https://www.reddheads.com/en/first-ethereum-hard-fork-successful-second-imminent/Earlier this week the Ethereum community successfully executed a hard fork – the first in a planned series of two – aimed at reducing the feasibility of possible attack vectors recently highlighted by a person or group of people attacking the network.
Based on EIP (Ethereum Improvement Proposal) 150 version 1c, the hard fork implemented recalculated costs for operations available to the creators of Ethereum contracts. The attacker(s) was exploiting the fact that certain operations that require relatively large computational outlay were relatively cheap to execute. Repeatedly running these operations millions of times placed excessive strain on many Ethereum nodes and caused the network to slow down. It was a DoS (Denial of Service) attack specifically tailored for the Ethereum network. The hard fork increased the costs of the operations in question to render this particular DoS method prohibitively expensive.
Further attacks carried out on the Ethereum network before the first hard fork saw many empty accounts being created on the network due to manipulation of the SUICIDE (self-destruct) operation, to the extent that now the size of the data for the state of all accounts on the blockchain can no longer be cached, allowing the attacker to get further mileage from his malicious accounts by creating new spam operations to continually read from disk the balance of these accounts, thus forcing more work on the system. A clean-up of the attacker’s empty accounts is scheduled with the second hard fork, upcoming in a few days.
Ethereum
GO BACK HOME!
Ethereum has been under attack since the start of the Devcon2 conference in Shanghai, on 19 September. Just before the Ethereum devs went on stage for the first day of the event, a rogue transaction was made on the network, with a payload aimed at manipulating various operations to increase memory usage in the Ethereum Geth client (popular official command line interface client), eventually causing this client to crash and many nodes to drop offline. What looked like a message (written in German) directed to the Ethereum team and Ethereum in general, was tagged to the attack transaction in question: “Fahrt nach Hause”, meaning “Go back home!” or “Get the fuck out of here!”
Further attacks since 19 September include the methods specified above and general abuse of relatively low-priced operations available to contract creators on the Ethereum Virtual Machine (EVM).
The overall effect of the attacks was to congest the network to a level where blocksizes were greatly increased, leading to increased block creation times and blocks so full of spam that genuine transactions were being impeded from entering the network for confirmation. Full nodes were placed under strain as they managed the bloated account state of the blockchain.
judo
Multi-level defence and system improvements
As well as the protocol changes implemented by hard fork, reactions to the attacks included work on Ethereum clients Geth, Parity and others to improve performance by modifying cache settings and adding caches to deal with memory requirements, miners lowering block gas limits to limit the number of spam transactions that the attacker could potentially squeeze into each block, thereby making processing blocks a bit easier for nodes, and other defensive actions and system improvements.
Commenting on the current situation, Ethereum dev Gustav Simonsson wrote:
Correcting the gas cost of op codes makes Ethereum more efficient as it enables more txs and real throughput by disincentivizing “artificial” use of the platform – simple loops over op codes which has no utility other than DoS.
In fact, the attack surface of Ethereum is surprisingly small given that it’s much more powerful & flexible than other live blockchain systems. This is much due to having cross-client specifications & test suits and multiple implementations in different programming languages.
Claiming the attacker has “unlimited runway to continue” is ignorant FUD.
The vulnerabilities fixed over the past weeks have all been in very specific subsets of the Ethereum protocols:
gas cost of a subset of the VM op codes.
logic around “empty” accounts
performance of state handling of accounts.
unconfirmed tx (mempool) queuing & broadcast logic.
(3) and (4) have been vastly improved in geth, parity and other implementations which is why the attacker is no longer targeting these.
(1) was too a large degree fixed by the HF, although it’s clear that EXP (and possibly a few other arithmetic op codes) also need to be adjusted.
(1) and (2) will be further addressed by a 2nd HF (
https://github.com/ethereum/EIPs/issues/158)
With the current gas system, there will always be some combination of op codes requiring the most resource usage for the least cost.
Prior to this HF, the block gas limit was voted to 0.5M to ensure the network remained operational and processed txs during attacks.
Now we see that the network is chugging along during attack txs with a at 2M gas limit (although older, slower systems without SSD drives will need patches that are currently being worked on in both geth and parity).
Overall, this HF + patches in clients have improved the bottleneck of Ethereum by more than an order of magnitude. In a few weeks, it’ll be another order of magnitude.
And in the long term all txs we currently describe as “attack” or “DoS” txs will become indistinguishable from regular txs as their tx fees will be proportional to their resource usage.
