Ethereum Transaction Spam/Hash-Rate Attack

Geth is the Ethereum client with a command line interface that enables one to run a full ethereum node implemented in the Go programming language. An Ethereum full node / client, is basically a node that can verify and parse the entire blockchain, its smart contracts and anything that pertains to the Ethereum blockchain implementation. The full node mode also allows you to broadcast new transactions, create contracts, explore blockchain history and mine new blocks, as is relevant for any blockchain.

Most recently, just before the much anticipated Ethereum Devcon 2 conference in Shanghai, many Ethereum blockchain nodes on the main-net were crashing. This is a big blow to the novel smart contract technology platform that prides itself, ‘The World Computer’. It is just the latest issue to plague the platform after the catastrophic DAO hack which led to the break-away crypto-currency Ethereum Classic. However, the price of ether (Ethereum’s native crypto-currency) remained resilient despite the glitch.

Ethereum co-founder and core developer Jeffrey Wilcke posted the Security Alert on 18th September, citing that Geth nodes were running out of random memory leaks and ultimately crashed while trying to process block 2283416. Ethereum nodes are generally responsible for listening, relaying (gossiping) transactions as well as partake in the mining of blocks so as to confirm and verify new transactions — adding those that are genuine while providing sufficient gas into the blockchain.

The security warning issued by the Ethereum core development team indicated that:

Security Alert: High

Affected clients: Geth

Likelihood: High

Severity: High

Issue: Geth nodes running out of random memory and crashing at block 2283416 Solution: Update all Geth clients to Geth 1.4.12 or install an alternative client

The recent Geth exploit was caused by a transaction mined on block 2283416. The destructive transaction is said to have spent excess gas with no payload. This transaction has a message inscribed, ‘Fahrt nach Hause’ — when translated, means ‘Drive home’ in simple English and was possibly meant to disrupt Devcon 2 participants which started on 19th September 2016.

The Ethereum main-net transaction spam attack repeatedly triggered the EXTCODESIZE op-code, consequently leading to block creation delays of up to 60 seconds due to the 50000 disk fetch operations needed for transaction verification. This amounts to 2–3x block creation reduction rate while the attack was still on. Fortunately Ethereum implementation has a couple of clients including: AlethZero( C++), Pythereum (Python) and EthereumJ(Java). The geth clients attack was hence insufficient to compromise Ethereum’s consensus mechanism.

Security bugs and vulnerabilities like this are no issue for the Ethereum community since our Eth devs are known to implement bleeding-edge quick fixes. Today, it is business as usual for the community, especially now that the Geth 1.4.12 update is finally here. Ethereum is undoubtedly what Bitcoin never was — or will ever be.

PACMEDIA

PRICEACTIONCRYP.tip.me

Disclaimer

The writer invests in FINTECH & ALTCOINS at their own risk. Trading and Investing can be highly risky and you should seek the advice of a trained professional. PRICEACTION OF CRYPS, accepts no liability for losses that may be incurred as a result of anything written in its Analysis Report and anything written on this website.​