July 2015 flood attack: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
Taras (talk | contribs)
No edit summary
252c9bf7f381f340 (talk | contribs)
m Fix tx cite template
 
(7 intermediate revisions by one other user not shown)
Line 1: Line 1:
{{current}}
The '''July 2015 [[flood attack]]''' was a large "stress test" of the Bitcoin network. The possibly distributed attack has provoked hundreds of thousands of [[transaction]]s, leaving over 80,000 in the [[mempool]] at one time.<ref>{{cite reddit|r=Bitcoin|id=3ck5z9|title=80,000 Unconfirmed Transactions right now|date=8 July 2015}}</ref><ref>{{cite btct|id=1113292|title=28 000 unconfirmed TXs|date=7 July 2015|post=11823370}}</ref> The attack is subsequent to stress tests executed in June.
The '''July 2015 [[flood attack]]''' is an ongoing "stress test" of the Bitcoin network. The distributed attack has provoked hundreds of thousands of [[transaction]]s, leaving over 80,000 in the [[mempool]] at one time.<ref>{{cite reddit|r=Bitcoin|id=3ck5z9|title=80,000 Unconfirmed Transactions right now|date=8 July 2015}}</ref><ref>{{cite btct|id=1113292|title=28 000 unconfirmed TXs|date=7 July 2015|post=11823370}}</ref>
 
Some charities and organizations, including WikiLeaks and Voat, have received thousands of dust outputs.<ref>{{cite web|last=Pearson|first=Jordan|date=9 July 2015|url=http://motherboard.vice.com/read/wikileaks-is-now-a-target-in-the-massive-spam-attack-on-bitcoin|title=WikiLeaks Is Now a Target In the Massive Spam Attack on Bitcoin|accessdate=10 July 2015|journal=Motherboard|publisher=Vice Media LLC}}</ref><ref name="ok">{{cite reddit|r=technology|id=3cs0ln|title=Voat.co and Wikileaks under attack from Bitcoin spammers|post=https://www.reddit.com/r/technology/comments/3cs0ln/voatco_and_wikileaks_under_attack_from_bitcoin/csyhbzt|date=10 July 2015}}</ref> Additionally, some single-word [[brainwallet]]s ("password", "cat"<ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cgft7/largest_transaction_ever_mined_999657_kb_consumes/csvbnv4}}</ref>, etc.) have been the recipients of thousands of transactions, leaving 0.00001 BTC outputs. [[F2Pool]] has been concatenating these outputs in huge 1MB transactions.<ref>{{cite tx|bb41a757f405890fb0f5856228e23b715702d714d59bf2b1feb70d8b2b4e3e08}}</ref><ref>{{cite tx|5d8875ed1707cfee2221741b3144e575aec4e0d6412eeffe1e0fa07335f61311}}</ref><ref>{{cite btct|id=1112943|title=New achivement. The biggest tx|date=7 July 2015}}</ref><ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015}}</ref> These transactions fill up an entire block on their own, and are far too large to be relayed by nodes; they have only been confirmed because F2Pool dedicated blocks to them.<ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cgft7/largest_transaction_ever_mined_999657_kb_consumes/csvasnz}}</ref><ref name="mb">{{cite web|last=Pearson|first=Jordan|date=9 July 2015|url=http://motherboard.vice.com/read/the-mystery-behind-the-biggest-bitcoin-transaction-ever-made|title=The Mystery Behind the Biggest Bitcoin Transaction Ever Made|accessdate=9 July 2015|journal=Motherboard|publisher=Vice Media LLC}}</ref> Some nodes reported having spent over 20 seconds verifying one of these transactions,<ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cgft7/largest_transaction_ever_mined_999657_kb_consumes/csva1ei}}</ref> explaining momentary but extreme latency and downtime on block chain explorers.<ref>{{cite reddit|r=Bitcoin|id=3ckhcj|title=Blockchain.info is 10 blocks behind the network|date=8 July 2015}}</ref><ref>{{cite btct|id=1112943|title=New achivement. The biggest tx|date=7 July 2015|post=11823487}}</ref>
 
