Consensus Mistakes
Errors in consensus implementation.
Nondeterministic state transitions
criticalUsing operations that produce different results on different machines: floating point, unordered maps, system time.
Impact: Different nodes compute different state. Chain split. Network partition.
Fix: Audit all code paths for determinism. No floats, ordered data structures only, use block time.
Incorrect fork choice implementation
criticalFork choice rule that does not match specification or has edge case bugs.
Impact: Nodes follow different chains. Network cannot reach consensus.
Fix: Extensive testing against spec test vectors. Fuzzing fork choice code.
Finality gadget bugs
criticalMarking blocks as final when they are not, or not finalizing when they should be.
Impact: Reorging 'final' blocks breaks applications. Not finalizing stalls the chain.
Fix: Follow finality specs exactly. Test all finality edge cases.
Slashing condition errors
criticalNot slashing validators who violate rules, or slashing innocent validators.
Impact: Attacks go unpunished or honest validators lose stake.
Fix: Implement slashing conditions exactly per spec. Extensive testing.
P2P Network Mistakes
Peer-to-peer networking vulnerabilities.
Trusting peer data without verification
criticalAccepting blocks, transactions, or state from peers without cryptographic verification.
Impact: Malicious peers can corrupt node state. False blocks accepted.
Fix: Verify all signatures and proofs. Never trust, always verify.
Eclipse attack vulnerability
criticalNode can be surrounded by attacker peers, isolated from honest network.
Impact: Attacker controls node's view of the network. Double-spend possible.
Fix: Diverse peer selection. Monitor peer behavior. Detect isolation.
Insufficient DoS protection
highNot rate limiting messages, not validating before heavy processing.
Impact: Network brought down by spam. Nodes crash or fall behind.
Fix: Validate cheaply first. Rate limit per peer. Disconnect bad actors.
Message amplification vulnerabilities
highSmall request triggers large response, enabling DDoS amplification.
Impact: Attackers use nodes to amplify attacks against other targets.
Fix: Limit response sizes. Authenticate requesters when appropriate.
Cryptographic Mistakes
Errors in cryptographic implementation.
Rolling your own cryptography
criticalImplementing cryptographic primitives instead of using audited libraries.
Impact: Implementation bugs lead to key leakage, forgery, or breaks.
Fix: Use established, audited libraries. Have crypto code reviewed.
Non-constant-time secret operations
criticalOperations involving secrets that take variable time based on secret values.
Impact: Timing attacks leak private keys.
Fix: Use constant-time comparison and arithmetic for all secret data.
Weak random number generation
criticalUsing non-cryptographic RNG for key generation or protocol randomness.
Impact: Predictable keys or protocol values. Complete security break.
Fix: Always use cryptographically secure RNG (OS-provided or audited library).
Private key exposure in logs or errors
criticalAccidentally logging private keys or including them in error messages.
Impact: Private keys leaked to log files or monitoring systems.
Fix: Never format private keys as strings. Audit all logging paths.
State Management Mistakes
Errors in state storage and sync.
State root calculation differences
criticalDifferent clients computing different state roots for same transactions.
Impact: Chain split. Clients cannot agree on state.
Fix: Exhaustive testing. Use execution spec tests. Fuzzing.
Unsafe database operations
highNot handling database errors, crashes, or corruption properly.
Impact: Data corruption. Node unable to sync or stuck.
Fix: Use atomic operations. Implement recovery procedures.
Pruning too aggressively
highRemoving historical data that is still needed for reorgs or validation.
Impact: Node cannot handle reorgs. Unable to provide historical data.
Fix: Conservative pruning. Keep sufficient history for max reorg.
State sync without verification
criticalDownloading state from peers and using it without checking proofs.
Impact: Malicious peer provides false state. Node operates on corrupted data.
Fix: Verify state proofs against block headers from trusted source.
Operations Mistakes
Errors in node operations and deployment.
Exposing admin RPC publicly
criticalAdmin APIs (send transactions, control node) accessible without auth.
