@casherbox (telegram)

Buy bitcoin with credit card

You send
Get money

What is Cryptocurrency Dust Attack

Cryptocurrency dust attcak
This article is devoted to the growing popularity of the term in cryptocurrencies - cryptocurrency dust, dust, dusting attack. We will also analyze whether such dust is dangerous and how to deal with it. What wallets to use to prevent the consequences of such transactions. What is cryptocurrency dust Dust is minor transfers to the victim's wallet, which are made to carry out spam on the cryptocurrency blockchain.

Dust Tasks in the Cryptocurrency Network:
  1. Overload the network with a lot of data, making regular payments impassable. Thus, in order to send cryptocurrency, it will be necessary to wait longer for confirmation or to increase the commission when sending.
  2. Deanonymize the victim's wallet by tracking the further movement of funds received in the form of dust.
Cryptocurrency dust attack - creation of many tiny transactions sent to millions of unknown addresses for the purpose of their deanonymization and network spam.

At the moment, the dust in the Bitcoin network is considered to be massive transactions of about 300 satoshi. Transactions less than 294 satoshi are simply not processed by the nodes. This is done to combat spam transactions.

Dust attack for spam

In the cryptocurrency blockchain, there is always competition for the confirmation of the transaction by the network. This is noticeable with the load on the network created by the excitement, sharp jumps in rates, a drop in the hash rate, as well as dust attacks. As you know, the place in the block is limited by the parameters of the cryptocurrency itself. The block size of Bitcoin at the moment is 1 mb, which allows about 7 operations per second. If the total volume of transactions exceeds this value, they will not be confirmed in this block. Thus, during a dust attack, a queue of unconfirmed dust transactions can turn out, which will interfere with the inclusion of real transactions in the block, thereby increasing the confirmation time on the network in some cases up to several days.

Dust attack targets for spam:
  • raise the commission for the transfer
  • competition between cryptocurrencies
Some unscrupulous cryptocurrency pools resort to dust attacks to stimulate an increase in the reward that the end user pays. These cases are not rare and occurred several times from 2017 to 2020.
There are also known cases when the struggle between Bitcoin and Bitcoin Cash contributed to the emergence of such attacks. This was done mainly to discredit the cryptocurrency in the eyes of its users and try to force them to use another cryptocurrency.

A dust attack is not illegal as it is not hacking or unauthorized access to someone's wallets or data. However, such actions lead to the fact that other network participants are forced to pay large commissions. In this situation, only mining pools benefit.

At the moment, Bitcoin, after the introduction of Segwit and the Lightning Network, has adapted to such attacks and made them economically unprofitable for the sender. In addition, developers of wallets and cryptocurrencies themselves began to fight against such attacks.

However, there is still motivation to implement them.

Dust attack for the purpose of deanonymization

To understand the attack process, you need to learn what UTXO is. Since we have already examined this, it will be more clear to study this issue before further analysis of the deanonymization process.

Each amount in any bitcoin wallet consists of many inputs. When a transfer is made to a wallet, it is displayed on the network as a separate entrance. Let's take regular bills and a regular wallet as an example. When you receive a $ 100 bill, a $ 100 entry is formed in your wallet. If there is a second incoming transaction, for example, for $ 5, then the total amount in the wallet will already be $ 105, but it will already consist of two inputs of $ 100 and $ 5. The new amount does not stick together with the previous one, but lies in the wallet in parallel. The more entries, the more bills in the wallet.

In the same way, transactions take place on the bitcoin network. It is quite difficult to send exactly as much as there is in one of the transactions. When sending an amount less than the incoming transaction, change will occur, which will be returned to the sender's wallet. For example, if the wallet has 10 bitcoins with one incoming transaction and you need to sell bitcoin in the amount of 1 BTC, then an outgoing transfer with one input and two outputs of 1 and 9 bitcoins will occur. 1 will go to the recipient, 9 will return to the wallet.

If the amount from one input is not enough to send the required amount, but it is in the other input, several inputs will be combined into one output and the transaction will be sent to one address. By sending BTC in this way, all incoming transactions that were previously carried out to this wallet are disclosed and are associated with each other as one owner. Thus, by sending a dust transaction, you can further track the connections of this wallet with others, since in most cases this dust will go away with all other inputs.

How to protect yourself from a dust attack

There are several ways to protect yourself from deanonymization in general and from dust attacks in particular:
  1. Send transactions with one output to different wallets. When carrying out such transactions, it is impossible to deanonymize the sender.
  2. Generate a new wallet for every transaction.
  3. Do not reuse addresses.
  4. Filter inputs with dust sums and do not combine them with other inputs when submitting.
Some advanced wallets have already implemented dust attack protection. For example, Samurai Wallet has an option that will leave all the dust intact. Also, cryptocurrency developers are struggling with this phenomenon by introducing more and more new methods each time.

Controlling incoming transactions is a priority for dust attacks prevention.

Today, there are entire corporations whose task is only to find connections and reveal the owners of wallets. Companies like Chainalysys, Scorechain receive government orders from governments. Attackers can also use their services. The basis in the fight against their algorithms is mindfulness and understanding of the process. All other factors that can further reveal your personality stem from these two.

go to articles list