[[Gregory Maxwell]] later contacted F2Pool, advising them to use the same signature for each input in the large transactions.<ref>{{cite reddit|r=Bitcoin|id=3cvw52|title=Is this a self-interested or altruistically constructed block?|date=11 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cvw52/is_this_a_selfinterested_or_altruistically/cszhxqa}}</ref><ref>{{cite tx|9fdbcf0ef9d8d00f66e47917f67cc5d78aec1ac786e2abb8d2facb4e4790aad6}}</ref> This made the transactions highly compressible and far easier to verify.<ref>{{cite reddit|r=Bitcoin|id=3cvw52|title=Is this a self-interested or altruistically constructed block?|date=11 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cvw52/is_this_a_selfinterested_or_altruistically/cszic86}}</ref>
 
As a result of this attack, most mining pools updated their software to produce 1 MB blocks, as originally most capped their blocks at sizes such as 250 kB or 750 kB. The attack seems to have concluded by July 15.<ref>{{cite reddit|r=Bitcoin|title=Transaction mempool back down to normal range: 7k tx.|date=15 July 2015|id=3dbu73}}</ref>
 
==Motivation==
The attackers may have had an agenda related to the [[blocksize debate]], attempting to demonstrate the infeasibility of 1MB blocks including transactions of hundreds of thousands of users.<ref name="mb"/> Specifically, the Chinese [[mining pool]]s ([[AntPool]], [[BW Mining]], [[F2Pool]], [[BTC China]], & [[Huobi]]) have expressed distaste towards [[Gavin Andresen]]'s proposals to increase the blocksize limit, citing concerns of relatively low bandwidth compared to that available in the United States and Europe.<ref name="mb"/><ref>{{cite web|last=Pearson|first=Jordan|date=16 June 2015|url=http://motherboard.vice.com/read/chinas-powerful-bitcoin-miners-say-their-bandwidth-sucks|title=China's Powerful Bitcoin Miners Say Their Bandwidth Sucks|accessdate=9 July 2015|journal=Motherboard|publisher=Vice Media LLC}}</ref> The flood attack may have been attempting to discredit the pools, and subsequently force them off the network after the raised blocksize limit is in effect.<ref name="mb"/><ref>{{cite btct|id=1089283|title=Hearn's Worst Case Scenario: Checkpoints in XT to "ignore the longest chain"|date=13 June 2015}}</ref>
 
It is unlikely that the attack was used in an attempt to damage or shut down Bitcoin, as it appears to have been controlled and benevolent.<ref name="mb"/><ref>{{cite reddit|r=Bitcoin|id=3ci9av|title=Could the recent attack on bitcoin be the product of a core developer?|date=8 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3ci9av/could_the_recent_attack_on_bitcoin_be_the_product/csvtpxk}}</ref> It has also resulted in the donation of over 30 BTC to various sites.<ref name="ok"/>


