Thank you for raising these valid concerns.
Currently fetching canister logs API is only available in non-replicated mode and returns a small fixed-size 4KiB buffer. Because of this there’s no cycle cost for storing or serving logs, and no risk of cycle drain attacks – it’s free at this size.
In the future we do plan to support larger log buffers and charge accordingly. However, to avoid breaking existing assumptions and exposing (blackholed) canisters to new attack vectors we expect this to be opt-in only. That means:
- The default 4KiB buffer will likely remain free of charge
- Larger buffers will come with explicit configuration and associated cycle cost
So blackholed canisters won’t be affected unless they explicitly opt-in to large buffers. Hope this makes sense.