Adversary-Augmented Simulation for Fairness Evaluation and Defense in Hyperledger Fabric
DOI:
https://doi.org/10.5753/jisa.2025.5925Keywords:
Adversary models, Distributed Systems, Cybersecurity, Multi-Agent Simulation, HyperLedger Fabric, Tendermint, Order FairnessAbstract
This paper presents an adversary model and a simulation framework specifically tailored for analyzing attacks on distributed systems composed of multiple distributed protocols, with a focus on assessing the security of blockchain networks. Our model classifies and constrains adversarial actions based on the assumptions of the target protocols—defined by failure models, communication models, and the fault tolerance thresholds of Byzantine Fault Tolerant (BFT) protocols. The goal is to study not only the intended effects of adversarial strategies but also their unintended side effects on critical system properties. We apply this framework to analyze fairness properties in a Hyperledger Fabric (HF) blockchain network. Our focus is on novel fairness attacks that involve coordinated adversarial actions across various HF services. Simulations show that even a constrained adversary can violate fairness with respect to specific clients (client fairness) and impact related guarantees (order fairness), which relate the reception order of transactions to their final order in the blockchain. This paper significantly extends our previous work by introducing and evaluating a mitigation mechanism specifically designed to counter transaction reordering attacks. We implement and integrate this defense into our simulation environment, demonstrating its effectiveness under diverse conditions.
Downloads
References
Alpern, B. and Schneider, F. B. (1987). Recognizing safety and liveness. Distrib. Comput.. DOI: 10.1007/BF01782772.
Amoussou-Guenou, Y., Pozzo, A. D., Potop-Butucaru, M., and Tucci Piergiovanni, S. (2020). On fairness in committee-based blockchains. In 2nd International Conference on Blockchain Economics, Security and Protocols, Tokenomics 2020. DOI: 10.4230/OASICS.TOKENOMICS.2020.4.
Amoussou-Guenou, Y. et al. (2019). Dissecting tendermint. In NETYS, pages 633-649. USENIX Association. DOI: 10.1007/978-3-030-31277-0_11.
Andola, N. et al. (2019). Vulnerabilities on hyperledger fabric. Pervasive and Mobile Computing. DOI: 10.1016/j.pmcj.2019.101050.
Angelis, S. D. et al. (2022). Evaluating blockchain systems: A comprehensive study of security and dependability attributes. In DLT at ITASEC. Available online [link].
Aublin, P., Mokhtar, S. B., and Quéma, V. (2013). RBFT: redundant byzantine fault tolerance. In IEEE 33rd International Conference on Distributed Computing Systems, ICDCS 2013. DOI: 10.1109/ICDCS.2013.53.
Barbosa et al. (2021). Sok: Computer-aided cryptography. In Symposium on Security and Privacy. DOI: 10.1109/SP40001.2021.00008.
Barwise, J. (1977). An introduction to first-order logic. DOI: 10.1016/S0049-237X(08)71097-8.
Borisov, N., Goldberg, I., and Wagner, D. (2001). Intercepting mobile communications: The insecurity of 802.11. In MobiCom. DOI: 10.1145/381677.381695.
Brandt, F., Conitzer, V., Endriss, U., Lang, J., and Procaccia, A. D. (2016). Handbook of Computational Social Choice. Cambridge University Press, USA, 1st edition. Book.
Burdges, J. and De Feo, L. (2021). Delay encryption. In 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT2021). DOI: 10.1007/978-3-030-77870-5_11.
Bushkov, V. and Guerraoui, R. (2015). Safety-liveness exclusion in distributed computing. In 2015 ACM Symposium on Principles of Distributed Computing (PODC15). DOI: 10.1145/2767386.2767401.
Cachin, C. et al. (2022). Quick order fairness. In Financial Cryptography and Data Security. DOI: 10.1007/978-3-031-18283-9_15.
CEA LICIA (2022). Multi-Agent eXperimenter (MAX).
Chen, S. and Song, Q. (2005). Perimeter-based defense against high bandwidth ddos attacks. TPDS. DOI: 10.1109/tpds.2005.74.
Cramer, R. et al. (1999). Efficient multiparty computations secure against an adaptive adversary. In EUROCRYPT. DOI: 10.1007/3-540-48910-x_22.
Dabholkar, A. and Saraswat, V. (2019). Ripping the fabric: Attacks and mitigations on hyperledger fabric. In ATIS. DOI: 10.1007/978-981-15-0871-4_24.
Daian, P., Goldfeder, S., Kell, T., Li, Y., Zhao, X., Bentov, I., Breidenbach, L., and Juels, A. (2020). Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability. In 2020 IEEE Symposium on Security and Privacy (SP). DOI: 10.1109/SP40000.2020.00040.
