Recently @borovan passed Trax#137, which transferred 17’970 ICP to ljxsi-5du4w-3se32-vba6v-dd543-rrj3g-nayx2-f7xhd-o4u7a-ycmxw-bae.
The ICP were promptly forwarded to txjrnhz-6ekxv-2fffs-wfcgt-l3pe7-456id-heznf-xyf64-nykjq-4jyso-zae which have been the source of the DoS attack on the nICP ledger canister, by mass transferring 0.0001 nICP every few seconds, back and forth to dhm6v-3f3gr-yp7vg-qosgm-s7yoj-x5zhf-su424-jxqa5-43big-ceouy-bqe.
The index canister, as its name indicates helps to index transaction from the ledger. Otherwise you need to step through every block of the ledger to recreate your transaction history.
By changing the parameter, we index every ten seconds instead of every one, lowering the load on the canister, and thus the cycles consumed. The ledger canister will upgrade itself with the following parameters:
Isn’t that illegal? Can I maliciously ddos a platform? US users should consider suing Borovan for this crime. There is enough evidence to show malicious intent.
But what is a proper way to handle DOS attacks on ICP? Slowing the heartbeat down might work but that limits the ICP usecase to slow systems (even if it’s fine here). Increasing the fees makes sense. I guess there is a balance between many approaches.
I feel there should be a capability to have dynamic fees. That is, with the increase of traffic the fees increases. And when you DOS, it quickly becimes expensive. But normal calls can be cheap/ even free. Should be protocol level, or could be even app layer standard.
