Back to glossary

Eclipse Attack

An attack where a malicious actor isolates a specific node from the rest of the network by controlling its connections.

Categoryweb

Overview

An eclipse attack is a network-level attack on a blockchain node. The attacker uses a large number of IP addresses (often via a botnet or Sybil attack) to monopolize all the 'peer slots' of a target node. Once eclipsed, the node only receives information provided by the attacker.

Consequences

  • False View of the Ledger: The attacker can show the node a fake version of the blockchain.
  • Double Spending: The attacker can trick the node into accepting a transaction that hasn't actually been confirmed by the rest of the network.
  • Selfish Mining: The attacker can waste the node's mining power by giving it outdated blocks to work on.

Mitigation

Nodes use strategies like 'peer diversity' (connecting to peers from different IP ranges) and 'anchor peers' (remembering trusted peers from previous sessions).

Related Terms

Sybil Attack51% AttackDouble Spending