Griefing Attack on Bitcoin Testnet Generates Three Years’ Worth of Blocks in a Week
A griefing attack on the Bitcoin testnet recently caused a surge in network activity, resulting in the generation of over 165,000 blocks, equivalent to three years’ worth of blocks in just one week.
The attacker, Jameson Lopp, co-founder and Chief Security Officer of Casa, publicly took credit for the incident, facing backlash from other Bitcoin developers.
Lopp Defends Attack as ‘Trivial Exploit’
Speaking on the decentralized social media platform Nostr, Lopp described the attack as a “trivial exploit” requiring only 20 lines of code. When questioned whether the griefing attack justified its consequences, Lopp replied that it only cost him electricity worth $1.
Lopp defended his actions, arguing that his intent was not malicious but rather aimed at drawing attention to an issue he had previously raised. He emphasized that conventional methods, such as communication through development mailing lists, had failed to address the identified weakness adequately.
“Folks are free to view me as ‘the bad guy,’ but I’m merely the first to lean into this weakness,” I’m championing a cause, and sometimes you have to do more than send an email to get people’s attention,” he added.
The attack involved flooding the testnet with excessive transactions, spamming the network, and dramatically increasing workload. As a result, the network difficulty spiked, leading to the generation of over 165,000 blocks.
According to mempool.space data, there has been a significant spike in hash rate and difficulty, peaking at 2,315 TH/s on April 19, before returning to normal levels of around 86 TH/s by April 30 in the attack’s aftermath.
Backlash and Opinions
Lopp described the griefing incident online as a “free stress test,” prompting further backlash from the crypto community. He advocated for a reset of Bitcoin’s testnet to address the “timewarp” vulnerability and restore mining rewards, which are currently negligible.
I’ll be publishing an essay next weekend with full details, but it should come as no surprise to anyone who read my email to the development mailing list several weeks ago.
I suggest you view recent events as a free stress test. Sounds like you have room for improvement.
— Jameson Lopp (@lopp) April 29, 2024
However, some, like Pouliot, likened Lopp’s actions to vandalism, equating it to defecating in a communal jacuzzi to prompt a relocation.
We’re all sitting in a jaccuzi at the spa, having a good time. One of us argues we should move to another spa, the jaccuzi there is better: it has a powerful filter that can keep it clean in case someone decides to take a shit in the jaccuzi.
We kind of agree in theory but were… https://t.co/MIis6yQ8zy
— FRANCIS – BULLBITCOIN.COM (@francispouliot_) April 29, 2024
Pouliot expressed frustration at the incident, stating that the “only damage done is f*cking with the tests of open-source Bitcoin application builders and wasting their time.”
A member in the Bitcoin Talk Thread dubbed the controversy a “testnet war,” suggesting that individuals such as Lopp should be banned from participating in Bitcoin’s testnet activities. The member labeled Lopp as a potential threat to the overall security of the Bitcoin network.
Weese commented on X that following the incident, due to the high frequency of new blocks generated hourly, it’s impossible to catch up, regardless of syncing speed. He suggested that permissionless testing networks might need to be stopped permanently.
LIMITED OFFER 2024 for CryptoPotato readers at Bybit: Use this link to register and open a $500 BTC-USDT position on Bybit Exchange for free!