DDOS XRP 1.0E-6 Low value payments

[adaptive]

Detection of attempt of DDOS by address rbvFfuUysurzPHq5kgs53A16j5svbFxgv Ledgers 1203846-1203898 Several payments of XRP 1.0E-6 were made.

Any safety mechanism?

[JoelKatz]

The mechanism is to raise the transaction fee until the source account runs out of XRP. We're tracking down why it's not working as intended.

[adaptive]

@JoelKatz how should we call an address that attacks the ripple network? Spammer, Attacker

[ghost]

• That was not distributed. I use only one IP address. I don't try to hide myself.
• That was not even an attack. The unreliable network is just a collateral effect of what I was trying to achieve.
• I was trying to put my ripple account far below it's normal reserve and observe was happen to trust line or the account and see how the ripple network cope with this situation. With ~100 TX/s it should take less than 4h to reach 50 XRP reserve with 0.00001 XRP fee. Only ~87000 TX were sent.
• I was relying on the spam protection to accelerate the process.
• In theory this experience should have harm my ripple account and no one else.

[adaptive]

@oantoine "Only ~87000 TX were sent" That is about 8% of all ripple transaction history! Personally, I believe you should plan and discuss the attacks first, let others monitor.

To mitigate these attacks, servers need to block IP addresses, that generate abnormal patterns of transactions.

• massive send of minimal values in the same ledger.
• multiple creation of trust for same addresses and currency in the same ledger

[adaptive]

@oantoine Now the attack is different.

Transaction 7E32B6F6F204B3F7E8F40B33781B540B2ACB9B664CFDFDA3A15FF14C4A2D3DFA Ledger 1380912 Type Offer Creation Time 2013-07-21 11:44:00 UTC By rbvFfuUysurzPHq5kgs53A16j5svbFxgv Buys USD 0.00000001 (rvYAfWj5gh67oV6fW32ZzP3Aw4Eubs59B) For XRP 1.0E-6 (100 per USD)

[ghost]

It's not an attack. An abusive use of the network, maybe. Since the offer is unfunded, it shouldn't have any impact on anyone on the network.

[adaptive]

@oantoine Is there a point to this? What are you trying to achieve?

[ghost]

• Trying to see what happen when a created account has no reserve (return to unfunded account in the ripple-client).
• Trying to see when the fee is rising to protect the network.
• Playing with the network…
  • More work lead to that within a few seconds:

"ledger_current_index": 1387557,
      "Balance": "69677000",
      "Sequence": 759839,
    "ledger_current_index": 1387560,
      "Balance": "69681120",
      "Sequence": 759427,
    "ledger_current_index": 1387557,
      "Balance": "69676640",
      "Sequence": 759875,
    "ledger_current_index": 1387561,
      "Balance": "69676500",
      "Sequence": 759889,
    "ledger_current_index": 1387561,
    "error_message": "Network not available.",
      "Balance": "69676500",
      "Sequence": 759889,
    "ledger_current_index": 1387561,
    "error_message": "Network not available.",
      "Balance": "69676500",
      "Sequence": 759889,
    "ledger_current_index": 1387561,
    "error_message": "Network not available.",
      "Balance": "69676290",
      "Sequence": 759910,
    "ledger_current_index": 1387561,
    "error_message": "Network not available.",

The network seems to split seeing two version of the account before one node become unavailable. I try to explore that little field.

* Trying to rise the TX/s. The Sequence Field is a contention (more websocket doesn't mean more TX/s, it slow down the network, produce lot's of « sequence already seen »).

• Trying to see how my constant activity is affected by others activity

[Bonface]

One effect I notice is that trade offers do not cancel... which is a pretty crucial side effect.