Login
Bitcoin Knots Has Been Nothing More Than A Denial-of-Service Attack On Bitcoin
Bitcoin Magazine
Bitcoin Knots Has Been Nothing More Than A Denial-of-Service Attack On Bitcoin
In computing, a denial-of-service attack (DoS attack; UK: /dɒs/ doss US: /dɑːs/ daas[1]) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. -The Wikipedia definition of denial-of-service attack.
This is a very basic concept. Someone makes use of their own resources to disrupt the functioning of other machines on a network.
DoS attacks have been an issue for as long as the internet existed. One of the commonly argued “first Distributed Denial-of-service (DDoS) attacks” was against the Internet Service Provider (ISP) Panix in the mid-90s. There were of course many prior technical examples on older internet services, but this was one of, if not the, first major examples of such an attack on the modern World Wide Web.
This attack had numerous computers start to initiate a Transmission Control Protocol (TCP) connection with the ISPs servers, but never finishing the handshake protocol that finalized the connection. This consumes the server’s resources for managing network connections and prevents honest users from accessing the internet through the ISP’s servers.
Ever since this “initial” DDoS attack, they have been as common on the internet as storms are in nature, a regular occurrence that massive pieces of internet infrastructure have been built to defend against.
The Blockchain
The blockchain is one of the core components of Bitcoin, and a required dependency for Bitcoin’s functionality as a distributed ledger. I am sure many people in this space would call so-called “spam” transactions a DoS attack on the Bitcoin blockchain. In order to call it that, you would have to define the “service” that the blockchain is offering as a system, and explain how spam transactions are denying that service to others in a way not intended by the design of the system.
I’d wager a bet that most people who believe spam is a DoS attack would say something like “the service the blockchain offers is processing financial transactions, and spam takes space away from people trying to do that.” The problem is, that is not specifically the service the blockchain offers.
The service it actually offers is the confirmation of any consensus valid transaction through a real-time auction that periodically settles whenever a miner finds a block. If your transaction is consensus valid, and you have bid a high enough fee for a miner to include your transaction in a block, you are using the service the blockchain provides exactly as designed.
This was a conscious design decision made over years during the “Block Size Wars” and finalized in the activation of Segregated Witness and the rejection of the Segwit2x blocksize increase through a hard fork pushed by major companies at the time. The blockchain would function by prioritizing the highest bidding fee transactions, and users would be free to compete in that auction. This is how blockspace would be allocated, with a global restriction to protect verifiability and a free market pricing mechanism.
Nothing about a transaction some arbitrarily define as “spam” winning in this open auction is a DoS of the blockchain. It is a user making use of that resource in the way they are supposed to, participating in the auction with everyone else.
The Relay Network
Many, if not most, Bitcoin nodes offer transaction relay as a service to the rest of the network. If you broadcast your transactions to your peers on the network, they will forward them on to their peers, and so on. Because the peering logic deciding which nodes to peer with maintains wide connectivity, this service allows transactions to propagate across the network very quickly, and specifically allows them to propagate to all mining nodes.
Another service is block relay, propagating valid blocks as they are found in the same manner. This has been highly optimized over the years, to the point where most of the time an entire block is never actually relayed, just a shorthand “sketch” of the blockheader and the transactions included in it so you can reconstruct them from your own mempool. In other words, optimizations in block relay depend on a transaction relay functioning properly and propagating all valid and likely to be mined transactions.
When nodes do not have transactions in a block already in their mempool, they must request them from neighboring nodes, taking more time to validate the block in the process. They also explicitly forward those transactions along with the block sketch to other peers in case they are missing them, wasting bandwidth. The more nodes filtering transactions they classify as spam, the longer it takes blocks including those filtered transactions to propagate across the network.
Transaction filtering actively seeks to disrupt both of these services, in the case of transaction relay failing miserably to prevent them from propagating to miners, and in the case of block propagation having a marginal but noticeable performance degradation the more nodes on the network are filtering transactions.
These node policies have the explicit purpose of degrading the network service of propagating transactions to miners and the rest of the network, and view the degradation of block propagation as a penalty to miners who choose to include valid transactions they are filtering. They seek to create a degradation of service as a goal, and view the degradation of another service resulting from that attempt as a positive.
This actually is a DoS attack, in that it actually is degrading a network service contrary to the design of the system.
Where From Here?
The entire saga of Knotz vs. Core, or “Spammers” vs. “Filterers”, has been nothing more than a miserably ineffective and failed DoS attack on the Bitcoin network. Filters do absolutely nothing to prevent filtered transactions from being included in blocks. The goal of disrupting transaction propagation to miners has had no success whatsoever, and the degradation of block relay has been marginal enough to not be a disincentive to miners.
I see this as a huge demonstration of Bitcoin’s robustness and resilience against attempted censorship and disruption on the level of the Bitcoin Network itself.
So now what?
A BIP by an anonymous author has been put forward to enact a temporary softfork that would expire after roughly a year making numerous ways to include “spam” in Bitcoin transactions consensus invalid through that time period. After realizing the DoS attack on the peer-to-peer network has been a total failure, filter supporters have moved to consensus changes, as many of them were told would be necessary over two years ago.
Will this actually solve the problem? No, it won’t. It will simply force people who wish to submit “spam” to this forked network, if they actually follow through on implementing it, to use fake ScriptPubKeys to encode their data in unspendable outputs that will bloat the UTXO set.
So even if this fork was met with resounding support, activated successfully, and did not result in a chainsplit, it would still not achieve the stated goal and leave “spammers” no option but to “spam” in the most damaging way to the network possible.
This post Bitcoin Knots Has Been Nothing More Than A Denial-of-Service Attack On Bitcoin first appeared on Bitcoin Magazine and is written by Shinobi.
