Blockchain networks face a critical but understudied threat: wave attacks that exploit difficulty adjustment algorithms through strategic mining participation. Adversaries cyclically withdraw and re-enter mining to create oscillations that degrade network liveness and destabilize honest miners’ revenue. We present the first production-ready framework that maintains network responsiveness while enabling robust, post hoc threat detection. The framework employs a statistically rigorous pipeline featuring controller-aligned anomaly detection, transitive collusion grouping via union-find, and Benjamini–Hochberg False Discovery Rate control. We formally prove the economic viability of this architecture: when penalties on unvested rewards are enabled by governance, wave attacks become asymptotically unprofitable for rational adversaries. Evaluated on a 128-node distributed testbed simulating Bitcoin, Ethereum Classic, and Monacoin networks over 30 independent runs, our framework achieves 92.7% F1-score in detecting attacks, significantly outperforming baseline methods (74.7%). This work provides a complete, theoretically-grounded solution for securing proof-of-work blockchains against difficulty manipulation, forming the foundation for the adaptive AI-driven enhancements presented in our companion paper (Part II).
Rafał Skowroński (Tue,) studied this question.