Damani, O. and Garg, V. (1996). How to recover efficiently and asynchronously when optimism fails. In 16th International Conference on Distributed Computing Systems. DOI: 10.1109/ICDCS.1996.507907.
Davies, J., Katsirelos, G., Narodytska, N., Walsh, T., and Xia, L. (2014). Complexity of and algorithms for the manipulation of borda, nanson's and baldwin's voting rules. Artificial Intelligence. DOI: 10.1016/j.artint.2014.07.005.
De Santis, A. et al. (1994). How to share a function securely. In STOC. DOI: 10.1145/195058.195405.
Deshpande, A., Nasirifard, P., and Jacobsen, H.-A. (2018). evibes: Configurable and interactive ethereum blockchain simulation framework. In Middleware. ACM. DOI: 10.1145/3284014.3284020.
Do, Q., Martini, B., and Choo, K.-K. R. (2019). The role of the adversary model in applied security research. Computers and Security. DOI: 10.1016/j.cose.2018.12.002.
Dolev, D. and Yao, A. (1983). On the security of public key protocols. Transactions on information theory. DOI: 10.1109/TIT.1983.1056650.
Duan, S., Levitt, K. N., Meling, H., Peisert, S., and Zhang, H. (2014). Byzid: Byzantine fault tolerance from intrusion detection. In 33rd IEEE International Symposium on Reliable Distributed Systems, SRDS 2014. DOI: 10.1109/SRDS.2014.28.
Dwork, C., Lynch, N., and Stockmeyer, L. (1988). Consensus in the presence of partial synchrony. DOI: 10.1145/42282.42283.
Ferber, J., Gutknecht, O., and Michel, F. (2004). From agents to organizations: An organizational view of multi-agent systems. In Agent-Oriented Software Engineering IV. DOI: 10.1007/978-3-540-24620-6_15.
Fischer, M. J., Lynch, N. A., and Paterson, M. S. (1985). Impossibility of distributed consensus with one faulty process. DOI: 10.1145/3149.214121.
Ganguly, R., Momtaz, A., and Bonakdarpour, B. (2021). Distributed Runtime Verification Under Partial Synchrony. In 24th International Conference on Principles of Distributed Systems (OPODIS 2020). DOI: 10.4230/LIPIcs.OPODIS.2020.20.
Garay, J. and Kiayias, A. (2020). Sok: A consensus taxonomy in the blockchain era. In Topics in Cryptology (CT-RSA 2020), page 47–60. DOI: 10.1007/978-3-030-40186-3_13.
Guggenberger, T. et al. (2022). An in-depth investigation of the performance characteristics of hyperledger fabric. Computers & Industrial Engineering. DOI: 10.1016/j.cie.2022.108716.
Heimbach, L. and Wattenhofer, R. (2023). Sok: Preventing transaction reordering manipulations in decentralized finance. In 4th ACM Conference on Advances in Financial Technologies (AFT22). DOI: 10.1145/3558535.3559784.
Huang, Y., Tang, J., Cong, Q., Lim, A., and Xu, J. (2021). Do the rich get richer? fairness analysis for blockchain incentives. In 2021 International Conference on Management of Data (SIGMOD21). DOI: 10.1145/3448016.3457285.
Hussain, A., Heidemann, J., and Papadopoulos, C. (2003). A framework for classifying denial of service attacks. In SIGCOMM. DOI: 10.1145/863955.863968.
Jain, R., Chiu, D., and Hawe, W. (1984). A quantitative measure of fairness and discrimination for resource allocation in shared computer systems. DOI: 10.48550/arxiv.cs/9809099.
Kelkar, M., Deb, S., Long, S., Juels, A., and Kannan, S. (2023). Themis: Fast, strong order-fairness in byzantine consensus. In 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS23). DOI: 10.1145/3576915.3616658.
Kelkar, M. et al. (2020). Order-fairness for byzantine consensus. In CRYPTO. DOI: 10.1007/978-3-030-56877-1_16.
Kiayias, A., Leonardos, N., and Shen, Y. (2024). Ordering transactions with bounded unfairness: Definitions, complexity and constructions. In Advances in Cryptology (EUROCRYPT 2024). DOI: 10.1007/978-3-031-58734-4_2.
Kursawe, K. (2020). Wendy, the good little fairness widget: Achieving order fairness for blockchains. In 2nd ACM Conference on Advances in Financial Technologies (AFT20). DOI: 10.1145/3419614.3423263.
