2014/08/24 Monero Blockchain Spam Attack - Post MortemPart IA slightly deeper analysis around the transactions and the timeline will come out in part 2 tomorrow, along with the Monero Missive (delayed to give us time to focus on this priority;)
On 2014/08/24 a spam attack was launched against the Monero blockchain. Up to that point, Monero had a relatively low fixed fee per transaction of 0.005 XMR (under 1 US cent per transaction). This allowed the attacker to broadcast extremely large transactions every 5 seconds.
For the most part, the network worked as expected. The dynamic block size limit allowed the max block size to grow, and transactions were broadcast without incident. However, the (relatively) slow expansion in the median block size, among other things, lead to some transactions taking some time to confirm. This is not the usual turn of events - normally an increase in usage occurs over a couple of days in a best case scenario (Monero is featured on Dr Phil and Oprah, and every Monero user gets a whale once they check under their seat). At its worst, there were ~400 transactions in the memory pool that were waiting to be confirmed. The sudden, sharp, drastic increase means that the network needed to adjust, and in the interim some transactions took anything from a few extra minutes to an hour longer than usual.
Let's look at the actual effect on the blockchain:
From our average of around ~1750 transactions a day, the network spiked to 3255 transactions on the day of the attack - an 86% increase! Nonetheless, the network survived and handled it quite well.
Block time should average around 60 seconds. As you can see, there was no drastic change in our average daily block time, indicative of the network's robustness as it sought to maintain the 60 second average.
Blockchain growth over August was 6.684mb per day. Because of the attack, blockchain growth over the past two days was 20.326mb (23rd) and 15.05mb (24th). This is a net effect of 13.642mb extra + 8.366mb extra = 22mb more than average over the period.
As a final note of interest, you can see the minor dip in yesterday's block reward, as the block penalty kicked in to prevent too many large blocks being created.
Within the space of about 4 hours we had finalised and deployed a temporary fix that ramped the fee up. Thanks to the hard work and availability of pool operators and exchange operators on a Saturday afternoon/evening, we were able to get a large enough portion of the network to shift over to incorporate the change. Those pool operators that were unavailable in the wee hours of Saturday evening picked up the change on Sunday, and as of Sunday morning the network has recovered completely, bar 22mb of extra unnecessary transactions.
The ramp up to 0.1 XMR fees stopped the attacker dead in their tracks, and gives us a bit of time to regroup and finalise the changes we were making that will permanently prevent this in future.
