Share on Twitter
Share on Facebook
Share on Reddit
Share via Email
Share on LinkedIn
Share via RSS
Share on Google+

The NEO blockchain recently experienced network congestion as a result of a spam attack, leaving users struggling to claim GAS or submit their own transactions in a timely manner. The spam appeared in the form of empty invocations, allowing thousands of transactions to be submitted without any actual transfer of funds. It is unknown at this time whether this was caused by a bug in a contract’s code, or was performed with malicious intent.

NEO recently added a limit of 20 free transactions to a block as a spam countermeasure through the “MaxFreeTransactionsPerBlock” parameter. Free transactions that are not included in a block are queued in the NEO mempool. The purpose of this inclusion was to prevent blocks from being filled up with “meaningless” or spam transactions.

As the average usage rate of the network is currently lower than this limit, it usually would not be noticed by most users. Due to the spam attack, the 20 free transactions per block were consistently filled with the empty spam invocations, resulting in users having a hard time competing to find a spot in an upcoming block.

In this sense, the spam countermeasure works as intended. However, to avoid being caught in the queue users are required to add a small priority transaction fee, allowing blocks to be filled well beyond the 20 free transaction limit. Unfortunately, Neon is the only light wallet that currently offers priority fee functionality, and the feature is not yet well understood by the broader community.

As a side-effect to the congestion issue, the NeoScan API used by Neon wallet experienced interment issues leaving it unable to communicate with the network. This resulted in token balances failing to display or update, though users should note that their funds are still secure. NEO, GAS and NEP-5 balances can all be verified by running a public address search on NEO Tracker. Updates to make Neon less reliant on the NeoScan API are already in the works.

To prevent a similar attack from disrupting NEO in the future, community developers have been discussing alternate counter-measures such as a permanent nominal transaction fee. Currently, transaction fees are used only to incentivize consensus nodes, but there is the possibility for these transaction fees to also be divided and shared between NEO token holders in the future. This would help avoid overly incentivizing consensus nodes, which could result in malicious or for-profit nodes attempting to join the network. A brief Proof of Work nonce could also be added into transactions with a few modifications to NEO’s code, which is another popular measure against spam and Sybil attacks.

Currently, these are only proposals. In an announcement posted on Medium by Peter Lin, director of R&D at NEO Global Development the official advice issued was to utilize the priority fee functionality as it is intended. Currently, one satoshi of GAS will be enough to put priority transactions ahead of free transactions.

NEO is also encouraging exchanges to add a transaction fee for NEO and GAS withdrawals, as well as encouraging all light wallets to include the priority transaction fee as an option, so users can use it at their own discretion.

Written by Brett Rhodes