9

It is frequently stated that spam even makes the network stronger by confirming other transactions. However, it is not difficult to imagine an attacker that either confirms primarily their own transactions or transactions that already have confirmations by other transactions.

I wonder if this would just put more load on the network (all transactions have to be relayed to and validated by all nodes) without providing any benefit. Wouldn't it be possible to harm the network this way even with little resources?

Helmar
  • 1,293
  • 1
  • 15
  • 28
lex82
  • 1,087
  • 7
  • 18

2 Answers2

6

Spam is only good, if it is widely distributed over the network. So if there are enough fullnodes which are used for the spamming transactions, everything is fine. If only a few fullnodes are spammed, this could harm the network. Additionally there is the coordinator, which is a bottleneck right now. The devs are using spamming attacks, to research the tangle and to get more knowledge on its behavior under stress. This is currently happening. Nevertheless, the spammer needs to do PoW, so it is not as cheap to spam the network as you think. As you can see, in general it is possible to harm the network with spam.

For Further reading

Tobi MZ
  • 1,607
  • 1
  • 12
  • 31
  • According to this answer (https://iota.stackexchange.com/a/520/607) all valid transactions are relayed to all nodes, so I assumed that the attacker would effectively spam the whole network. Is that not the case? – lex82 Dec 05 '17 at 06:20
  • The attacker is spamming the whole network but using only a small number of full nodes to do so. – Tobi MZ Dec 05 '17 at 06:23
  • I don't understand what you mean with "fullnodes used for the spamming transactions". Are they controlled by the attacker or is the attacker running a lightnode connected to these fullnodes? – lex82 Dec 05 '17 at 06:27
  • the attacker is running one ore more lightnodes connected to these fullnodes. Just check the Further reading link. – Tobi MZ Dec 05 '17 at 06:28
  • As clarified in a comment to aboose's answer, I assume the spammer creates valid transactions that are relayed to all nodes in the network anyway, so I don't see why it makes a difference how many nodes are used to inject the spam transactions into the network. – lex82 Dec 05 '17 at 06:31
  • This is due to the regional character of iota. So if you just spam one region, you create long self confirming chains, and will not have a contribution to the tangle, this imbalance is harming, if you use public nodes, others rely on. – Tobi MZ Dec 05 '17 at 06:34
  • Let us continue this discussion in chat. – lex82 Dec 05 '17 at 06:35
0

Not all spam benefits the network -- malicious spam can target a single node and overwhelm it. However, on a network wide scale, it would be difficult to harm the network in a significant way.

aboose
  • 3,135
  • 3
  • 15
  • 37
  • 1
    Please see my comment below Tobi's answer. I do not see how it would overwhelm only a single node. – lex82 Dec 05 '17 at 06:25
  • What's unclear is what you mean by spam. The sort of spam happening on the network right now is uncomfirmable invalid transactions, which don't get propagated to other nodes. – aboose Dec 05 '17 at 06:26
  • I mean valid transactions that will (and have to be) properly relayed to all nodes in the network. – lex82 Dec 05 '17 at 06:27
  • then you should read my first two sentences – Tobi MZ Dec 05 '17 at 06:30
  • @TobiMZ Which sentences? I ask how spam benefits the network if it only creates more load (bandwidth, bigger tangle, tip selection more complex) but does not validate transactions. I don't understand why it is important at which nodes spam enters the network. Is there some special processing at this point? – lex82 Dec 05 '17 at 06:34
  • Spam has to validate transaction or it does not get propagated. If you just want to gum up nodes with useless transactions that only validate old transactions, then you could do that, but you would need a lot of cpu to sustain an attack that wont eventually get drowned out by genuine transactions. – Spamalot Feb 23 '18 at 18:52