Yes you guessed it, spam! A lot of them.
Since our mainnet launched, we have detected a large amount of spam attacks as well as DDoS attacks:
- Domain name registration or “name squatting”: someone registered “for free” more than 7,000 popular domain names such as apple.com on the NKN Name Service.
- Subscribe spam: both in number of subscribers as well as in the size of metadata.
- GenerateID spam: that wasted millions of NKN IDs while flooding everyone’s transaction pool.
This resulted in a few serious consequences:
- Large and sustained increase of computing and memory needs for all nodes: since there are so many additional transactions to process, nodes with less than 1GB of RAM have seen out of memory errors which forces those nodes to reboot.
- Large and sustained increase of blockchain data storage: the blockchain chain data file was increasing almost 1GB per week. This is way too fast and renders some nodes unusable if they started with 8-16GB of disk space.
What are NKN’s solutions?
There is a dilemma every blockchain project faces. On one side, you would like to offer free transaction fees to spur adoption and growth of users and applications. On the other hand, you need to fight the spam and DDoS attacks and compensate the miners properly so everyone will pay for the resources they consume.
Therefore the core development team of NKN thought long and hard, consulted our community via the New Kind of Proposal (NKP) process, and worked out the following solutions (both technical and economical)
- [NKP-0012] Limit Subscribe metadata size
- [NKP-0008] Charge a fee for name registration
- Limit how many free/low-cost transactions will be included in each block
- Limit the total storage size of free/low-cost transactions included in each block
- Distribute these fees to miners or the Mining Bonus Address
By introducing these fees, we can significantly increase the cost of attacks even though we cannot eradicate them. he impact of spam and DDoS attacks have been significantly reduced since we applied the patches up to v1.0.8. However, it also introduces some side effects:
- 1-click deployment: the initial process of joining the network can take as long as a few hours, and in some cases even longer. In order for a new node to join the network, a GenerateID transaction must be created. But a new node with zero NKN balance cannot spend NKN to expedite the GenerateID transaction.
- D-Chat and Pub/Sub users: new users cannot immediately join groups or channels until they have some NKN to pay for Subscribe transaction fee.
Therefore, both the core team and community developers are working on reducing or eliminating the barrier to adoption, especially for users/clients who just joined NKN network and do not have any NKN tokens yet.
- NKN faucet function: a centralized way to distribute free NKN tokens for app developers, NKN client and users, partners
- nknX.org fast deploy: when a user successfully deployed a NKN node via nknx.org’s Fast Deploy method, they will automatically get a small amount of free NKN to join the network.
- D-Chat faucet and tipping functions: when a new user joins D-Chat, he/she can either apply for a small amount of free NKN via faucet, or via existing members tipping. Then he/she can use the newly acquired NKN to join different channels and groups.
When one should pay fees? Who gets paid?
These are the times when one could pay fees:
- Generate an ID for a new node upon its first time launch.
- Send some NKN tokens to another wallet
- Subscribe to a new topic using NKN’s Pub/Sub service (e.g. join a new chat group in D-Chat)
- Register a new domain name, e.g. SamAdams.nkn
Where will the fees go?
- Miners: all the transaction fees
- MBA (Mining Bonus Address): name registration fee
What are the fees and how to configure them?
Our main configuration file (config.json in your nkn directory) is where you can set and modify the fees. We do have default values baked into the software which should cover most cases. However, if you prefer to customize these settings, please refer to the complete guide to config.json.
The number of low fee transactions that miners are willing to include within each block. 0 means there is no limit, and the default value is 0.
The max allowed size (in Bytes) per block for all the low fee transactions. 0 means there is no limit. Default value is 4096.
The minimum acceptable fee (in NKN) per transaction for this node. If the fees included in the transaction is lower than this, this transaction will be considered a low fee txn and will the low fee txn rule applies. Default value is 0.1.
The amount registration fee this node is willing to pay for GenerateID.
The amount transaction fee this node is willing to accept for including this GenerateID into the block. The default value is 0 but we recommend something like 1 (equivalent to 0.00000001 NKN).
What will happen next?
We are planning additional measures to counter spam and DDoS attacks, as detailed in the following NKPs:
- [NKP-0014] Use PoW to prevent generate ID txn spam
- [NKP-0015] Removing inactive ID to reduce database size
- Implement state pruning to significantly reduce chain db size
- Add expiration period and registration fee to registered names in NKN Name Service
If [NKP-00014] and [NKP-0015] are passed and implemented, then we expect the attacks to be largely stopped, and new miners don’t necessarily need to pay a fee to join. Instead, they would need to wait and solve some crypto puzzle (automatically) before joining. This process will be transparent to most miners and thus will have a much better user experience than paying a fee.
In the longer term, we are also planning to implement “fast sync” mode such that a node only needs to get and store the latest state + recent block history instead of full block history. This should greatly reduce chain db size even further to save miners’ storage cost.
Spam or not, we are ready.