A transaction spamming attack has disrupted operations on the Nano network. Node operators throttled their bandwidth to deal with the issue but the network is out of sync and some transactions are obstructed, according to social media and Discord reports.
NANO is a cryptocurrency that uses so-called direct acyclic graphs (DAG), not blockchain, to settle transactions across the network. Unlike a blockchain, which includes one unified and continuous transaction history, Nano’s DAG ledger consists of multiple branches of asynchronous transaction histories.
The coin’s design guarantees very low transaction fees. But as evidenced by this attack, this comes at a cost of decentralization and Sybil resistance.
In Nano’s Discord on Thursday morning, users complained about unconfirmed transactions and out-of-sync block explorers.
“I've [sent] some nano this morning. Nault [wallet] reports it as sent. Destination hasn't confirmed it yet. ‘While the account address is valid, no blocks have been published to its chain yet. If NANO has been sent to this account, it still needs to publish a corresponding block to pocket the funds.’ What does this mean? Normally it shows up within minutes,” one user asked Nano’s Discord support channel.
The team for PlayNano, a Nano online casino, noted a discrepancy in block data between the two nodes they run.
Per an unverified Reddit post, the trouble began when Nano’s network was flooded with near-zero value transactions. In response to this, Nano’s creator, Colin LeMahieu, told node operators to lower their bandwidths to accept fewer incoming transactions.
This has resulted in effectively stymying the network, one Nano user, hanzyfranzy, suggests in the post:
“So yes, the network is globally down right now. Probably unlikely to change until node operators change their configs. Some transactions are getting through, but it's a small trickle.”
Nano creator Colin LeMahieu told CoinDesk that nodes were first knocked out of sync by the attack which stressed "cpu and disk limits."
"Lowering the bandwidth limit," he said, "preserves disk and cpu resources so they can stay in sync."
"The network was at a sustained 70+tps over a week and nodes were falling out of sync. When representatives lower the bandwidth cap it effectively reduces the network tps which allows them to catch up. Unfortunately the attacker was also exploiting a poor performance case in the node so resyncing is slow," LeMahieu continued.
LeMahieu believes the attackers targeted Nano, which has a full-time team of 5 working on it, during its v.22 release. The attackers have stopped for now and LeMahieu told CoinDesk that the network is "slowly recovering" but did not stipulate when it might be fully healthy again.
Updated Thursday, March 11, 2021, 16:12 UTC: Additional comments from Nano creator Colin LeMahieu describing the attack were included.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.