Meet Ledger Nano™ Gen5, the most playful signer yet

Discover now

The most playful signer yet

Meet Ledger Nano™ Gen5

Shop now Learn more

Eclipse Attack Meaning

Oct 18, 2023 | Updated Oct 18, 2023
An eclipse attack is a type of P2P network threat that disrupts the operations of the network by isolating and manipulating one node.

What is an Eclipse Attack?

In an eclipse attack, a malicious actor separates a specific node within a peer-to-peer network instead of attacking the entire blockchain. The actors create an artificial environment around specific nodes to prevent them from receiving transactions or information from their peers. 

An eclipse attack is different from a Sybil attack, which creates multiple identities or nodes to upset the balance of power to take control over the entire network. Eclipse attacks may misdirect users to accept invalid or confirmed transactions, leading to a double-spend attack. Launching an eclipse attack on multiple miners could lead to a 51% attack.

How are Eclipse Attacks Executed?

Eclipse attacks in crypto arise from the inherent limitations of decentralized networks, where nodes are unable to connect with all other nodes simultaneously due to connection limits. Instead, they only create connections with a few nearby nodes. Bitcoin, for example, allows only a maximum of 125 connections. This vulnerability enables malicious actors to manipulate the information flow to specific nodes, potentially obstructing their view of legitimate transactions or blocks.

To execute an eclipse attack, the malicious actor identifies the node they intend to isolate and manipulate. The target could be a mining node, a well-connected node, or one that belongs to a specific organization or user. The attacker then creates a malicious network, known as a botnet, that consists of multiple nodes in their control. The nodes are strategically positioned to form connections with the target node. Botnets aim to monopolize all connections that the target node has, so it can control the flow of information to and from the target.

Once the botnet is in place, the malicious actor initiates a Distributed Denial-of-Service (DDoS) attack on the target node. This DDoS attack floods the target node with a large volume of fake or irrelevant network requests (or IP addresses), effectively overwhelming its resources. This forces the node to try reconnecting with the blockchain network. However, since the botnet controls most of the target node’s connections, it feeds it with false information. 

By controlling the information flow to and from the target node, the attacker can isolate it, manipulate its view of the wider network, and potentially carry out a range of attacks, including DDoS attacks, double-spend attacks, and even disrupt the miner power distribution, hampering the network’s operations.

A proposed countermeasure for such blockchain threats involves randomly selecting new connections instead of repeatedly using the same neighboring nodes. This would make it more difficult for malicious actors to attempt to attack the network.

Attention Economy

The attention economy is an economic approach that views human attention as a finite or scarce resource that can be monetized.

Full definition

Bitcoin Runes

Bitcoin Runes are an alternative fungible token standard to the experimental BRC20 standard.

Full definition

Decentralized Digital Identity

A decentralized digital identity is a type of identity management that enables individuals to control their own digital identities, without relying on a centralized authority. The concept involves the creation of unique and verifiable identities…

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.