Clogged: the anatomy of a bitcoin attack

Monday 13 July 2015

The bitcoin network has been struggling, with some transactions taking days to process. What’s going on?

Last week saw bitcoin transactions slowed to a crawl. Some people found their transactions working fine, others that it took hours or even days for a single confirmation. A look at the network showed that tens of thousands of unconfirmed transactions were stacking up.

Read also: Do I hear 8 MB blocks? Sold! 

I found this out myself when I tried to send some funds to Bitstamp. After 10 hours, the transaction still hadn’t managed a single confirmation. A quick hunt around and the answer became clear: someone had been spamming the network with tiny transactions of around 0.0001 BTC. Although the amount is small, the size of the transaction in bytes was larger than normal, meaning they were hard to process in those quantities and prevented more ‘legitimate’ and high-value transactions from going through. The aim was to choke the miners by filling up the processing queues.

There are conflicting reports about why this was going on. One camp favoured the idea of another stress test to see what the bitcoin network was really capable of, but since it lasted for days, the ‘test’ quickly started to look more like a full-on attack. A second idea held that it was indeed a direct assault, carried out by a group of Litecoin traders; the same week Litecoin posted multiple double-digit returns, with unprecedented trading volumes - in excess of bitcoin’s own volumes. It then crashed as the traders - presumably through a co-ordinated effort - banked their profits in bitcoin, cutting LTC’s price by a third and causing a spike in BTC. The theory is that the Litecoin group wanted to draw attention and liquidity away from bitcoin to attract new money, which they promptly trousered. It was a very successful and no doubt lucrative operation.


Was a group of greedy Litecoiners behind the attack?

Either way, the bitcoin network was hamstrung for many days. Setting higher transaction fees might have helped prioritise a transfer (though I found it didn’t make much difference in my case). The problems play into both sides of the blocksize debate which has been raging for some time.

The bitcoin purists want to keep 1 MB blocks, forcing people to pay higher fees if they want their transactions confirmed. Their position is that larger blocks could just fill up with such spam transactions, meaning blocks are much larger and the problem remains anyway. Adopting a market-driven approach means people who want their transactions confirmed as a priority will pay more.

The other camp argue - far more convincingly, it has to be said - that larger blocks mean any spammer will have to invest significantly more funds in such an attack, and that when it is over the backlog will clear much faster since there is more room into which to pack the waiting transactions.

Interestingly, Litecoin is less vulnerable to this kind of attack. Bitcoin charges just one fee for a transaction with multiple outputs, making it cheap to spam the network. Litecoin charges per output - a change that was made deliberately to fix a flaw observed during a spam attack on their network three years ago. A similar fix for bitcoin was rejected by its developers.

The episode raises many questions for crypto - about the pace (or otherwise) of development to fix known flaws in bitcoin; about the tactics used to manipulate markets; about the flexibility and innovation found in the alts that is not possible for bitcoin; about the advantages and disadvantages of decentralised networks.

There’s still plenty of skullduggery afoot in crypto that regulation can’t fix. Something tells me we’re going to see plenty more of it yet.

comments powered by Disqus