{"id":8785,"date":"2025-02-20T17:58:36","date_gmt":"2025-02-20T16:58:36","guid":{"rendered":"https:\/\/wsj-crypto.com\/?p=8785"},"modified":"2025-02-20T17:58:36","modified_gmt":"2025-02-20T16:58:36","slug":"navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies","status":"publish","type":"post","link":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/","title":{"rendered":"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies"},"content":{"rendered":"<p><\/p>\n<div id=\"\">\n<p class=\"chakra-text css-gi02ar\">Today the network experienced an assault through a transaction spam attack that persistently invoked the EXTCODESIZE opcode (refer to trace sample <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"http:\/\/vitalik.ca\/files\/1ksteps.txt\">here<!-- --><\/a>), thus generating blocks that require approximately ~20-60 seconds to validate owing to the ~50,000 disk fetches necessary to process the transaction. The consequence of this was an approximate ~2-3x decline in the block creation rate while the attack was underway; there was NO consensus disruption (i.e., network fork) and at no time did the network or any client come to a complete stop. As of the time of this writing, the attack has largely ceased, and the network has temporarily recuperated.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">The immediate solution is for users, including miners, enterprise users (such as exchanges), and individuals to operate geth with the flags:<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\"><span class=\"chakra-text css-ons8vw\">&#8211;cache 1024 &#8211;targetgaslimit 1500000 &#8211;gasprice 20000000000<\/span><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">Or utilize Parity with the flags:<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\"><span class=\"chakra-text css-ons8vw\">&#8211;cache-size-db 1024 &#8211;gas-floor-target 1500000 &#8211;gasprice 20000000000 &#8211;gas-cap 1500000<\/span><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">This (i) enlarges the cache size, minimizing the number of disk reads that nodes must perform, and (ii) reduces the gas limit by roughly 3x, thereby lessening the maximum processing duration of a block by a similar margin.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">In the medium term (i.e., several days to a week), we are actively addressing multiple fixes for the Go client that should both supply a more consistent resolution for the current issue and lessen the risk of similar attacks, including:<!-- --><\/p>\n<p><!-- --><\/p>\n<ul role=\"list\" class=\"css-1onhfjo\">\n<li class=\"css-cvpopp\">An update to miner software that automatically temporarily halves the gas limit target whenever the miner detects a block that requires more than 5 seconds to process, facilitating adjustments akin to what was coordinated today to occur automatically (refer to <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/github.com\/ethereum\/go-ethereum\/pull\/3025\">here<!-- --><\/a> for a pull request; please note this is a miner strategy alteration and NOT a soft fork or hard fork)<!-- --><\/li>\n<li class=\"css-cvpopp\">Numerical adjustments to cache configurations<!-- --><\/li>\n<li class=\"css-cvpopp\">Incorporating additional caches<!-- --><\/li>\n<li class=\"css-cvpopp\">Implementing an extra cache specifically for EXTCODESIZE (since it is probable that EXTCODESIZE reads operate at several times slower than other IO-intensive tasks given the contracts being read are approximately ~18 KB long)<!-- --><\/li>\n<li class=\"css-cvpopp\">A disk-based cache of state values which enables quicker (i.e., <!-- --><span class=\"chakra-text css-ons8vw\">O(log(n))<\/span> speedup) access<!-- --><\/li>\n<\/ul>\n<p>We are also examining the possibility of substituting the leveldb database with a more efficient and optimized alternative for our use case, though such a modification would not be immediate. The Parity team is pursuing their own enhancements in performance.<br \/>\n<!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">In the longer term, there are fundamental protocol modifications that can also be investigated. For instance, it may be prudent to incorporate a feature into Metropolis to raise the gas costs of opcodes that necessitate reading of account state (SLOAD, EXTCODESIZE, CALL, etc.), particularly for read operations involving external accounts; elevating the gas cost of all these functions to at least 500 would likely suffice, though caution should be exercised to prevent disrupting existing contracts (e.g., concurrently implementing <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/github.com\/ethereum\/EIPs\/issues\/90\">EIP 90<!-- --><\/a> would be adequate).<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">This would impose a significantly lower upper limit on the maximum number of bytes a transaction may read, enhancing safety against all potential attacks of this nature, and diminishing the size of Merkle proofs, thus fortifying security for both light clients and sharding as an ancillary benefit. Currently, our focus is on the more urgent software-level modifications; however, in the long run, such proposals should be deliberated and contract developers need to be informed that alterations of this nature may occur.<!-- --><\/p>\n<p><!-- --><br \/>\n<!