In this post, we analyze the recent spamming attacks on @harmonyprotocol and how our engineering team deployed solutions to fully resolve the issues and make the network even more resilient. 💪
https://t.co/ylJ1SHFImP?amp=1A thread 🧵
Starting on June 5th, the Harmony network begin encountering spamming attacks of various different approaches.
💎 By June 21st, most of the vulnerabilities exposed by this attack has been mitigated and all network metrics have come back to normal.
There were three main network upgrades that we made:
Increase the Gas limit to 1 gWei to increase the cost of spamming transactions:
https://github.com/harmony-one/harmony/pull/3769/filesA fix to adding an in-memory cache for explorer DB:
This serves as a temporary fix to ease the machine resources.
An explorer DB schema change that includes a database migration and the new schema logic:
The idea behind this fix is to shred the bulk address information into small entries each with an address and a transaction.
After deploying the three upgrades, all node metrics have returned to normal state, with much less system resource occupied.
The spamming transactions have been stopped and issues with RPC endpoints are fully resolved.