Some single-word [[brainwallet]]s ("password", "cat"<ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cgft7/largest_transaction_ever_mined_999657_kb_consumes/csvbnv4}}</ref>, etc.) have been the recipients of thousands of transactions, leaving 0.00001 BTC outputs. [[F2Pool]] has been concatenating these outputs in huge 1MB transactions.<ref>{{cite tx|bb41a757f405890fb0f5856228e23b715702d714d59bf2b1feb70d8b2b4e3e08}}</ref><ref>{{cite tx|5d8875ed1707cfee2221741b3144e575aec4e0d6412eeffe1e0fa07335f61311}}</ref><ref>{{cite btct|id=1112943|title=New achivement. The biggest tx|date=7 July 2015}}</ref><ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015}}</ref> These transactions fill up an entire block on their own, and are far too large to be relayed by nodes; they have only been confirmed because F2Pool dedicated blocks to them.<ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cgft7/largest_transaction_ever_mined_999657_kb_consumes/csvasnz}}</ref><ref name="mb">{{cite web|last=Pearson|first=Jordan|date=9 July 2015|url=http://motherboard.vice.com/read/the-mystery-behind-the-biggest-bitcoin-transaction-ever-made?utm_source=mbtwitter|title=The Mystery Behind the Biggest Bitcoin Transaction Ever Made|accessdate=9 July 2015|journal=Motherboard|publisher=Vice Media LLC}}</ref> Some nodes report having spent over 20 seconds on one of these transactions,<ref>{{cite reddit|r=Bitcoin|id=3cgft7|title=Largest transaction ever mined, 999.657 KB. Consumes an entire block.|date=7 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3cgft7/largest_transaction_ever_mined_999657_kb_consumes/csva1ei}}</ref> leaving sites including [[Blockchain.info]] and [[TradeBlock]] temporarily impaired.<ref>{{cite reddit|r=Bitcoin|id=3ckhcj|title=Blockchain.info is 10 blocks behind the network|date=8 July 2015}}</ref><ref>{{cite btct|id=1112943|title=New achivement. The biggest tx|date=7 July 2015|post=11823487}}</ref>
==Suspects==
==Suspects==
[[Coinwallet.eu]], who had executed the previous stress tests, may have something to do with this attack as one of their bitcoin addresses had been used in both efforts.<ref name="mb"/> However, Coinwallet.eu did not announce involvement in this attack, as they had in the stress tests.<ref name="mb"/><ref>{{cite btct|id=1094865|title=Ultimate Bitcoin Stress Test - Monday June 22nd - 13:00 GMT|date=20 June 2015}}</ref>
[[Peter Todd]] had previously offered to execute a stress test for $7,000<ref>{{cite reddit|r=Buttcoin|id=3bk12f|title=Why doesnt buttcoin start its own "stress test"?|date=29 June 2015|post=https://www.reddit.com/r/Buttcoin/comments/3bk12f/why_doesnt_buttcoin_start_its_own_stress_test/csn4nbz}}</ref> but he denies involvement in this attack.<ref>{{cite reddit|r=Bitcoin|id=3ci9av|title=Could the recent attack on bitcoin be the product of a core developer?|date=8 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3ci9av/could_the_recent_attack_on_bitcoin_be_the_product/csw1e50?context=1}}</ref>
[[Peter Todd]] had previously offered to execute a stress test for $7,000<ref>{{cite reddit|r=Buttcoin|id=3bk12f|title=Why doesnt buttcoin start its own "stress test"?|date=29 June 2015|post=https://www.reddit.com/r/Buttcoin/comments/3bk12f/why_doesnt_buttcoin_start_its_own_stress_test/csn4nbz}}</ref> but he denies involvement in this attack.<ref>{{cite reddit|r=Bitcoin|id=3ci9av|title=Could the recent attack on bitcoin be the product of a core developer?|date=8 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3ci9av/could_the_recent_attack_on_bitcoin_be_the_product/csw1e50?context=1}}</ref>


[[Satoshi Nakamoto]] has been (perhaps jokingly) labelled a suspect,<ref name="mb"/><ref>{{cite reddit|r=Bitcoin|id=3ci9av|title=Could the recent attack on bitcoin be the product of a core developer?|date=8 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3ci9av/could_the_recent_attack_on_bitcoin_be_the_product/csw750p}}</ref> as he had mentioned that the block size should be increased when it is needed<ref>{{cite btct|id=1347|title=(PATCH) increase block size limit|date=3 October 2010|post=15139}}</ref> and may be campaigning for this change without revealing his involvement.
A redditor has published the private keys to hundreds of addresses which have been recipients of dust outputs in 2013, perhaps in an attempt to incite additional spam as redditors try to claim the funds.<ref>{{cite reddit|r=Bitcoin|id=3cf6qg|title=Need help moving coins to new address|post=https://www.reddit.com/r/Bitcoin/comments/3cf6qg/need_help_moving_coins_to_new_address/csuyyi3|date=7 July 2015}}</ref><ref>{{cite reddit|r=Bitcoin|id=3chere|title=Stress Test Giveaway|date=7 July 2015}}</ref>
 
