Whether the storage mechanism is subject to attack



According to the data in the screenshot, it only costs $25,128.96 to use up all the data on all nodes?
Or am I missing something in my calculation?

And what is the profit an attacker would gain rn?

DOS could be massive (even if could not be sustained for long…the units are GB PER SECOND)

Curious, eddy, on what is the math behind the exact numbers is?

This doesn’t generate any revenue for the attacker, but Dfinity shouldn’t be paralyzed by one person doing evil, and it’s relatively inexpensive to do evil

2 Likes

0.00000018034 * 60 * 60 * 24 * 0.4 * 1024 * 1024,This is the formula I calculated,The result is the cost of running out of memory every day

1 Like

Caveat: This is something that I know the engineers and researchers discussed, so I will ping the team to see who can correct or add color to the very shallow understanding I have of the issue.

I am on my phone, but I actually got different numbers, but I think your high-level point stands @eddy.

You can throw money at generating canisters with data to use up entire subnets by turning the cheapness of the platform (a boon for developers). Researchers and Engineers have debated it thoroughly, and I have only been a fly in the wall of these conversations. Now, this becomes less of an issue as more subnets are added, but it is certainly possible for a very wealthy actor to cause some version of throwing monkey wrenches while subnets spin up (or NNS proposals to pause or increase storage are executed).

But let’s be specific about what is and is not at risk:

What is NOT at risk:

  • NNS would not be affected
  • NNS Ledger (i.e Tokens) would not be affected so users can stll send and receive tokens
  • NNS can still spin up new subnets
  • Unlike a DDOS attack, if a malicious actor pays for canisters to use up memory, it will NOT affect the performance /execution of existing canisters. They are fairly sandboxed. Existing canisters will still receive and execute messages.
  • NNS would still accept proposals and roll out updates

What is at risk:

  • The ability to create new canisters would be hampered while NNS spins up new subnets
  • The ability for existing canisters to grow in their own state. One could see an NNS proposal where NNS only allows canisters older than X time to still grow, but that is a quick “mitigating solution” I just came up on the spot, and not a real proposal.

Regardless, I will ping the team to see what they can add.

1 Like

@diego Thank you very much for your detailed reply.Which is very helpful to me and solved my doubts.

Diego Prats via Internet Computer Developer Forum <dfn@discoursemail.com> 于2021年8月27日周五 下午12:40写道:

2 Likes