2014/08/24 Monero Blockchain Spam Attack - Post MortemPart IIAs you know from
yesterday's Part I of the post-mortem, the net-effect of the attack was an addition of 22mb of data to the blockchain. Because of the unnaturally sharp increase in transaction volume, some transactions experienced delays, mostly several minutes but a few up to an hour, during the heat of the attack. The total duration of the attack was around 13 hours.
The attack started on 2014-08-23 at 15:06:59 UTC with the three transactions in
block 186102. It ended on 2014-08-24 at 03:56:07. There were a handful of transactions (15 of them) mined as part of a second attempted attack 12 hours later (starting at 16:51:16 on 2014-08-24). By the time this second attack started, however, the network was already mostly upgraded, and it would appear that the attacker had no desire to repeat the attack with a 0.1 XMR fee.
In total, 1361 malicious transactions were confirmed and mined, although there were several hundred transactions that fell out the mempool as the network upgraded and pool operators started with a clean mempool. Every malicious transaction used a fee of 0.01 XMR, presumably to stay ahead of fee hikes or to have some sort of priority for the transactions, resulting in a total cost to the attacker of 13.61 XMR. Whilst this is not much of a cost, it's important to consider that the 13.61 XMR actualised cost only resulted in 22mb of additional blockchain data, so it's a fair trade-off. If the attacker wanted to repeat the exercise it would cost him 10x as much right now.
You can see the attack plummet to 0 as most of the network and the major pools switch over, effectively cutting off the attackers supply of cheap transactions.
Timeline Summary2014-08-23, 15:06:59 UTC - attack starts
2014-08-23, 16:12:07 UTC - core team begins to notice oddities
2014-08-23, 16:23:56 UTC - attack confirmed, mitigation begins
2014-08-23, 20:43:13 UTC - fee bump pushed to my (fluffypony) repo after internal testing, pools begin upgrading off that repo
2014-08-23, 21:12:39 UTC - fee bump merged into master
2014-08-24, 12:51:26 UTC - OS X binaries pushed to monero.cc and announced
2014-08-24, 01:10:05 UTC - Windows binaries pushed to monero.cc and announced
2014-08-24, 01:25:20 UTC - Linux binaries pushed to monero.cc and announced
2014-08-24, 03:56:07 UTC - attack ceases to function as the network soft-forks to the new fee
Thank you for your patience and support during this process. Work is underway to fix this permanently by switching to per-kb fees, and we expect to have this fully tested and deployed within the next 2-3 weeks, after which time transaction fees will go back to "normal"
