Slashing (SLS)
Performing slashable actions leading to penalties.
Last updated
Performing slashable actions leading to penalties.
Last updated
Slashing Risks:
SLS1
Infrastructure
Operational Failure: Single validator signs two different blocks
Single node signs two different blocks, e.g. failure in setting up the anti-slashing mechanism (e.g. no lokal anti-slashing database disabled or deleted) or failure in the validator migration process.
SLS2
Infrastructure
Operational Failure: Shutting down validator only temporarily
Validator shuts (temporary) down. System spins up a new validator with the same key
SLS3
Infrastructure
Operational Failure: Validator keys are used on 2 different validators
System takes the same keys twice from the key database and deploys them on two different validators.
SLS4
Infrastructure
Operational Failure: Failure in setting up the anti-slashing mechanisms correctly
Failure in setting up the anti-slashing mechanisms correctly (e.g. Web3Signer has no slashing protection enabled, no database, database only in memory and not on disk, 2 or several copies of Web3Signer, slashing databse can be deleted)
SLS5
Infrastructure
Double key usage in the CI/CD pipeline
Usage of same key within different environments causing a slashing
SLS6
Software
Software Bug (e.g. Validator Client) (Intentional or accidentional) through update
New versions of a validator client that may cause errors that lead to slashing Supply chain attack
SLS7
Software
Software Bug (e.g. Validator Client) through software customization
New versions of a validator client may cause errors that lead to slashing
SLS8
People
Malicious Internal Employee intentionally causes operational failure via his given user rights
Anything that an internal employee has access to is at risk of being exploited to sabotage the operation resulting in a slashing incident.
SLS9
People
Malicious Internal Employee intentionally causes operational failure via privilege escalation
A malicious internal employee can get additional rights via through privileges escalation.
SLS10
People
Malicious Ex-Employee intentionally causes a slashing incident
A Ex-Employee can still have access to the system when his acces is not blocked or removed
SLS11
People
Malicious External Hacker intentionally causes slashing incident
Malicious External Hacker gets system access through absence of or weak cyber security standards
SLS12
People
Malicious External Hacker intentionally causes slashing incident
Malicious External Hacker gets external network access to the system
SLS13
People
Malicious External Hacker intentionally causes operational failure through authentication access
Malicious External Hacker can get access through by-passing or brut-forcing authentication systems
SLS14
Process
Operational Failure: Incorrect implementation of the failover mechanism: Failover system comes unexpectedly online
If the failover does not ensure that old system is not still alive in some way or is using a stale version of the anti-slashing database, e.g.: failover system starts accidentally although primary system is not down
SLS15
Process
Operational Failure: Incorrect implementation of the failover mechanism: Primary system comes unexpectedly back online
If the failover does not ensure that old system is not still alive in some way or is using a stale version of the anti-slashing database, e.g.: failover system starts (manually / automatically) because primary system is down and primary system comes back online
SLS16
Process
Operational Failure: Slashing monitoring does not prevent system shut down
Slashing events keep ongoing on because no slashing monitoring system in place
SLS17
Process
Operational Failure: Slashing monitoring ignores alerts
Monitoring is in place, but slashing events keep ongoing on because alerts are not monitored
SLS18
Process
Operational Failure: Slashing monitoring does not shut down the validators
Slashing keeps going on because system fails to automatically shut down after alerts