encourages international cooperation and minimizes the attractiveness of war.
We have a real shot at eliminating systemic corruption once and for all, but this can only happen if we do it. Cardano is a proof of stake system, that means, you the stakeholder choses, what will happen with it and what form it will take.
Thank you for Reading :)
Governments could interfere by using big tech to block functionality of our wallets via os updates, ip address blocking, fiat on/off ramp legislation, business audits on prohibition of crypto acceptance. It won't stop crypto, but it could drive it to a black market level. - @CaptainChaos
A graphic not part of the article above ⬆️ , but related, as it refers
to a global attack currently underway against humanity ⬇️.