Blockchain explorers may contain bugs, so verify before you trust them.

What is it about?

Blockchain explorers are important tools for users to quickly query on-chain activities. They promote inclusiveness by allowing anyone to monitor a blockchain’s performance without having to incur the overhead of running a node. Despite blockchain explorers’ popularity, few studies have looked into how reliable they are. In this paper, we take a first look at this issue by analyzing beaconcha.in, a leading explorer for Ethereum’s consensus layer (often known as the Beacon chain) within its proof-of-stake (PoS) update. We document several empirical facts from the explorer’s data: Although beaconcha.in is the more comprehensive and often more reliable explorer among its peers, we still find errors with significant implications: for example, according to the explorer, more than 75% of “slashable" consensus rule violations were left unslashed — which by appearance suggests a major failure of Ethereum’s consensus design, which heavily relies on a “stake and slash" mechanism to ensure compliance. However, further investigation shows that all these findings were due to the explorer’s mistakes in encoding validators, which reflects the negligence of consensus edge cases. We provide detailed explanations of what went wrong to help avoid future incidents.

Featured Image

Photo by DrawKit Illustrations on Unsplash

Photo by DrawKit Illustrations on Unsplash

Why is it important?

While our findings come from Ethereum, we believe the learned lessons carry broader implications for other blockchains and decentralized applications (dApps) running on them. The explorer errors we found reflect a fundamental trade-off between computation and data availability that any blockchain would face when upholding decentralization: On the one hand, it is crucial to make on-chain data light/pruned to lower validator overheads; On the other hand, such efforts increase the computational costs for other stakeholders to monitor/verify on-chain activities later. Striking the right balance between the two competing forces is thus crucial for the security of the decentralized applications running on these chains. For many dApps, the heavy cost in the latter channel creates its own centralization forces, in that many high-profile dApps rely on centralized information providers. Hence, the explorer mistake we identify again calls for more attention to the reliability of information providers and hopefully inspires community efforts toward a more robust ecosystem.

Perspectives