Although the Ethereum merger is being touted as a major upgrade to the blockchain network, its transition to proof-of-stake theoretically makes it more vulnerable to exploitation.
Speaking to Cointelegraph, the security researcher explained that unlike proof-of-work systems, a proof-of-stake (PoS) system tells node validators in advance which blocks they will be validating, allowing them to to plan attacks.
The security expert, who asked not to be named, is a blockchain developer and security researcher working on a P-2 layer blockchain.
The researcher explained that an exploit could theoretically occur on the post-Merge Ethereum blockchain if validators manage to align two consecutive blocks to be validated.
“If you control two consecutive blocks, you can start an exploit on block N and complete it on block N+1 without any arbitrage bot coming in and fixing the price you manipulated in between. “
“From an economic security perspective, [this vulnerability] makes these attacks relatively easier to perform.
The expert said that while it is also possible for miners to validate consecutive blocks in PoW networks, it amounts to “pure luck” and does not give the miner time to plan an attack.
As a result, the security researcher claims that Ethereum will give up some security strength when the merger takes effect:
“As we are right now [with] Ethereum Proof of Work vs Ethereum Proof of Stake, Ethereum Proof of Work has stronger security […] and economic guarantees.
“But that being said […] proof of stake [still] has sufficient practical security [and] it doesn’t matter that it’s theoretically not as secure as proof of work. It’s still a very secure system,” he added.
Related: Buterin and Armstrong Reflect on Proof-of-Stake Change as Ethereum Merger Approaches
The security expert added that “Ethereum is working on fixing [the consecutive block issue]. This is a difficult problem to solve, but if it is done, then the proof-of-stake security will be [further] increase [as] they will be protected against these attack vectors.
Ethereum validators are subject to POS discounts, as the consensus rules were designed to provide an economic incentive for validators to properly validate incoming transactions, while any conduct to the contrary would see their ETH stake reduced.
The Ethereum merger is finally expected to take place on September 15 around 2:30 UTC, according to Blocknative’s Ethereum Merge Countdown. The transition to PoS should make the Ethereum network more scalable and energy efficient.