Analysis of NEST Oracle Machine Facing Mining Pool Refusal to Package Attack

The NEST distributed Oracle Machine aims to improve the reliability of output data and system security by allowing more on-chain users to participate in the price conversion process. However, this design also faces some potential risks.

To combat malicious bidding, NEST uses a bidding-taker verification mechanism. Verifiers can trade based on the bids, obtain the assets pledged by the bidders, and propose new revised bids. This mechanism can somewhat limit and correct malicious bids.

However, the effective operation of this price correction mechanism relies on the timely appearance of order-eating transactions and new quotes in the new blocks on the chain. With the emergence of Mining Pools, it has become difficult for individual miners to work independently. Mining Pools enhance the probability of earning rewards by integrating computing power, which has also led to a monopoly on transaction packaging rights.

Large mining pools often prioritize packaging transactions that are beneficial to themselves or have higher fees, even if these transactions are not the first to be published on the chain. When this happens in the NEST Oracle Machine, it may lead to new quotes not being validated in a timely manner during the verification period, ultimately resulting in NEST outputting incorrect price data. This creates arbitrage opportunities for certain mining pools, threatening the security of the entire DeFi ecosystem.

The specific attack process is as follows:

1. Malicious mining pools first hoard cryptocurrencies used for arbitrage through methods such as flash loans.

2. Submit a quote to NEST that has a significant difference from the actual market price.

3. During the verification period, other validators will propose single transactions to correct the quotes.

4. Malicious Mining Pools can choose not to include these corrected transactions in the new block.

5. If other Mining Pools also choose not to package the corrected transactions, the erroneous quotes may be retained.

6. Malicious mining pools can ultimately exploit erroneous quotes for arbitrage.

This is essentially a game process involving all mining pools. Each mining pool needs to weigh the immediate benefits of correcting the quote against the potential gains from arbitraging after the erroneous quote is established. The final outcome depends on the hash power share of each mining pool and the comparison of profits under different strategies.

Mining Pools can delay or hinder price updates due to their computational power advantage. This is not only an issue faced by the NEST Oracle Machine but also a challenge to the entire concept of decentralization in blockchain. How to address the impact of mining pools while maintaining decentralization is an important issue that needs to be resolved in the development of blockchain technology.