Almost immediately after all geth nodes crashed due to an out of memory bug, the Ethereum development team released yet another urgent announcement to miners regarding a computational DDoS attack, which significantly delayed nodes and miners in processing blocks.
Jeffrey Wilcke, the Ethereum co-founder and lead developer, released a statement to ask all miners and developers to switch to parity mining instead of utilizing geth nodes, which caused some trouble in authenticating and validating some blocks due to the EXTCODESIZE opcode.
Wilcke further explained that the Ethereum development team has attributed some developers to create and establish several routes for a more sustainable medium-term fix.
Wilcke said:
“This is due to the EXTCODESIZE opcode, which has a fairly low gas price but which requires nodes to read state information from the disk; the attack transactions are calling this opcode roughly 50,000 times per block.”
He emphasized that the network was being slowed down but had no consensus failure or memory overload, which decreased the overall severity of the issue.
Medium and long term solutions
Vitalik Buterin, another co-founder of Ethereum, released a follow up statement to the attack specifying that a 2~3 x reduction in the rate of block creation took place. According to Buterin, the network has since recovered, with node operators and miners running a short-term fix.
However, he stated that the Ethereum development team’s medium-term fixes for the Go client must be implemented to prevent similar attacks in the future. To eliminate the possibility of identical attacks, additional caches will be added and miner software will be changed to cut the gas limit target by 2 x.
Buterin announced:
“We have made a change to miner software which automatically and temporarily cuts the gas limit target by 2 x when the miner sees a block that takes longer than 5 seconds to process, allowing for adjustments similar to what was co-ordinated today to happen automatically.”
In the long run, Buterin hinted of some low-level protocol changes to prevent DDoS attacks in general. He described a change in which a feature will be added to Metropolis to increase the gas costs of opcodes.