We have concluded the research project mentioned in Q2 2023 and are currently in the final stages of developing an initial MVP for potential customers. During this phase, we are conducting tests with a select group of initial customers who have found practical value in real-world use cases. While our customer base may be limited at this stage, it’s important to note that our approach is grounded in actual P2P attacks, some of which we have even implemented ourselves [GitHub - sakundi/discv5-testground: Testground plans for discv5.]. Additionally, a prior security audit report conducted by Least Authority on the Ethereum P2P layer highlighted vulnerabilities related to node identity generation and acknowledged the risk of eclipse attacks [https://leastauthority.com/static/publications/LeastAuthority-Node-Discovery-Protocol-Audit-Report.pdf]. As of now, these issues remain unresolved.
Our goal is to collaborate with RP to advance our prototype to a more mature stage that delivers tangible benefits to the RP community and the broader Blockchain community. This approach is based on addressing real-world security concerns rather than being purely theoretical in nature.
At this moment, 2
We record numerous anomalies on a daily basis through the analysis of validator node interactions within the P2P layer. Subsequently, these anomalies may be classified as potential attacks.
Out of the customers who tested our proof-of-concept, two of them observed anomalies in their P2P connections that could potentially be categorized as attacks.
At present, we exclusively offer alerts through email, Slack, or Telegram to the concerned users, typically node operators. However, we have not implemented an automated mitigation process as part of our services.