In Brief
- The Zcash blockchain is experiencing a spamming attack that is filling up transaction blocks at an unprecedented rate.
- Some argue that the attack could be to bring Zcash into disrepute.
- The security of the Zcash blockchain is maintained through regular audits by the Electric Coin Company and Zcash.
An unidentified spammer has wreaked havoc with Zcashnode operators by filling transaction blocks with myriad shielded transaction outputs.
At press time, Zcash miners had verified a block with four shielded transaction outputs at a block height of 1832666, according to the blockchain’s explorer tool.
Zcash spammer’s motive still unclear
Twitter user xenumonero first pointed out the spammer’s activity:
At press time, at least two out of five blocks had been maximally spammed with shielded transaction outputs, having sizes close to the two-megabyte limit. The size of the most recent block was roughly 1.4 megabytes.
While the motive of the attack has not yet been determined, bax1337 of Convex Labs believes that the goal is to bring Zcash into disrepute through nodes failing because of memory, performance, and synchronization issues. Additionally, potential node operators could be discouraged from participating in the network, making the blockchain susceptible to surveillance or so-called Eclipse attacks.
Eclipse attacks occur when a hacker fools a network node by creating an artificial environment around it to make it receive bogus transaction confirmations, amongst other things. The success of an Eclipse attack depends very much on the structure of the underlying blockchain, and often the inherent blockchain structure is enough to frustrate these attacks.
One Zcash user, @igototokyo, suggested that developers in the community of rival privacy coinMonero are responsible for the attack:
Monero is another privacy-focused crypto project that uses so-called ring signatures to obscure the identities of the sender and receiver in a transaction. Ring signatures combine a sender’s signature or permission for a transaction with other signatures. This combination makes it difficult to determine which signature belongs to the sender.
Zcash, on the other hand, uses a cryptographic proof called Zero-Knowledge Succinct Non-Interactive Argument of Knowledge, or zk-SNARK, for its shielded transactions. It allows a transacting party, for example, to convince a verifier that a number exists for a given cryptographic hash without letting on what that number is.
Zcash was founded by a group of scientists who forked the Bitcoin software to create a cryptocurrency called Zerocash. The scientists founded Zerocoin in 2015, later becoming the Electric Coin Company.
Is Zcash secure?
According to the Zcash blog, both Electric Coin and the Zcash Foundation conduct regular audits to assess the security of the blockchain. The blockchain is also routinely upgraded to accommodate present and future use cases.
In May 2022, the blockchain was upgraded to Network Upgrade 5, which introduced a new zero-knowledge system called Halo 2.
Disclaimer
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.