Ethereum 2 Medalla testnet suffered a series of catastrophic failures due to the use of centralized services, in this case Cloudflare, providing wrong information to all Prysm nodes, which in turn, didn’t properly fallback from this situation. Instead they continued proposing blocks and attestations for future slots. Relying on system time only and network time, or any time selected by the validator operators is something other Proof-Of-Stake clients have realized it’s the best option currently.
A thorough analysis of the improper or lack of a fallback mechanism in the clients affected is concerning but design of consensus protocols is not the focus of this article. For more information refer to the Eth2 Medalla Testnet Incident article.
Reliance upon centralized services such as Cloudflare should be of more concern of all decentralized projects. Web 2 giants have created these types of services such as CDNs, analytics and advertisement which the internet in its current form couldn’t live without. They are impressive achievements but they also are central points of failure. Cloudflare is not fail proof and it has already taken down big chunks of the internet with it when it fails.
Fortunately, the decentralized web, the Web 3, is less reliant on these central points of failure by design, as a decentralized network could potentially live even if a big part of their networks fail, provide false information or go offline. It’s less reliant for now and as long as blockchains don’t adopt a similar model as the web 2. Web 3 applications are starting to feel an increased need to scale, to provide their services to more people than what they currently do. So the pressure for dapps is already there. Certainly, better scalability is already available on blockchains other than Ethereum but the pressure will continue to increase more and more throughput will continue to be needed.
So the temptation for blockchain core developers, dapp developers to use an already proven solution used by many like cloudflare appears, for time synchronization of validators, ddos protection of validators is there. So, the Medalla Cloudflare bug should serve as warning to all of us, who might be looking for shortcuts that won’t be worth it in the end. There is a very good reason why this goes against the ethos of blockchain, imagine what would have been of Bitcoin if 73% of miners had gone down because they couldn’t connect to Cloudflare.
Published by: Saxemberg on Aug. 18, 2020