2

A block on Bitcoin blockchain contains about 4000 transactions.

Since a block is added approximately every 10 minutes, in 3 months, about 51 million transactions can be added (4000 x 6 x 24 x 90 = ~51 mil)

A bad actor such as a government could post transactions for full capacity for 3 months with a fee of $50 per transaction (currently avg trx fee is $1.3), costing the government about $2.5 billion and causing a DOS (Denial of Service) for all other transactions (Assuming that "miners" prioritize transactions with higher fees).

Can Bitcoin network handle such an attack?

P.S. $50 fee is just something I made up for cost to government calculation and can be any number that is way higher than the average fee. Point is to make "miners" ignore all other transactions that have lower fees to cause a DOS.

Also, please assume that government would prepare for this scenario by first creating millions of addresses and placing some sats in them so that transactions during attack would look like legitimate transfers.

Son Kaos999
  • 349
  • 1
  • 13
Nihat
  • 123
  • 5
  • Recent blocks contain less than 2200 transactions *on average*. – RedGrittyBrick Jan 20 '23 at 21:04
  • I went with 4000 because that is what I could find about the # of trx that can be put in a block. My question still stands for 2200 too; it would even make the attack less costly. – Nihat Jan 20 '23 at 21:13
  • Yes, whether its 4000 or 2200 tx/block, I think someone with a spare $2500000000 to burn up could kill Bitcoin for at least a while. – RedGrittyBrick Jan 20 '23 at 21:23
  • It is worrying. I hope to hear what bitcoin devs have to say about this. – Nihat Jan 20 '23 at 21:24
  • First the attacker has to acquire $25 billion worth of BTC, that might push the exchange rate higher making BTC more expensive to acquire. This might be noticed. – RedGrittyBrick Jan 20 '23 at 21:34
  • Why? They can generate, say 1 million addresses and put about 10 dollar worth of BTC in each at a cost of 10 million USD. Then they can start the attack by submitting transactions from 1 wallet address to other. – Nihat Jan 20 '23 at 21:36
  • 1
    They need to have enough BTC to pay the $2.5 billion you calculated they would need in fees. And that's with current low fee rates that might not stay low if April 2021 is any guide. – RedGrittyBrick Jan 20 '23 at 21:39
  • Let us [continue this discussion in chat](https://chat.stackexchange.com/rooms/142220/discussion-between-nihat-and-redgrittybrick). – Nihat Jan 20 '23 at 21:40
  • If it were the case that an actor was to pull off such an erroneous attack any node in the network could choose to deny including transactions sent from their ip address or even public key if they wanted to. This is similar to if you had a node on the network spamming you with anything else, like empty or invalid blocks, you could just disconnect from them. If I have this wrong someone please correct me though. – Poseidon Jan 20 '23 at 21:40
  • @RedGrittyBrick "They need to have enough BTC to pay the $2.5 billion you calculated they would need in fees" Aah I see. I feel so stupid. Thank you! If you can add your answer below, I can set it as the answer – Nihat Jan 20 '23 at 21:43
  • @Poseidon Attacker can use many different ip addresses and different public keys from all those generated that I mentioned. So attack would come from MANY different addresses and ips. RedGrittyBrick's explanation is satisfactory. Thank you as well – Nihat Jan 20 '23 at 21:45
  • Even though they COULD come from many keys and address' it is incredibly unlikely and the efficiency of the transactions on the bitcoin ledger allow for this to be even more unlikely than in a situation with bloated on chain data storage. Thanks for the interesting question :) Oh not to mention that spam still looks like spam even if it is coming from multiple address' all you need to do is deny SOME of those address' and you have limited the spam greatly. – Poseidon Jan 20 '23 at 21:47
  • @Poseidon What do you mean by efficiency of transactions? Don't miners just pick the transactions with higher fees? – Nihat Jan 20 '23 at 21:48
  • I mean the way in which transactions are stored then processed, if it was the case that we needed to spend lots of compute time verifying transactions it would be more possible for an attacker to `spam` the chain, in a situation where verifications are quick it is actually more expensive to spam over a longer period of time. – Poseidon Jan 20 '23 at 21:50
  • Compute time for verifying is not something I was angling at. I was just worried about legitimate looking attack transactions with higher fees that would prevent normal transactions from being processed. I got the answer for it above. Thank you – Nihat Jan 20 '23 at 21:54

1 Answers1

3

I don't think it is easily preventable but it is expensive and it would be difficult to prepare without being noticed and might be difficult to execute in a way that couldn't be detected and countered, at least partially.