[[Satoshi Nakamoto]] has been (perhaps jokingly) labeled a suspect,<ref name="mb"/><ref>{{cite reddit|r=Bitcoin|id=3ci9av|title=Could the recent attack on bitcoin be the product of a core developer?|date=8 July 2015|post=https://www.reddit.com/r/Bitcoin/comments/3ci9av/could_the_recent_attack_on_bitcoin_be_the_product/csw750p}}</ref> as he had mentioned that the block size should be increased when it is needed<ref>{{cite btct|id=1347|title=(PATCH) increase block size limit|date=3 October 2010|post=15139}}</ref> and may be campaigning for this change without revealing his involvement.
==References==
==References==
<references/>
<references/>
[[Category:2015 events]]
[[Category:2015 events]]

Latest revision as of 13:27, 23 July 2023

The July 2015 flood attack was a large "stress test" of the Bitcoin network. The possibly distributed attack has provoked hundreds of thousands of transactions, leaving over 80,000 in the mempool at one time.[1][2] The attack is subsequent to stress tests executed in June.

Some charities and organizations, including WikiLeaks and Voat, have received thousands of dust outputs.[3][4] Additionally, some single-word brainwallets ("password", "cat"[5], etc.) have been the recipients of thousands of transactions, leaving 0.00001 BTC outputs. F2Pool has been concatenating these outputs in huge 1MB transactions.[6][7][8][9] These transactions fill up an entire block on their own, and are far too large to be relayed by nodes; they have only been confirmed because F2Pool dedicated blocks to them.[10][11] Some nodes reported having spent over 20 seconds verifying one of these transactions,[12] explaining momentary but extreme latency and downtime on block chain explorers.[13][14]

Gregory Maxwell later contacted F2Pool, advising them to use the same signature for each input in the large transactions.[15][16] This made the transactions highly compressible and far easier to verify.[17]

As a result of this attack, most mining pools updated their software to produce 1 MB blocks, as originally most capped their blocks at sizes such as 250 kB or 750 kB. The attack seems to have concluded by July 15.[18]

Motivation

The attackers may have had an agenda related to the blocksize debate, attempting to demonstrate the infeasibility of 1MB blocks including transactions of hundreds of thousands of users.[11] Specifically, the Chinese mining pools (AntPool, BW Mining, F2Pool, BTC China, & Huobi) have expressed distaste towards Gavin Andresen's proposals to increase the blocksize limit, citing concerns of relatively low bandwidth compared to that available in the United States and Europe.[11][19] The flood attack may have been attempting to discredit the pools, and subsequently force them off the network after the raised blocksize limit is in effect.[11][20]

It is unlikely that the attack was used in an attempt to damage or shut down Bitcoin, as it appears to have been controlled and benevolent.[11][21] It has also resulted in the donation of over 30 BTC to various sites.[4]

Suspects

Coinwallet.eu, who had executed the previous stress tests, may have something to do with this attack as one of their bitcoin addresses had been used in both efforts.[11] However, Coinwallet.eu did not announce involvement in this attack, as they had in the stress tests.[11][22]

Peter Todd had previously offered to execute a stress test for $7,000[23] but he denies involvement in this attack.[24]

A redditor has published the private keys to hundreds of addresses which have been recipients of dust outputs in 2013, perhaps in an attempt to incite additional spam as redditors try to claim the funds.[25][26]

Satoshi Nakamoto has been (perhaps jokingly) labeled a suspect,[11][27] as he had mentioned that the block size should be increased when it is needed[28] and may be campaigning for this change without revealing his involvement.

