01-31, 15:05–15:25 (Europe/Zurich), Beam Stage
Ethereum’s decentralized architecture relies on scalable and efficient block production, leading to the adoption of Proposer-Builder Separation (PBS). However, PBS-enabled environments that use standard Builder APIs expose validators to new privacy risks due to transport-layer metadata leakage, including IP addresses linked to public keys. This leakage allows adversaries to target block proposers and disrupt block production through network attacks, undermining decentralization and fairness.
Our experiment investigates how transport-level privacy leaks at validator-relay interfaces allow targeted disruption via metadata analysis and low-cost network-layer attacks. We implemented a transport metadata harvesting pipeline of the full currently most used PBS architecture - MEV-boost stack - to link validators’ public keys to the IP address of their consensus client as well as that of the mev-boost software and executed attacks in a lab setting to demonstrate the practical applications of this work.
Our analysis challenges the trust assumptions of relayers in the current PBS implementation and highlights how these vulnerabilities compromise proposer anonymity and incentivize adversarial actions, such as manipulating RANDAO values to interfere with block proposals. Beyond proposers, relays and builders are also at risk without sufficient transport privacy measures. To address this, we advocate for integrating metadata privacy protocols into PBS designs, particularly as the transition to enshrined PBS (ePBS) advances. Strengthening transport-layer privacy is essential to preserving Ethereum’s decentralization, security, and fairness in block production.
This talk will delve into the current state of Proposer-Builder Separation (PBS) and its proposed evolution, enshrined-PBS (ePBS), highlighting their roles in optimizing Ethereum's block production and addressing scalability challenges. It will provide an overview of the status quo regarding IP leakage at the networking layer, examining how metadata exposure in PBS-enabled environments, such as MEV-Boost, creates privacy vulnerabilities that adversaries can exploit.
Building on this foundation, the talk will discuss a controlled experiment demonstrating the practical implications of transport-layer metadata exposure. The experiment illustrates how linking validators’ public keys to IP addresses enables targeted attacks that disrupt block production and compromise Ethereum's decentralization.
Finally, the talk will explore the broader implications of transport-layer privacy for Ethereum’s network security and decentralization. It will advocate for integrating robust metadata privacy protocols into PBS and ePBS designs, emphasizing the critical need to mitigate these risks to preserve Ethereum’s fairness, resilience, and decentralization in an increasingly adversarial landscape.
Qianchen (a.k.a. "Q") is the Dencentralized Technology Architect at HOPR. HOPR developed the HOPR protocol, a decentralized communication protocol designed to ensure metadata privacy through incentivized mixnet technology. Q has been writing smart contracts and contributing to protocol development for 5+ years.