On Wednesday (March 13th), BitMEX Research, the research arm of crypto derivatives exchange BitMEX, reported that they had created a new web-based tool (Nodestats.org) for comparing the statistics of the two most popular Ethereum clients, i.e. Geth and Parity, and while analyzing the data provided by this tool, they had discovered a “potential bug” in Parity that could allow a double spend attack.

This monitoring tool was created with the help of TokenAnalyst, which is “BitMEX Research’s Ethereum network data and analysis partner.” It “connects to five different Ethereum nodes and collects data every five seconds,” and its main goal is to provide “metrics related to the computational resources each Ethereum node requires.” 

In a blog post published on January 9th and titled “Towards production grade open-source Ethereum clients”, TokenAnalyst said that it provided “core on-chain infrastructure that is used by Ðapp’s, researchers, and investors,” that they were “big fans of the Parity client,” and that they “recently ran nearly 100 parity nodes to download data from the whole blockchain.”

Nodestats.org looks at the performance of different configurations—fast node, full node, and archive node—of Geth and Parity. Here is an example of the data you will see (in this case, for a Parity full node):

ETH Nodestats - 13 March 2019 - Screenshot 1.png

Nodestats.org has three goals:

  • “provide metrics comparing the computational efficiency of the different Ethereum implementations”
  • “compare the resource requirements between running Ethereum node software and that of other coins, such as Bitcoin”
  • “evaluate the strength of the Ethereum P2P network and transaction processing speed, by looking at metrics related to whether the nodes have processed blocks fast enough to be at the chain tip or whether poor block propagation results in nodes being out of sync for a significant proportion of the time”

Nodestats.org, which was launched at the beginning of this month, generates data by “querying” BitMEX Research’s five Ethereum nodes “every five seconds (720 times per hour),” with the results saved to a database. 

So far, all of this sounds great. Unfortunately, the BitMEX Research team have noticed that although the Parity full node machine (which has above average hardware specifications) was started on March 1st, it has yet to finish syncing with the Ethereum blockchain, and as of the time of their report, it was “around 450,000 blocks behind,” which means that it is expected to “catch up with the main chain tip in a few days.” 

Although “the slow initial sync is a potential problem,” this is not BitMEX Research’s biggest worry since “Ethereum has not yet reached a point where the node cannot catch up, as the sync is faster than the rate of blockchain growth.” What they are more concerned about are “data integrity issues,” as they explain in their blog post:

“The Parity full node also sometimes reports that it is in sync… The highest block number seen on the network figure, sometimes falls in value as time progresses and has remained consistently well behind the actual chain tip… On occasion this potentially buggy figure fell towards the height of the verified chain… and our website incorrectly reports the node as in sync. This may be of concern to some Ethereum users, since the Parity full node has many connections to the network, therefore this may be a bug.”

And they also explain the implications of this potential bug:

“This potential bug could undermine this whole metric for our website, even for the other nodes, as the highest tip seen field may not function appropriately and our figures may be inaccurate…
One could argue the impact of this potential bug could be severe in some limited circumstances, if exploited by an attacker in the right way. For example a user could accept an incoming payment or smart contract execution as verified, while their node claims to be at the network chain tip. However, the client may not really be at the chain tip and an attacker could exploit this to trick the recipient into delivering a good or service. The attacker would need to double spend at a height the vulnerable node wrongly thought was the chain tip, which could have a lower proof of work requirement than the main chain tip. Although successful execution of this attack is highly unlikely and users are not likely to be using the highest seen block feature anyway.”

Future plans for Nodestats.org include adding features such as “charts & tools for analysing longer term trends”, “improved granularity of the data”, and “fork detection systems”.

Featured Image Credit: Photo via Pexels.com