Weak proposer anonymity in Ethereum’s Proof-of-Stake (PoS) protocol renders it vulnerable to targeted denial-of-service and coordinated censorship attacks. This paper introduces a configurable adversarial experimentation framework to systematically evaluate, for the first time under multi-adversary settings, the security-efficiency trade-offs of two secret slot leader election (SSLE) mechanisms: Whisk and homomorphic sampling. By formalizing a coordinated attack model and conducting empirical analysis, we find that neither mechanism withstands large-scale coordinated attacks against the validator set: Whisk reduces the attack surface but fails to eliminate proposer identification risk; homomorphic sampling incurs prohibitively high computational overhead, rendering it impractical for deployment. Our study exposes fundamental limitations of existing SSLE schemes under realistic threat models, providing critical empirical evidence and concrete design guidance for future anonymous leader-election protocols that jointly optimize security, efficiency, and scalability.

Proposer anonymity in Proof-of-Stake (PoS) blockchains is a critical concern due to the risk of targeted attacks such as malicious denial-of-service (DoS) and censorship attacks. While several Secret Single Leader Election (SSLE) mechanisms have been proposed to address these threats, their practical impact and trade-offs remain insufficiently explored. In this work, we present a unified experimental framework for evaluating SSLE mechanisms under adversarial conditions, grounded in a simplified yet representative model of Ethereum's PoS consensus layer. The framework includes configurable adversaries capable of launching targeted DoS and censorship attacks, including coordinated strategies that simultaneously compromise groups of validators. We simulate and compare key protection mechanisms - Whisk, and homomorphic sortition. To the best of our knowledge, this is the first comparative study to examine adversarial DoS scenarios involving multiple attackers under diverse protection mechanisms. Our results show that while both designs offer strong protection against targeted DoS attacks on the leader, neither defends effectively against coordinated attacks on validator groups. Moreover, Whisk simplifies a DoS attack by narrowing the target set from all validators to a smaller list of known candidates. Homomorphic sortition, despite its theoretical strength, remains impractical due to the complexity of cryptographic operations over large validator sets.