Last DDoS Nano Network Attack and V23.1 Fixes

Last DDoS Nano Network Attack and V23.1 Fixes

On May 19, 2022, a fix was released for the Nano blockchain, which historically experienced what is known as a Distributed Denial of Service (DDoS) attack.

However, the development team behind Nano released a protocol update that aimed at fixing this issue for the network’s entirety.

Last DDoS Nano Network Attack and V23.1 Fixes

This was known as the V23.1 patch, and today, we are going to go over everything you need to know surrounding it and how to fix it.

Key Points:

  • Mid-April of 2022, a sequence of Distributed Denial of Service (DDoS) attacks exploited the node behavior and were executed on the live nano network.
  • There were a total of five different types of attack vectors used at the time.
  • The V23.1 patch was released to sit on top of the V23 follis release as a set of minimal changes added to the network as a means of addressing the pattern of attacks.
  • To fix it, you will need to upgrade to patch V23.1 or later, such as the latest V23.3 available at the time of writing.

What is the last DDoS nano network attack?

The last DDoS attacks on the Nano network impacted it as a whole, where operators could see high disk usage, high disk IO, crashes both within and out of memory as well as stalled transaction confirmation.

There were a total of five different attack vectors used, including unchecked table filling, which caused high usage and IO on the unchecked table, telemetry spoofing, a leak in the message handling, vote request stalling, and a database corruption in the RocksDB backend.

What is the last DDoS nano network attack?

The V23.1 patch introduces a check when inserting into the unchecked table that limits several low-cost paths used to fill it, and functionality was added to let operators use a consistent node id. 

The node can disconnect and clean up sequences of messages, and an unneeded flush was removed. The node’s vote cache was also disabled by default.  

How to fix it?

In order to fix this issue, here is what you need to do.

Step 1: Download V23.1 or newer

Here, you will need to download the latest node version from the official page. At the time of writing, V23.3 is released, so you can download that as well. 

You can find the V23.1 node version, but it is recommended to always stay up to date.

  • Step 2: Install it

It is recommended that you perform the update on a different machine and then replace the ledger file upon completion, where Machine 1 would be the node and the ledger, while Machine 2 would be the one making the update.

However, if you want to upgrade, here directly is what you can do.

Start by running the following command:

You will see a message saying “Upgrade in progress…” will be displayed if a ledger upgrade is required. Wait for it to finish, and do not stop it prior to it finalizing.

  • Step 3: Enabling RocksDB

You can enable it by adding the following code to the config-node.toml file:

The other options are the following:

Once you have completed all of these steps, you should have successfully fixed your Nano node from all future DDoS attacks, at least ones made through the previous exploits.