Spam Attacks: Crypto Strategies For Surplus Transactions
Just like email inboxes and Monty Python sketches, blockchains can be saturated with spam.
Share this article
For years, Bitcoin and other blockchains have been targeted by spam transactions. These are small transactions, which in large numbers might threaten to congest a blockchain network and cause backlogs.
Sometimes, spam transactions are part of a a denial-of-service attack, to prevent other users from spending on the blockchain. Other times the goal is more modest: small-scale spammers can spread unwanted content or “dust” the network with traceable transactions.
Spam is hard to define concretely. While it may be frustrating to see a block full of Crypto Kitties, it’s hard to assert that your transaction is more important than someone else’s.
But whatever the definition, most blockchain projects take spam quite seriously. Though there are many different anti-spam strategies, most involve prioritizing legitimate transactions over spam. Here are a few methods.
Priority Based On Transaction Fees
Most blockchains use transaction fees to discourage spam. Bitcoin, for example, prioritizes high-fee transactions, and this expense deters users from sending unnecessary transactions. Bitcoin also has a minimum relay fee, which means that users cannot send zero-fee transactions – though this feature is not found on all blockchains.
Fee-based prioritization does not discriminate between important and unimportant transactions.“There is no such thing as an illegitimate transaction,” argues Andreas Antonopoulos. “There are only transactions that did get mined and transactions that didn’t have enough fee to get mined.”
For example, Veriblock has accounted for as much as 25% of Bitcoin transactions at times. Even though Veriblock’s critics have accused it of spamming the Bitcoin network, Bitcoin miners and nodes are happy to confirm these transactions, as long as the fees are paid.
There is a downside to this approach: high fees can make Bitcoin costly for large-scale users that legitimately need to send a lot of transactions. This does not disadvantage most users, since high fees are often only apparent when many transactions are sent. Plus, anyone can choose to pay lower fees – transactions just take longer.
Priority Based on Throughput
Often, spam problems are used to argue for scalability: if a blockchain introduces larger block sizes or greater network throughput, spam transactions may become less burdensome. However, this is not a certain solution. Since fees change according to supply and demand, it may be more affordable to spam high-throughput blockchains.
There are some creative ways to discourage spam on high-throughput networks. IOTA, for example, does not charge fees, but it requires anyone who sends a transaction to perform proof-of-work (PoW) on two other transactions. As such, would-be spammers actually contribute to IOTA’s speed and security, according to IOTA’s Spam Fund.
However, this doesn’t protect against certain types of spam: powerful devices can still dominate the IOTA network. IOTA developers are attempting to improve upon this by activating “Coordicide,” which introduces a rate limit and adjustable PoW difficulty, among other changes. This should allow small and weak devices to easily make IOTA transactions.
Priority Based on Reputation
Some blockchains prevent spam by preferring transactions based on origin. Kin, for example, prevents spam by prioritizing transactions that come from approved services and their users. These services don’t pay transaction fees, and they can even introduce their own spam rules. Meanwhile, non-priority users must pay regular transaction fees.
Similarly, NEO‘s whitepaper describes NeoID, which prioritizes transactions and smart contracts with known identities during spam attacks, while allowing unknown entities to pay for priority transactions. However, NeoID is elusive in reality: it isn’t mentioned in NEO’s fee policy, and fees were NEO’s main line of defense during a 2018 spam attack.
In theory, a reputation-based approach should provide excellent performance: it provides protection against spam transactions without raising costs for legitimate high-volume users. However, this approach can also result in massive inequality: Kin, for example, has considered reserving just 5% of each block for non-prioritized transactions.
Some blockchain tools can hide spam transactions after they are received. EOS block explorers, for example, often take this approach. EOSX and EOSFlare allow users to toggle spam, instantly hiding transactions containing memos or very small amounts of crypto. This hides unwanted content without the downsides of censorship.
But this is not a viable solution for any blockchain that needs to stop spam from overburdening its network. This approach also does not solve the problem of dusting, in which spam transactions are used to deanonymize addresses or tie addresses to illicit activity. Harmful spam must be dealt with—not just hidden from sight.
What Is Crypto Spam, Really?
Ultimately, different blockchains must take different approaches to spam. Since spam transactions are not clearly defined, there is no “one size fits all” anti-spam measure. Bitcoin is mainly concerned with transaction volumes, while Kin is mainly concerned with transaction origins. EOS, meanwhile, is mainly concerned with message content.
On top of this, spam campaigns are very difficult to anticipate: since spam is rarely profitable, there are no clear motives. Spammers may be opportunistic, spreading spam during periods of tension to stir up conflict and harm a blockchain’s reputation. In the end, each blockchain must be prepared to confront each wave of spam as it occurs.