although the following belongs to BCH but i think it is interesting to see how a spam attack works in real time against bitcoin (BCH is the exact copy inheriting everything) and since it is on an empty mempool so you could clearly single out the spam transactions.
at all times BCH mempool looks like what you see on the right side of the above chart (the flat line), mostly an empty mempool with no more than
200 kB of transactions in it mostly around 50 kB.
the interesting thing about this is how it is performed.
- it starts with an initial injection of a large number of transactions (265,000) with a total size of
51 MB- the total time it takes is less than 30 minutes. that is ~150 spam/second
- another wave also starts 6 hours later that time with half the amount (163,000-
31MB)
- this entire spam cost only a 100 bucks.
this is how the 2017 spam attack basically worked. of course ratio-wise it is not comparable (they injected 51000 kilobytes in a mempool that only had 200 kilobytes in it)
another interesting thing which is mostly BCH related is:
- it created a fee market! that "200 kB max" regular transactions that you always see started paying higher fees to get their transactions confirmed. in case you have forgotten BCH has 32 MB blocks...
- and finally looking at the way mempool drops it shows miners are not picking up any more than 1 to 1.5 MB of transaction data to put in the blocks they find (apart from 1 that picked up large amounts in 2 goes).