Announcing the Winner of Phase 3 of Game of Zones

Since the end of Phase 3 of Game of Zones, the GoZ team has been evaluating technical details of the numerous attacks carried out to push the limits of the IBC security model.




During Phase 3 of the competition, the goal was for participants to adopt an attacker’s mindset and attack the network layer of the hub. This phase was designed to educate network operators about risk by surfacing security vulnerabilities and rooting out opportunistic attacks that might be possible if a node or zone is not monitored or configured to be safe by default. As expected, we saw a plethora of incredible attacks across the competition hub, and we were amazed by the creativity and persistence of participants.

 

The winner of Phase 3 of GoZ is P2P.org, who will receive 6,250 ATOM for their outstanding performance in creating a deceptive rootchain and a double spend via double sign attack for the third phase of the competition. Their approach to attacking an IBC-enabled network demonstrated that the best way to steal coins from a user is to do so subtly. Their subtle mechanism to steal coins implemented minted unredeemable coins, and their successful attack and technical Proof-of-Concept documents this well. 

There are countless incredible write ups and contributions that have gone a long way to expand what we know about protecting an IBC-enabled network, such as these:

The most important goal of Game of Zones is to prepare network operators for the entirely new set of abstractions that will come when IBC is production ready.  It has been incredible to see participants and the overall community rise to this challenge, especially since this phase will undoubtedly improve the security and shared knowledge around running a safe, secure hub.  Congratulations to everyone who successfully completed Phase 3 of Game of Zones!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s