Yesterday afternoon I put out a call, first on Keybase and then on the blog, offering to tell the Chia Dust Stormer’s side of the story. This morning that individual contacted me via one of the channels I published. I established the identity of the attacker cryptographically using a transaction to an address I have never used and will never use again. I then confirmed that using both XCHScan and ChiaExplorer that it led back to the massive coin splitting before the news about the Dust Storm broke. It is possible that there was more than one actor here, but I think this is definitive enough to show that this person was splitting coins into gigantic piles before the dust storm became news. I am not going to expose the transactions in order to protect the identity of the actor.
I only asked the person a few questions, and I will avoid paraphrasing and publish their words unmodified. They have also asked that I publish the code used to perform the storm, and I have done so below.
For one I wanted to expose all weaknesses of Chia blockchain/node, because Chia Network seems to have their priorities all wrong.
They rushed to the market developing all tools (node, wallet, harvester) using the worst language there is to do this job (Python — an essentially single threaded language due to its Global Interpreter Lock), just because its faster/easier to work with…
Dust Storm is the most simplistic attack there is in the blockchain, that means Chia Network didn’t even take the time to stress test the software before making all of us guinea pigs. I don’t like being a guinea pig for a Venture Capital funded company. That tells me they are running against the clock.
I do believe they have a strong theory behind it and Chialisp was a great idea but again they are rushing everything and not giving the importance for a rock solid blockchain in the first place, they are trying to run before they can walk.
Another point is the pool situation. In my opinion they have designed it wrong, there is no incentive for people to not concentrate on a single pool. Centralization is not an issue with pooling protocol, everyone could farm in the same pool and the blockchain would not be at risk of centralization. That means a few pools rule it all and there is no incentive for people to jump between pools. That is an unfair market. There are several bad examples of that, we had EcoChia which had been lying and doing shady things and we all thought it would cease to exist however they got renamed to EcoXch and have close to 70PiB now. Poolsar.io completely fakes their netspace as we saw during the storm and wins about 10 times less than they were supposed to win with their claimed space, but they are still there.
Chia Network released the pool reference code simply as a very crude starting point and completely stopped supporting it so know the pools that already had a big advantage for being at the top have an even greater advantage because they have resources to continue keep supporting it. With that I also wanted to show that no pools were ready for the storm or to have fees in place for their transactions to have priority. So Pool.space earns around $USD 440k/year at current low Chia prices but didn’t have it in place either and had to implement it afterwards. How would smaller pools that are fighting to not lose money to stay operational face this?
I also asked them if they had made any money from this activity, and they said no. It cost them some mojo in performing the storm and they did not think the price would go up. They had assumed that the price would go down on news of a problem or attack, but of course no publicity is bad publicity and the exchange supply restriction had the opposite effect.
The last thing they said resonated with me, especially in context of the post on reliability and blockers to adoption this morning.
Its also a bit ridiculous that one single person, from one single node could launch this attack.
That’s true. It might be an inherent reality with blockchains and cryptocurrencies, and with public distributed systems in general, but it is true. This kind of malicious actor disruption (without calling this person’s intent malicious but using a security term of art) will be a risk that organizations need to take on when dealing with very distributed systems like Chia. And that there are advantages to having a more hub-spoke architecture that would make performing similar disruptions far more difficult.
That said, I think that the risk is relatively minimal and the impact fairly low. I think the real value of the data gathered by putting their production network under a full load test outweighs the annoyance that Chia Network may have made here. I agree with many of the points made by the Dust Stormer, especially around pools. I don’t have solutions in place, but there are trade offs to every decision and some are articulated well here.
I also asked if they were going to continue the storms or if they thought fees would be a part of Chia going forward and this was the reply.
I am not going to do it again if Chia Network take it seriously and address all the issues in a satisfactory way.
I dont think fees will be part of Chia, there is simply no demand. However I would like to raise attention to everyone reading that the minimum fee for a Chia transaction to through before other ones is around 0.00025 XCH, anything below that is the same as a 0 mojo fee. I think very few people know this.
People may use it for a transaction to go faster but 0 mojo will be the standard fee for a long time unless people decide to attack the network again, which as we all know it is very very very cheap.
Which is the reason I think its absurd that Chia Network released all their software without proper fee support.
Also, this creates a major barrier for people new to Chia. How can a beginner farmer create a Plot NFT if it requires ~0.001 XCH? He will have to buy the coin to start farming.
I certainly agree with the last point, and Chia Network has already announced that they will be solving that in the next release. I don’t agree with everything the Stormer says, but I do agree with some of it. And I think there are valuable lessons learned here for Chia Network as they go forward.
The Stormer also shared the code used to both create the mojos as well as send the transactions. It is above my head, but it looks pretty clean. Its out there now. Please use responsibly.
Thanks for your good work, both of you 😉
agree
Aspy68 says:
Great work thechiaplot!
The attack was kept short and there seem to have been no mal-intent so job done, I guess.
Dust Stormer, I get that you wanted to expose some weaknesses but If I was going to disrupt so many people I would have made a public announcement of my stress test before hand both on Keybase, the Chia Forum, and elsewhere.
Was it a game that spun out of control or did you just not care how much chaos you caused?
Thankyou Thechiaplot
I don’t like python either
I also don’t understand why the Team uses Phyton for all the demons. I would have choosen Golang for some reasons. Fast, easy to learn, ez crosscompiling, perfekt for the demons.
Anyone find it slightly ironic that they criticize the chia devs for using python, then uses python to launch the attack?
Thank you for interview!!