Impact: Anyone can control the node. Funds stolen.
Fix: Firewall admin APIs. Require authentication. Localhost only.
Validator keys on hot machine
highStoring validator signing keys on internet-connected machine.
Impact: Keys stolen if machine compromised. Slashing possible.
Fix: Use remote signer or HSM. Air-gapped key storage.
No monitoring or alerting
highRunning nodes without visibility into their health or behavior.
Impact: Problems not detected until too late. Missed attestations.
Fix: Prometheus metrics. Grafana dashboards. PagerDuty alerts.
Untested upgrade procedure
highUpgrading nodes without testing the procedure in staging.
Impact: Botched upgrade takes nodes offline. Missed rewards or slashing.
Fix: Test upgrades on testnet. Have rollback plan. Monitor closely.
Protocol Implementation Mistakes
Errors when implementing protocol specifications.
Spec interpretation differences
criticalAmbiguous spec language interpreted differently between clients.
Impact: Client incompatibility. Network splits during edge cases.
Fix: Coordinate with other teams. Use reference tests. Fuzzing against other clients.
Missing protocol versioning
highNo way to identify or negotiate protocol version between peers.
Impact: Incompatible clients cannot communicate. Hard fork coordination issues.
Fix: Version all protocol messages. Implement negotiation handshake.
Incorrect serialization
criticalEncoding/decoding that differs from specification or other clients.
Impact: Messages misinterpreted. Invalid blocks created or rejected incorrectly.
Fix: Use spec-compliant serialization. Test against cross-client fixtures.
Gas metering inconsistencies
criticalGas costs for operations that differ from specification.
Impact: Different execution results. Out-of-gas at different points.
Fix: Follow EIP gas costs exactly. Benchmark actual costs vs charged.
Missing bounds checks
highNot validating that values fit within expected ranges.
Impact: Overflow, underflow, or crashes on malformed input.
Fix: Check all input ranges. Use bounded integer types.
Memory and Resource Mistakes
Resource management vulnerabilities.
Unbounded memory allocation
highAllocating memory based on peer-provided sizes without limits.
Impact: Memory exhaustion. Node crash. Denial of service.
Fix: Cap all allocations. Validate sizes before allocating.
Resource leaks
mediumNot cleaning up connections, file handles, or memory.
Impact: Slow degradation. Eventually node fails or slows.
Fix: Use RAII patterns. Monitor resource usage. Regular restarts if needed.
Blocking the event loop
highLong-running operations blocking critical network handling.
Impact: Node appears offline. Misses messages. Falls behind.
Fix: Async everywhere. Move heavy work to background threads.
Insufficient connection limits
mediumNo cap on peer connections allowing resource exhaustion.
Impact: Too many connections consume resources. Degrades performance.
Fix: Set reasonable connection limits. Quality-based peer selection.
Cache poisoning
highAllowing attackers to fill caches with useless data.
Impact: Legitimate data evicted from cache. Performance drops.
Fix: Cache admission policies. Per-peer cache quotas.
Testing and Validation Mistakes
Quality assurance errors.
No fuzzing
highNot using fuzz testing on parsers and state transitions.
Impact: Edge case bugs not found until exploited in production.
Fix: Fuzz all input parsing. Fuzz state transitions. Coverage-guided fuzzing.
Insufficient cross-client testing
highNot testing against other implementations before release.
Impact: Incompatibilities discovered on mainnet.
Fix: Sync against all major clients on testnet. Use Hive testing.
Missing regression tests
mediumNot adding tests for previously found bugs.
Impact: Old bugs reappear after refactoring.
Fix: Add regression test for every bug fix. Never delete tests.
Pro Tips
Profile before optimizing. Intuition about performance bottlenecks is often wrong.
Test consensus changes with network simulations, not just unit tests.
Monitor peer connections and block propagation in production, not just availability.
More for Blockchain Engineer
Ready to build your Web3 career?
Browse hundreds of open roles across the decentralized ecosystem.
Explore Jobs