could you use a Dark DAO-like paradigm to break MPC-based computations?
everyone sends their share to an SGX machine, which only releases the info/bribes if enough shares are collected?
2 Likes
I don’t see this as a new attack vector, it’s just one way to obfuscate collusion - but assuming some amount of honest participants (even as low as 1 node) is part of the threat model with MPC.
In practice, there are several ways to make collusion impractical:
-
Nodes run their MPC computations inside of an enclave - making leakage of shares hard (think about it as compounding the security of both together). I believe that in time, with TEEs becoming more robust, this would become extremely infeasible and more expensive than it’s worth.
-
With a very large network and the committees approach (assuming each committee is large enough), it would be very hard to coordinate a collusion. Even if there are services that make it easy.
-
For really sensitive applications, we should allow for user-centric computations, where users can ensure they hold at least one share of the information.
There are other arguments as well, for example, I believe that the overall utility of playing honest is higher, compared to trying to actively hurt the system in something that would yield short-term higher gains (but potentially no gains in the future - if the system as a whole fails).
Overall, I think such attacks would be more expensive than the utility they’d provide, which would break their viability.
3 Likes