Dust Attacks Make a Mess in Bitcoin Wallets, but There Could Be a Fix
When dust settles in your home, you sweep it up. But what happens when dust makes its way into your Bitcoin wallet? Cleaning it up may not be so simple.
When dust settles in your home, you wipe it up. But what about when unwanted dust makes its way into your bitcoin wallet? Well, cleaning it up may not be so simple.
In Bitcoin parlance, “dust” is the technical term given to trace amounts of bitcoin that are considered too small to send in a transaction because the transaction fee would exceed the amount sent. Typically, dust is no more than a few hundred satoshis (a microunit of measurement for bitcoin).
Because sending dust is expensive relative to the transaction size, normal bitcoin users have no reason to transact with dust. But that doesn’t mean other entities, like bad actors or blockchain researchers, don’t have a use for it.
Letting the dust settle
Entities conducting blockchain analytics may use dust to deanonymize users and their wallet addresses. The idea is to create enough deterministic links between the analysis firm’s wallets and the recipient addresses. Once these links are created, the firm can run analysis using the data it collects to trace IP addresses to the recipient wallets.
“When the dust is consolidated with the user’s other funds, it helps with chain analytics by making it easier to cluster addresses,” Sergej Kotliar, the CEO of Bitrefill, told CoinDesk. If users don’t consolidate the unspent transactions (UTXOs), then they don’t need to worry about their anonymity. However, most wallets automatically consolidate UTXOs when a user creates a transaction, so this can be tough to navigate around unless you are choosing which UTXOs to spend manually.
CoinDesk reached out to Chainalysis and CipherTrace to ask if they use dust in their analytics. Both companies denied using this technique, though Chainalysis Manager of Investigation Justin Maile added that dusting is “more often [used] by investigators” to trace illicit funds. Maile continued that exchanges may use dusting to trace stolen funds following a hack.
Read more: How Do Bitcoin Transactions Work?
Dave Jevans, the CEO of blockchain analytics company CipherTrace, told CoinDesk that “hackers may use dusting as a strategy for identifying individuals who can then be phished or extorted.”
The threat of anonymity aside, consolidating these UTXOs would mean spending more in fees than the dust is worth. The resulting dilemma then becomes: leave the too-piddling-to-spend UTXOs to clutter the wallet or consolidate them and thus compromise privacy. (It’s not uncommon for users to have their wallets dusted more than once by the same entity, leading to significant clutter. Phil Geiger, the director of marketing at Unchained Capital, for instance, told CoinDesk he has “had addresses dusted repeatedly.”)
Some wallets, like Samourai and Bitcoin Core, let you freeze UTXOs, which would bar them from being consolidated in a new transaction. But Kotliar emphasized that most average users will not know how to navigate this feature.
Raising dust limits?
To mitigate the impact dust has on the network, Kotliar has suggested raising the dust limit as designated by the Bitcoin Core wallet. Currently, most wallets are designed to cap transactions at 546 sats (0.00000546 BTC, or roughly 7 cents).
“Blocking these would be censorship, but maybe raising the dust limit makes sense,” Kotliar said, adding that his proposal “is a way to raise the topic and have other people weigh in on it.”
If this limit were raised, then it would be more expensive to execute a dusting attack. But, of course, this comes at the detriment of honest users spending small sums. If bitcoin were to go up in price dramatically, then the dust limit would have to be recalibrated so as to not price out smaller accounts from sending transactions.
Another fix, proposed some time ago by Bitcoin Core developer Peter Todd, involves wrangling dust UTXOs and spending them in a CoinJoin transaction to preserve privacy. In a back and forth on Twitter discussing Todd’s “dust-b-gone” proposal, a representative for Samourai indicated the privacy wallet is seriously considering adding such a feature in the future.
The dust piles up
There’s no guarantee that raising the dust limit would clean this problem up for good.
“I'm not sure that raising the dust limit would prevent this,” Ergo, a pseudonymous analyst for OXT Research, told CoinDesk, though it would “certainly [be] a deterrent.”
Blockchain analysts, for example, may still be willing to stomach the premium to send dust if the limit is raised, especially if they have high-dollar contracts with government agencies.
Still, it may deter some bad actors from wasting block space on trivial transactions. Bitcoin’s blockchain keeps a record of every transaction ever executed on the network, and there’s only so much space per block to accommodate new transactions; dust, then, causes unnecessary bloat on Bitcoin’s transaction ledger because blockspace that may have been used to accommodate legitimate, larger transactions is instead devoted to transactions worth pennies.
And the pennies (or satoshis) add up. In the most recent dusting attack to hit the Bitcoin network, for instance, Ergo has traced some 84,000 dust outputs from 146 transactions to an entity that appears to be advertising an obscure Bitcoin SV messaging application. Each transaction includes a message directing users to the application. (Kotliar noted, “This does not appear to be a malicious attack.”)
The apparent advertising campaign has cost the BSVers roughly 1.147 BTC, according to the most recent figures produced by Ergo, and the attackers have spent three times more on fees than the dust itself. Ergo told CoinDesk that this round of dusting began on Aug. 4 and has been “fairly consistent.”
Jensen mentioned that promotional dustings like this are not uncommon. At the end of 2018, for instance, 100,000 addresses were dusted as a way to advertise the now-defunct mixing service Bestmixer.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.