Ethereum Responds to Recent DDoS Attack

Journalist:
Lester Coleman
September 25, 2016

The Ethereum network was recently attacked by an opcode called Excodesize that slowed down the network, causing blocks to take as long as 60 seconds to validate, Ethereum founder Vitalik Buterin noted in a blog on Thursday.

Vitalik Buterin

Buterin recently noted on Reddit that Go developers are actively working on client code changes to process Wednesday’s attack blocks quickly.

The Go code that the developers built is in many cases able to process attack blocks faster than the current latest release, but the team wants to be sure that 1) the speedup covers all attack blocks, 2) it does not introduce new memory exhaustion vulnerabilities, and 3) it covers all potential attack permutations.

Miners Told: Increase Gas Limit

“We are encouraging miners to increase the gas limit to 1.5 million to allow a wider array of applications to be run and contracts deployed,” Buterin noted.

Long-term protocol changes to re-balance gas costs of the problematic opcodes are being discussed.

Ethereum has advised users to run geth or Parity with flags, Buterin noted in his blog.

Geth with flags: –cache 1024 –targetgaslimit 1500000 –gasprice 20000000000

Parity with flags: –cache-size-db 1024 –gas-floor-target 1500000 –gasprice 20000000000 –gas-cap 1500000

Such action will boost the cache size, reduce the disk reads for nodes and vote the gas limit down ~3x, according to Buterin. The action will cut a block’s processing time by a similar factor.

Buterin’s blog included a link to an Excodesize trace sample.

No Consensus Failure

There was no consensus failure, nor was the network or any client halted completely, Buterin noted. The attack mostly subsided by Thursday and the network at the time of the blog had recovered.

In the next several days to a week, Ethereum will work on several fixes for the Go client that should produce a more stable fix for the current problem and reduce the risk of similar attacks.

These measures include:
• Changing to miner software that automatically reduces the gas limit target by 2x when the miner sees a block taking longer than 5 seconds to process. This allows for adjustments to occur automatically. Buterin noted this is a miner strategy change and it is not a hard or soft fork.
• Numerical tweaks to cache settings.
• Adding more caches.
• Adding a cache specifically for Excodesize since it is likely Excodesize reads are significantly slower than other IO-heavy operations.
• An on-disk cache of state values allowing them to be accessed faster.

Ethereum is also examining replacing the leveldb database with a more optimized one for its use case. This will not occur soon. The Parity team is also exploring their performance improvements.

Protocol Changes Possible

Long-term, low-level protocol changes are possible. It could be helpful to add a feature to Metropolis to raise the gas cost of opcodes requiring account state reads and read operations that read external accounts.

Raising the gas cost of all such operations to 500 at minimum would likely be enough. Care would be taken to prevent breaking existing contracts. Deploying EIP 90 would be sufficient.

This action would place a lot of lower upper bound on the maximum amount of bytes a transaction could read, improving safety against all possible such attacks and cutting the size of Merkle proofs. It would enhance security of both sharding and light clients as a side effect.

Ethereum is currently addressing the more immediate software level changes. Long-term, such proposals should be considered. Contract developers should be advised that such changes could occur.

Images from LinkedIn and Ethereum.

Lester Coleman

Lester Coleman is a media relations consultant for the payments and automated retailing industries.