Firstly $2.5 billion is a substantial sum to throw away unless you are a government.

You would initially need to buy $2.5 billion worth of Bitcoin since that is the amount you calculated you need to have available in BTC to spend in transaction fees. Large purchases of this type tend to push up the price of Bitcoin. (Reference).

Bitcoin transactions that spend $50 in fees to pay someone only some small amount such as $10 would be suspicious and could be blocked, you'd have to re-use a more significant amount, say $2000. Transactions that quickly recirculate that $2000 would also be moderately obvious and easy to block.

Bitcoin has survived brief periods of very high fee rates (e.g. average over $50/transaction in April 2021) - this spurred the development and adoption of higher level Bitcoin payment systems such as the Lightning Network (LN) which use the Bitcoin network relatively infrequently.

Bitcoin miners have invested in the future of Bitcoin and many of them might not want to assist someone evidently intending to do harm to the Bitcoin economy, even despite the short term financial gains offered. It seems likely that many would coopoerate in a defensive action once the attack was obvious. Many or almost all of the less convinced miners might have to follow along with defensive efforts to avoid being left on the wrong side of a fork. Or they would divide their effort between a lucrative fork and a fork with long term value.

Really the question boils down to, if you had $2500000000 and wanted to end up with $0 with the side effect of destroying Bitcoin - would there be a cheaper or quicker way? Would there be something else you could do with that money that would be more beneficial to you?

Ultimately this question is a bit subjective, but I guess there are some aspects of Bitcoin's operation and history that can be brought up in an answer in an objective way.

Footnote re transactions per block

blocks> blockchain -file blk03359.dat -blocks -format csv
   No.,Version ,Height,Date and Time   ,   Txs,Target  ,Id
     1,2C992000,772279,2023-01-16 20:24,  3218,17077CE2,000000000000000000041832D3A631058097F4D5DF55D985E8C664EA221F317D
     2,2CDF2000,772280,2023-01-16 20:52,  3510,17077CE2,0000000000000000000116ADA2621CB8F296852A50CD022AD1A905B6D827B600
     3,20006000,772282,2023-01-16 21:16,  2788,17077CE2,0000000000000000000506A596FF3A003DB3C4E4221FA38B8A500A19A102C847
     4,27FFE000,772283,2023-01-16 21:24,  2971,17077CE2,000000000000000000045811D897C1B593F7F709E0726E88E95E3B7B7AA7C379
     5,324F0000,772284,2023-01-16 21:42,  3320,17077CE2,00000000000000000004C114CA81064110AA59C2286D5FA0BA51E02F7BF9B481
[...]
   100,20000000,772448,2023-01-17 23:17,  2787,17077CE2,000000000000000000074C2DDD69DC4266EBCE407F4CB89906D0D5A4A6C277F1
   101,20000000,772449,2023-01-17 23:20,  3012,17077CE2,00000000000000000006D59307529DE12433207000992AA7087E6560641D1503
   102,20000000,772450,2023-01-17 23:23,  1317,17077CE2,000000000000000000066B6B40258410FF5FD5C9034BC5F046FFF82CAEB5A59B
   103,293F6000,772451,2023-01-17 23:34,  2957,17077CE2,0000000000000000000427BF57B0D9DBFD00286B5F5EA6DF508ACF56D021D08F

blocks> blockchain -file blk03359.dat -blocks -format csv | ^
More? perl -n -a -F"," -e "if (/0000/) {$t+=@F[4]; $n++;} END{print $t/$n;}"
2196.54368932039

So, <2200 tx/block on average

RedGrittyBrick
  • 24,039
  • 3
  • 23
  • 47
  • Great answer. Thank you very much! – Nihat Jan 21 '23 at 06:10
  • 1
    If there were someone with a HUGE trail of inputs spamming the chain we could identify said trail of inputs and run code that would hold off processing these inputs and prioritize transactions that don't look like spam. Comes down to the fact that obfuscating yourself on bitcoin is even more expensive than using it normally and the fact that we spend little to no time processing single transactions means if you wanted to sustain this attack it would likely end up costing way more than you would calculate it to cost. Denying incoming or outbound peers is a right held by every node. – Poseidon Jan 21 '23 at 06:13