A failed spam attack on the Cardano blockchain led developers to work on a node upgrade that could deter future distributed denial-of-service (DDoS) attacks of a similar nature.
On June 25, the Cardano network experienced a DDoS attack starting at block 10,487,530. Raul Antonio, chief technology officer of Fluid Tokens, explained that the attack aimed to manipulate the Cardano blockchain into charging lower fees for high-value transactions.
Additionally, if successful, the attacker could steal staked Cardano (ADA) tokens from the network.
Intent behind Cardano DDoS attack
While the attack was underway, Philip Disarro, the founder and CEO of Anastasia Labs, explained:
“The idea behind this attack is to take advantage of the fact that the size of reference scripts currently does not impact the transaction fee, but it does impact the work that validators have to do to process the transaction.”
Disarro, along with several other Cardano developers, outsmarted the attacker into claiming back the stolen ADA tokens and stopping the DDoS attack.
The attacker eventually halted the DDoS attack and failed to move any stolen funds. Disarro added:
“Thanks for the free money moron. Truly iconic that the attacker who presumably wanted to damage the ecosystem actually ended up donating to the open-source smart contract development work we do [...]”
Read Cointelegraph’s crypto guide to learn more about how DDoS attacks work on blockchains.
Fortifying the Cardano blockchain
Disarro claimed that there were other ways to stop the attack, but his method was the fastest. “If you rush to deploy something to production without thorough testing and a high-quality, independent audit, you might wind up losing a lot of money to vulnerabilities just like the attacker did,” he added.
Intersect, a member-based organization for the Cardano ecosystem, later confirmed the attack while thanking the developer community for a swift resolution against the DDoS attack.
Related: EigenLayer enhances EigenDA security to combat Sybil attacks
While the Cardano network was not compromised and performed normally, “The network has experienced a higher load than normal and some stake pool operators (SPOs) have been negatively affected due to an intensification in block height battles,” Intersect explained.
“Once a solution has been properly tested and deployed, we will share the new node version for SPOs to upgrade to.”
The Intersect task force is collaborating to identify and test a solution to further minimize the impact of such spam attacks.
Magazine: Polkadot’s Indy 500 driver Conor Daly: ‘My dad holds DOT, how mad is that?’