When using a computer, a denial-of-service attack (DoS attack; UK: /dɒs/ dos US: /dɑːs/ horsefly[1]) is a cyber-attack in which the perpetrator attempts to make a machine or network resource unavailable to targeted users by temporarily or indefinitely disrupting the services of a host connected to a network. -The Wikipedia definition of denial-of-service attack.
This is a very basic concept. Someone uses his own resources to disrupt the operation of other machines on a network.
DoS attacks have been a problem for as long as the Internet has existed. One of the often cited “first Distributed Denial-of-Service (DDoS) attacks” was against the Internet Service Provider (ISP) Panix in the mid-1990s. There were of course many technical examples of older Internet services, but this was one of, if not the first, major example of such an attack on the modern World Wide Web.
This attack caused numerous computers to initiate a Transmission Control Protocol (TCP) connection to the ISP’s servers, but never completed the handshake protocol that completed the connection. This consumes the server’s resources for managing network connections and prevents honest users from accessing the Internet through the ISP’s servers.
Since this ‘first’ DDoS attack, they have become as common on the internet as storms in nature, a regular occurrence that vast swaths of internet infrastructure have been built to defend against.
The Blockchain
The blockchain is one of the core components of Bitcoin and a required dependency for Bitcoin’s functionality as a distributed ledger. I’m sure many people in this space would call so-called ‘spam’ transactions a DoS attack on the Bitcoin blockchain. To call it that, you would have to define the “service” that the blockchain provides as a system, and explain how spam transactions deny that service to others in a way that is not intended by the design of the system.
I bet most people who believe spam is a DoS attack would say something like “the service the blockchain provides processes financial transactions, and spam takes space away from people who try to do that.” The problem is that this is not specifically the service that the blockchain provides.
The service it actually provides is the confirmation of each consensus valid transaction via a real-time auction that settles periodically when a miner finds a block. If your transaction is consensus valid and you have offered a fee high enough for a miner to include your transaction in a block, then you are using the service the blockchain provides exactly as designed.
This was a conscious design decision made over years during the ‘Block Size Wars’ and culminated in the activation of Segregated Witness and the rejection of the Segwit2x block size increase via a hard fork pushed by major companies at the time. The blockchain would function by prioritizing transactions with the highest bidding fees, and users would be free to participate in that auction. This is how blockspace would be allocated, with a global constraint to protect verifiability and a free market pricing mechanism.
Nothing about a transaction that some arbitrarily define as ‘spam’, winning in this open auction is a DoS of the blockchain. It is a user who uses that resource the way it should be used, and participates in the auction along with everyone else.
The relay network
Many, if not most, Bitcoin nodes offer transaction relaying as a service to the rest of the network. If you broadcast your transactions to your colleagues on the network, they will forward them to their colleagues, and so on. Because the peering logic that decides which nodes to collaborate with maintains broad connectivity, this service allows transactions to spread very quickly across the network, and specifically to spread to all mining nodes.
Another service is block relay, which passes along valid blocks when they are found in the same way. This has been highly optimized over the years, to the point where usually an entire block is never actually passed, just a short “sketch” of the block header and the transactions contained within it so you can reconstruct them from your own mempool. In other words, optimizations in block relay rely on a transaction relay functioning correctly and passing all valid and likely mined transactions.
When nodes have no transactions in a block already in their mempool, they must request it from neighboring nodes, which takes more time to validate the block. They also explicitly forward these transactions along with the block sketch to other peers in case they miss them, wasting bandwidth. The more nodes filter transactions they classify as spam, the longer it takes for blocks, including those filtered transactions, to propagate across the network.
Transaction filtering actively attempts to disrupt both services, in the case where transaction relays fail miserably to prevent them from spreading to miners, and in the case where block propagation has a marginal but noticeable performance penalty, as more nodes on the network filter transactions.
This node policy has the explicit purpose of degrading the network service of passing transactions to miners and the rest of the network, and views the deterioration of block propagation as a punishment for miners who choose to include valid transactions that they filter. They strive to create the degradation of the service as a goal, and view the degradation of another service as a result of that attempt as positive.
This is essentially a DoS attack, in that it actually degrades a network service, contrary to the design of the system.
Where from?
The whole story of Knotz versus Core, or ‘Spammers’ versus ‘Filterers’, is nothing more than a woefully ineffective and failed DoS attack on the Bitcoin network. Filters do absolutely nothing to prevent filtered transactions from being included in blocks. The goal of disrupting the propagation of transactions to miners has not met with any success, and the degradation of block relay has been marginal enough not to discourage miners.
I see this as a huge demonstration of Bitcoin’s robustness and resilience against attempts at censorship and disruption at the level of the Bitcoin network itself.
So what now?
A BIP was put forward by an anonymous author to implement a temporary soft fork that would expire after about a year, making numerous ways to include ‘spam’ in Bitcoin transactions invalid during that period. After realizing that the DoS attack on the peer-to-peer network was a total failure, filter proponents have turned to consensus changes, which many of them were told would be necessary over two years ago.
Will this actually solve the problem? No, that won’t happen. It will simply force people who want to submit “spam” on this forked network, if they actually go through with its implementation, to use fake ScriptPubKeys to encode their data into unusable output that will bloat the UTXO set.
So even if this fork were met with strong support, were successfully activated and did not result in a chain fork, it would still not achieve its stated goal and leave “spammers” with no choice but to “spam” to the network in the most malicious way possible.
This post Bitcoin Knots is Nothing More than a Denial-of-Service Attack on Bitcoin first appeared on Bitcoin Magazine and was written by Shinobi.