> miners and nodes need to spend a very long time processing some blocks. This is due to the EXTCODESIZE opcode, which has a fairly low gasprice but which requires nodes to read state information from disk;
AIUI, the data in the blockchain isn't just "data". It's actually small bits of code that execute inside a VM, which each node needs to execute in order to "understand" the blockchain. "EXTCODESIZE" would be one of the instructions in this particular VM.
I think that most blockchains either have a complexity limit per record/transaction, or have a complexity "cost", so that complex code is more costly to insert into the blockchain.
However, in this case, it sounds like someone has figured out how to insert some code that is actually more complex than the complexity-measuring code thinks it is, and is therefore causing all miners (all users?) to perform higher-than-expected amounts of computation to parse the blockchain, to the point where they can't keep up with the network.
Sure but I think the person you replied to thinks the person the person you replied to replied to thinks it's a network attack because s/he said "shouldn't decentralized networks be resilient against this".
The network protocol agrees that operation F is priced at X, with an understanding that operation F costs Y. The decentralized nature is exactly what makes it hard to suddenly and unilaterally make a policy change of "F is now forbidden, or F now costs 100x more". This is a good thing. It means that people can't make sudden unilateral changes :)
This looks more like a bug, where the attacker exploited a function which is particularly slow and forced the nodes to run this function many times.
If the nodes had different implementations, chances would be that only some nodes would be slown down, but the reality -i assume- is that there's only 1 implementation.
Think to mail servers, if they were all running the same os/sw then attacks to the whole system could be easier.
This was part of the development philosophy, to implement the client (based on the yellow paper http://gavwood.com/paper.pdf that specifies the protocol) in multiple languages in order to find bugs: if 2 clients don't agree on something, then we found a bug.
Decentralized networks benefit from no single entity being a bottle neck on connections. All a conventional DDOS does is slow down that single entity- here someone is employing the network to slow down most entities which uphold the network, achieving a very similar result.
> miners and nodes need to spend a very long time processing some blocks. This is due to the EXTCODESIZE opcode, which has a fairly low gasprice but which requires nodes to read state information from disk;
AIUI, the data in the blockchain isn't just "data". It's actually small bits of code that execute inside a VM, which each node needs to execute in order to "understand" the blockchain. "EXTCODESIZE" would be one of the instructions in this particular VM.
I think that most blockchains either have a complexity limit per record/transaction, or have a complexity "cost", so that complex code is more costly to insert into the blockchain.
However, in this case, it sounds like someone has figured out how to insert some code that is actually more complex than the complexity-measuring code thinks it is, and is therefore causing all miners (all users?) to perform higher-than-expected amounts of computation to parse the blockchain, to the point where they can't keep up with the network.
(Corrections welcome)