Analysis of the Mining Pool Refusal to Package Attack Faced by NEST Oracle Machine

The NEST distributed Oracle Machine aims to allow more on-chain users to participate in the price determination process, thereby enhancing data reliability and system security. To address potential malicious bidding issues, NEST has designed a bidding-taking order submission verification mechanism. However, the effective operation of this mechanism relies on the timely appearance of taking orders and new bidding transactions in new blocks.

With the development of blockchain networks, miners form Mining Pools to consolidate computing power and improve yield stability. Under the Proof of Work (PoW) consensus, greater computing power means a higher probability of returns. The emergence of Mining Pools has led to a monopoly on transaction packaging rights, as only the miners or Mining Pools that mine a block can decide which transactions are included in the next block. Large Mining Pools often prioritize packaging transactions that are advantageous to themselves or have higher fees.

If this situation occurs in the NEST Oracle Machine, it may lead to new quotes not being verified in time during the verification period, ultimately causing NEST to output incorrect price data. Certain Mining Pools may take advantage of this to gain arbitrage opportunities, threatening the security of the entire DeFi ecosystem.

The attack process mainly includes the following steps:

1. Malicious mining pools hoard cryptocurrencies for arbitrage in advance through methods such as flash loans.

2. Submit a quote to NEST that has a huge disparity with the actual market price.

3. During the verification period, other Mining Pools face the choice of whether to adjust the quotation.

4. Each Mining Pool decides whether to package and adjust the quoted transactions based on its own hash rate share and potential profits.

5. If enough Mining Pools choose not to package the corrected transactions, malicious bids may be established.

6. Malicious Mining Pools exploit incorrect prices for arbitrage.

This type of attack is essentially a multi-party game, and the final result depends on the hash power share and expected returns of each Mining Pool. Mining Pools may weigh the immediate gains from correcting the quote, which yields (a), against the gains from arbitrage after waiting for the erroneous quote to be established, which yields (b). Typically, b > a, but the probability of obtaining a is proportional to the hash power of the Mining Pool.

This issue not only affects the NEST Oracle Machine but also reflects the challenge that mining pool centralization poses to the entire concept of blockchain decentralization. How to effectively address the potential risks brought by mining pools while maintaining decentralization is an important topic that needs to be continuously explored in the development of blockchain technology.