References

  1. /r/Bitcoin thread 3ck5z9. 80,000 Unconfirmed Transactions right now 8 July 2015. Self post.
  2. BitcoinTalk thread 1113292. 28 000 unconfirmed TXs 7 July 2015. Post 11823370.
  3. Pearson, Jordan (9 July 2015). "WikiLeaks Is Now a Target In the Massive Spam Attack on Bitcoin". Vice Media LLC. http://motherboard.vice.com/read/wikileaks-is-now-a-target-in-the-massive-spam-attack-on-bitcoin. Retrieved 10 July 2015.
  4. 4.0 4.1 /r/technology thread 3cs0ln. Voat.co and Wikileaks under attack from Bitcoin spammers 10 July 2015. This post
  5. /r/Bitcoin thread 3cgft7. Largest transaction ever mined, 999.657 KB. Consumes an entire block. 7 July 2015. This post
  6. Transaction bb41a757f405890fb0f5856228e23b715702d714d59bf2b1feb70d8b2b4e3e08.
  7. Transaction 5d8875ed1707cfee2221741b3144e575aec4e0d6412eeffe1e0fa07335f61311.
  8. BitcoinTalk thread 1112943. New achivement. The biggest tx 7 July 2015.
  9. /r/Bitcoin thread 3cgft7. Largest transaction ever mined, 999.657 KB. Consumes an entire block. 7 July 2015. Self post.
  10. /r/Bitcoin thread 3cgft7. Largest transaction ever mined, 999.657 KB. Consumes an entire block. 7 July 2015. This post
  11. 11.0 11.1 11.2 11.3 11.4 11.5 11.6 11.7 Pearson, Jordan (9 July 2015). "The Mystery Behind the Biggest Bitcoin Transaction Ever Made". Vice Media LLC. http://motherboard.vice.com/read/the-mystery-behind-the-biggest-bitcoin-transaction-ever-made. Retrieved 9 July 2015.
  12. /r/Bitcoin thread 3cgft7. Largest transaction ever mined, 999.657 KB. Consumes an entire block. 7 July 2015. This post
  13. /r/Bitcoin thread 3ckhcj. Blockchain.info is 10 blocks behind the network 8 July 2015. Self post.
  14. BitcoinTalk thread 1112943. New achivement. The biggest tx 7 July 2015. Post 11823487.
  15. /r/Bitcoin thread 3cvw52. Is this a self-interested or altruistically constructed block? 11 July 2015. This post
  16. Transaction 9fdbcf0ef9d8d00f66e47917f67cc5d78aec1ac786e2abb8d2facb4e4790aad6.
  17. /r/Bitcoin thread 3cvw52. Is this a self-interested or altruistically constructed block? 11 July 2015. This post
  18. /r/Bitcoin thread 3dbu73. Transaction mempool back down to normal range: 7k tx. 15 July 2015. Self post.
  19. Pearson, Jordan (16 June 2015). "China's Powerful Bitcoin Miners Say Their Bandwidth Sucks". Vice Media LLC. http://motherboard.vice.com/read/chinas-powerful-bitcoin-miners-say-their-bandwidth-sucks. Retrieved 9 July 2015.
  20. BitcoinTalk thread 1089283. Hearn's Worst Case Scenario: Checkpoints in XT to "ignore the longest chain" 13 June 2015.
  21. /r/Bitcoin thread 3ci9av. Could the recent attack on bitcoin be the product of a core developer? 8 July 2015. This post
  22. BitcoinTalk thread 1094865. Ultimate Bitcoin Stress Test - Monday June 22nd - 13:00 GMT 20 June 2015.
  23. /r/Buttcoin thread 3bk12f. Why doesnt buttcoin start its own "stress test"? 29 June 2015. This post
  24. /r/Bitcoin thread 3ci9av. Could the recent attack on bitcoin be the product of a core developer? 8 July 2015. This post
  25. /r/Bitcoin thread 3cf6qg. Need help moving coins to new address 7 July 2015. This post
  26. /r/Bitcoin thread 3chere. Stress Test Giveaway 7 July 2015. Self post.
  27. /r/Bitcoin thread 3ci9av. Could the recent attack on bitcoin be the product of a core developer? 8 July 2015. This post
  28. BitcoinTalk thread 1347. (PATCH) increase block size limit 3 October 2010. Post 15139.