Lev-Ari, K., Spiegelman, A., Keidar, I., and Malkhi, D. (2020). FairLedger: A Fair Blockchain Protocol for Financial Institutions. In 23rd International Conference on Principles of Distributed Systems (OPODIS 2019). DOI: 10.4230/LIPIcs.OPODIS.2019.4.
Mahe, E., Abdallah, R., Tucci-Piergiovanni, S., and Piriou, P.-Y. (2024). Adversary-augmented simulation to evaluate order-fairness on hyperledger fabric. In 13th Latin-American Symposium on Dependable and Secure Computing (LADC24). DOI: 10.1145/3697090.3697093.
Malkhi, D. and Szalachowski, P. (2023). Maximal Extractable Value (MEV) Protection on a DAG. In 4th International Conference on Blockchain Economics, Security and Protocols (Tokenomics 2022). DOI: 10.4230/OASIcs.Tokenomics.2022.6.
Martin, J., Burbank, J., Kasch, W., and Mills, D. (2010). Network Time Protocol Version 4: Protocol and Algorithms Specification. DOI: 10.17487/RFC5905.
Miller, A. and Jansen, R. (2015). Shadow-Bitcoin: Scalable simulation via direct execution of Multi-Threaded applications. In CSET. USENIX. Available online [link].
Misra, A. and Kshemkalyani, A. D. (2023). Byzantine fault-tolerant causal ordering. In 24th International Conference on Distributed Computing and Networking (ICDCN23). DOI: 10.1145/3571306.3571395.
Momeni, P., Gorbunov, S., and Zhang, B. (2023). Fairblock: Preventing blockchain front-running with minimal overheads. In Security and Privacy in Communication Networks. DOI: h10.1007/978-3-031-25538-0_14.
Müller, S., Penzkofer, A., Camargo, D., and Saa, O. (2021). On fairness in voting consensus protocols. In Arai, K., editor, Intelligent Computing. DOI: 10.1007/978-3-030-80126-7_65.
Paulavičius, R., Grigaitis, S., and Filatovas, E. (2021). A systematic review and empirical analysis of blockchain simulators. In Access. DOI: 10.1109/access.2021.3063324.
Putz, B. and Pernul, G. (2020). Detecting blockchain security threats. In IEEE International Conference on Blockchain. DOI: 10.1109/blockchain50366.2020.00046.
Ray, D. and Ligatti, J. (2012). Defining code-injection attacks. In POPL. DOI: 10.1145/2103656.2103678.
Rivest, R. L., Shamir, A., and Wagner, D. A. (1996). Time-lock puzzles and timed-release crypto. Technical report, MIT. Available online [link].
Schneider, F. B. (1990). Implementing fault-tolerant services using the state machine approach: a tutorial. ACM Comput. Surv.. DOI: 10.1145/98163.98167.
Schneider, F. B. (1993). What Good Are Models and What Models Are Good? ACM Press. Available online [link].
Shamir, A. (1979). How to share a secret. Commun. ACM. DOI: 10.1145/359168.359176.
Shimamura, M. and Kono, K. (2009). Yataglass: Network-level code emulation for analyzing memory-scanning attacks. In DIMVA. DOI: 10.1007/978-3-642-02918-9_5.
Simons, B. (1990). An overview of clock synchronization. In Fault-Tolerant Distributed Computing. DOI: 10.1007/bfb0042327.
Spreitzer, R. et al. (2018). Systematic classification of side-channel attacks: A case study for mobile devices. COMST. DOI: 10.1109/COMST.2017.2779824.
Teixeira, A. et al. (2015). A secure control framework for resource-limited adversaries. Automatica. DOI: 10.1016/j.automatica.2014.10.067.
Vafadar, M. A. and Khabbazian, M. (2023). Condorcet Attack Against Fair Transaction Ordering. In 5th Conference on Advances in Financial Technologies (AFT 2023). DOI: 10.48550/arXiv.2306.15743.
Wallace, R., Andrade, X. G., Kayser, P., Luo, Z., Mukherjee, H., Nunes, R., and Warrior, M. (2024). Models of network delay. In Developments in Statistical Modelling. DOI: 10.1007/978-3-031-65723-8_36.
Xiao, Y. et al. (2020). Modeling the impact of network connectivity on consensus security of proof-of-work blockchain. In INFOCOM. DOI: 10.1109/infocom41043.2020.9155451.
Zhang, Y., Setty, S., Chen, Q., Zhou, L., and Alvisi, L. (2020). Byzantine ordered consensus without byzantine oligarchy. In 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20). Available online [link].
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Journal of Internet Services and Applications
This work is licensed under a Creative Commons Attribution 4.0 International License.
