Which kind of denial-of-service attack can a malignant replica accomplish?

qwertytrewq · May 29, 2024, 3:59pm

Particularly, can a malignant replica prevent an update call to happen? Can it prevent several update calls in a row?

yvonneanne · May 30, 2024, 10:27am

Hi qwertytrewq

Update calls are sent to a random replica of the subnet running the target canister. A malicious replica may tell the user it accepted the update call, but never send it to its peers and never put it in a block. In that case it will not be executed.
By sending another update call, it will most likely end up on a different replica and if that one is honest, it will addd it to its next block, if there is space.
If the message hasn’t been executed by its expiry time, the protocol guarantees that it will never be executed.

Does that help?

qwertytrewq · May 30, 2024, 12:35pm

Yes, it helps. Thank you for this explanation.

Topic		Replies	Views
Announcing New Security Best Practices Documentation: Protect Against Denial of Service (DoS) Attacks Developers	4	210	September 14, 2024
Feature discussion: Replica-signed queries Command Line Tools Discussing	14	1515	December 5, 2023
Lets say I host my website/app/service fully on ICP chain, what prevents bad actors from DDOS' ing my website/app/service with requests and draining the cycles for the canister? General	2	114	September 27, 2024
How critical is replica system time and timeserver dependance for consensus? General	0	257	November 7, 2021
DDOS and reverse gas model Developers	6	2929	May 28, 2021

Which kind of denial-of-service attack can a malignant replica accomplish?

Related topics