back

Nada! How Cardano’s Community Thwarted DDoS Attack

Jul. 21, 2024. 6 mins. read. 4 Interactions

Cardano's rapid response to a DDoS attack highlights its network resilience and community ingenuity, turning a potential crisis into an opportunity for growth and demonstrating blockchain robustness.

Credit: Tesfu Assefa

Introduction

The cryptocurrency sector recently witnessed an intriguing security event in the Cardano ecosystem – a distributed denial-of-service (DDoS) attack that was swiftly mitigated, showing the robustness of the blockchain and the ingenuity of its developer community, marking a victory for the collaborative spirit that defines the crypto space. 

Let’s delve into the details of this attack, its resolution, and the implications for Cardano’s future.

What is a DDoS attack?

DDoS (distributed denial of service) and DoS (denial of service) attacks have been a thorn in the side of Web2 businesses since 1996, causing billions of dollars of losses in the process. In the crypto world, there haven’t been many, although Electrum Wallet’s 2019 incident is a notable one: created a botnet of 152,000 hijacked wallets, and in 2020, two exchanges were shut down by DDoS attacks.

In short, DDoS (Distributed Denial of Service) attacks are malicious attempts to disrupt the normal operation of a cryptocurrency network, exchange, or service. Attackers flood the target with a massive amount of internet traffic from multiple sources, overwhelming its infrastructure and causing it to become unavailable to legitimate users. These attacks can have serious consequences: they can halt trading, block transactions, and cause financial assets to be lost.

Cardano DDoS Attack: Play-by-Play

On 24 June, 2024, the Cardano network experienced an unusual surge in activity. Fluid Token’s CTO reported that the attack commenced at block 10,487,530. 

The attacker’s strategy was to flood the network with transactions, each executing 194 smart contracts. At a cost of 0.9 ADA ($0.36) per transaction, the malicious actor attempted to congest the network by filling blocks with these spam transactions.

The intent behind this DDoS attack was twofold:

  • Primarily, it aimed to disrupt the network’s normal operations by overwhelming it with traffic. 
  • There was speculation that the attacker might have also been attempting to manipulate the fee structure to enable cheaper high-value transactions, or maybe to steal staked ADA tokens.

The attack resulted in a significant increase in network load, with chain utilization reaching peaks of 72% on average and up to 93% on an hourly basis. This heightened activity raised concerns among community members and developers who noticed the network’s sluggish performance.

Community Response and Investigation

As news of the attack spread, the Cardano community quickly mobilized. Developers, led by figures such as Philip Disarro from Anastasia Labs, began investigating the attack and formulating countermeasures.

Through on-chain analysis, community members traced the origin of the attack to addresses linked to the Kraken exchange. This discovery raised questions about the attacker’s identity and the potential for legal action. The transparency of blockchain technology was invaluable in this investigation, allowing for real-time tracking of the malicious transactions.

Interestingly, despite the attacker’s efforts to congest the network, their actions inadvertently contributed over 1,000 ADA in transaction fees to the Cardano treasury and stake pool operators. This unintended consequence showed how the Cardano network’s economic model can help keep it safe.

Technical Analysis and Vulnerability Discovery

As the community rallied to understand and counter the attack, developers like Mel from Harmonic Labs began dissecting the malicious transactions. By deserializing the UPLC (Untyped Plutus Core) of the attacking scripts, they discovered a critical flaw in the attacker’s strategy.

The scripts used in the attack were designed to always return ‘true’, no matter what input they were fed. This oversight meant that the scripts could be easily manipulated, providing an opportunity for the defenders to turn the tables on the attacker.

The Counterattack: A Brilliant Solution

Philip Disarro of Anastasia Labs identified a clever way to not only stop the attack but also claim the attacker’s funds. The solution involved deregistering the stake credentials used by the attacker. This action would force the attacker to re-register their credentials at a cost of 400 ADA each time they wanted to continue the attack, significantly increasing the financial burden of their malicious activities.

Moreover, this countermeasure allowed defenders to claim the attacker’s ADA, effectively turning the attack into a donation to the Cardano ecosystem. 

As Disarro put it:

Thanks for the free money, moron.

The community quickly implemented this solution, deregistering approximately 200 stake contracts from the attacker, which did the trick. 

Credit: Tesfu Assefa

Lessons Learned and Network Resilience

The failed DDoS attack provided several valuable insights into Cardano’s capabilities:

1. Network Capacity: Despite the high transaction volume, Cardano’s network continued to function, processing legitimate transactions alongside the spam. This demonstrated the blockchain’s ability to handle significantly increased loads, suggesting room for future scaling.

2. Community Strength: The rapid response and clever solution showcased the strength of Cardano’s developer community. Their ability to quickly analyze, respond, and implement countermeasures highlights the importance of a robust and engaged team.

3. Economic Model: The attack inadvertently proved the effectiveness of Cardano’s economic model. The attacker’s funds were not only used to pay transaction fees, but were also claimed by the defenders, turning a potential threat into a net positive for Cardano.

4. Transparency: The ability to track and analyze the attack in real-time demonstrated the value of blockchain transparency in security and incident response.

Future Implications and Upgrades

In the aftermath of the attack, the Cardano development team, including organizations like Intersect, began working on node upgrades to bolster the network’s resilience against these attacks. The upgrades aim to address potential vulnerabilities without compromising the network’s performance or decentralization.

The incident also sparked discussions about potential parameter adjustments, such as increasing block sizes or reducing block times, to further improve the network’s capacity and resilience.

Comparison with Other Networks

This event provided an interesting contrast to how other blockchain networks handle similar attacks. As noted in the community discussions, when Solana faces attacks, it often results in network shutdowns. Ethereum, on the other hand, typically sees transaction fees skyrocket during periods of network congestion.

Cardano’s ability to withstand the attack with only mild degradation in performance, coupled with the community’s innovative response, proves it is a robust and resilient blockchain platform.

Conclusion

The recent DDoS attack on Cardano, while potentially disruptive, ultimately served to demonstrate the strength and resilience of the network and its community. The swift and clever response thwarted the attack – and even turned it into an opportunity for growth and improvement. While Cardano has had its share of criticism – including some undeserved ridicule – for its slow development, its security has now been battle-tested and is hard to criticize. 

As Cardano continues to evolve, incidents like these provide valuable lessons and drive innovation. They underscore the importance of ongoing development, community engagement, and the power of decentralized systems in facing security threats.

The crypto world will undoubtedly be watching Cardano’s continued development with interest, as it sets new standards for blockchain resilience and community-driven problem-solving.

Let us know your thoughts! Sign up for a Mindplex account now, join our Telegram, or follow us on Twitter

About the Writer

Werner

75.71578 MPXR

Werner Vermaak, who is based in Cape Town, South Africa, has been a crypto editor and writer since 2017. He previously lived in Asia for 15 years and is passionate about the power of Web3.

Comment on this article

0 Comments

0 thoughts on “Nada! How Cardano’s Community Thwarted DDoS Attack

Related Articles

2

Like

Dislike

Share

Comments
Reactions
💯 💘 😍 🎉 👏
🟨 😴 😡 🤮 💩

Here is where you pick your favorite article of the month. An article that collected the highest number of picks is dubbed "People's Choice". Our editors have their pick, and so do you. Read some of our other articles before you decide and click this button; you can only select one article every month.

People's Choice
Bookmarks