A full explanation on why the attack has been posted on Golos by the attacker himself.
Both post are in russian and can be found here:
Here is a quick translation from the first post:
Hello, I have a bad reputation on steemit, I registered and sold those accounts.
But it's the lyrics - I needed money –
As you know, the steemit blockchain now weighs around 2-3 GB. I read somewhere that the nodes on steemit use 18 GB of RAM. And here's a question for the techies : do nodes keep keep the whole blockchain in RAM?
The bottom line is this:
- having 100 accounts, I can spam posts every 3 seconds(one post every 5 minutes each)
- making a post the maximum size (128KB) 128 /3seconds(24 multiply 3600) = 3,686400 GB per day or 25GB in a week!
Node can do that? I'm not going to do that, except on strike start spamming for a short time to attract attention to the problem, otherwise I will not hear.
Who cares? Those who were disappointed in Steemit/Golos and wants to smoke with 1,000 accounts they registered short-lived for a couple of months will be able to inflate the blockchain up to 2 TB.
How work the nodes? Will they cope? Even if you hold the blockchain in the last month, there may be 1TB of information. Or they keep only "link" to the post, and the post was not loaded.
Or it might be an intelligent guy, which will make your fork Steemit (with blackjack and hookers), by solving the problem, and steim and the voice of the spammed.
Waiting for comments from those who fumbles ))
And, Yes, bacchanal future!
A quick translation from the second one
As I wrote here (first post), I started to worry about the insecurity of Steemit (and Golos) from spam attacks and carried out a test attack here https://steemit.com/@steemitmarket/ and the results are :
Taking 15 accounts I made comments at 16K every 20 seconds.
After a while I started to see errors (some long, always different) and it is not natural.
I could not put the comments on the account @steemitmarket, and on the other accounts. And on all accounts started at the same time, and on those long comments, and those who have just started.
Perhaps the node could not handle all the comments on the account, there may be a restriction.
At the end of the night, especially with a not finished algorithm and not speeding up the attack, it was about 112МB with 15 new accounts.
My conclusions, if competently to approach to attack, and spam with 100 accounts, it is possible to inflate the blockchain more 18GB per week, and as far as I am aware, the nodes do not pull because they hold everything in RAM.
Are you ready for such an attack?
A view of the accounts used to perform the attack and its evolution over time
It looks the attack has now stopped, after generating 8654 posts and 136,39 MB of content (not including the metadata around the body of the posts/comment)
Thanks to @cryptomental for providing me the link to the Russian posts
You like this post, do not forget to upvote or follow me or resteem