-- --><\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/blog.ethereum.org\/en\/2016\/09\/22\/transaction-spam-attack-next-steps\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today the network experienced an assault through a transaction spam attack that persistently invoked the EXTCODESIZE opcode (refer to trace sample here), thus generating blocks that require approximately ~20-60 seconds to validate owing to the ~50,000 disk fetches necessary to process the transaction. The consequence of this was an approximate ~2-3x decline in the block<\/p>\n","protected":false},"author":3,"featured_media":8282,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[1371],"class_list":["post-8785","post","type-post","status-publish","format-standard","has-post-thumbnail","category-ethereum","tag-return-a-list-of-comma-separated-tags-from-this-title-transaction-spam-attack-next-steps"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies - WSJ-Crypto<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies - WSJ-Crypto\" \/>\n<meta property=\"og:description\" content=\"Today the network experienced an assault through a transaction spam attack that persistently invoked the EXTCODESIZE opcode (refer to trace sample here), thus generating blocks that require approximately ~20-60 seconds to validate owing to the ~50,000 disk fetches necessary to process the transaction. The consequence of this was an approximate ~2-3x decline in the block\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/\" \/>\n<meta property=\"og:site_name\" content=\"WSJ-Crypto\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-20T16:58:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2100\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"wsjcrypto\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"wsjcrypto\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/\",\"url\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/\",\"name\":\"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies - WSJ-Crypto\",\"isPartOf\":{\"@id\":\"https:\/\/wsj-crypto.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"datePublished\":\"2025-02-20T16:58:36+00:00\",\"author\":{\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\"},\"breadcrumb\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#primaryimage\",\"url\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"contentUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"width\":2100,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wsj-crypto.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wsj-crypto.com\/#website\",\"url\":\"https:\/\/wsj-crypto.com\/\",\"name\":\"WSJ-Crypto\",\"description\":\"Just Another Crypto News Website\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wsj-crypto.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\",\"name\":\"wsjcrypto\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"caption\":\"wsjcrypto\"},\"url\":\"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies - WSJ-Crypto","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/","og_locale":"it_IT","og_type":"article","og_title":"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies - WSJ-Crypto","og_description":"Today the network experienced an assault through a transaction spam attack that persistently invoked the EXTCODESIZE opcode (refer to trace sample here), thus generating blocks that require approximately ~20-60 seconds to validate owing to the ~50,000 disk fetches necessary to process the transaction. The consequence of this was an approximate ~2-3x decline in the block","og_url":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/","og_site_name":"WSJ-Crypto","article_published_time":"2025-02-20T16:58:36+00:00","og_image":[{"width":2100,"height":900,"url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","type":"image\/jpeg"}],"author":"wsjcrypto","twitter_card":"summary_large_image","twitter_misc":{"Scritto da":"wsjcrypto","Tempo di lettura stimato":"3 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/","url":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/","name":"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies - WSJ-Crypto","isPartOf":{"@id":"https:\/\/wsj-crypto.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#primaryimage"},"image":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#primaryimage"},"thumbnailUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","datePublished":"2025-02-20T16:58:36+00:00","author":{"@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7"},"breadcrumb":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/"]}]},{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#primaryimage","url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","contentUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","width":2100,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/20\/navigating-the-aftermath-of-a-transaction-spam-attack-essential-strategies\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wsj-crypto.com\/"},{"@type":"ListItem","position":2,"name":"Navigating the Aftermath of a Transaction Spam Attack: Essential Strategies"}]},{"@type":"WebSite","@id":"https:\/\/wsj-crypto.com\/#website","url":"https:\/\/wsj-crypto.com\/","name":"WSJ-Crypto","description":"Just Another Crypto News Website","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wsj-crypto.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Person","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7","name":"wsjcrypto","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","caption":"wsjcrypto"},"url":"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/comments?post=8785"}],"version-history":[{"count":2,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8785\/revisions"}],"predecessor-version":[{"id":8787,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8785\/revisions\/8787"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media\/8282"}],"wp:attachment":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media?parent=8785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/categories?post=8785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/tags?post=8785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}