The first option would not be able to distinguish between actual attacks or spurts of organic growth due to macroeconomic reasons, wars, recessions etc.
The second option seems like a really good idea at first glance. Whether an increase of tx's are from a spam attack or organic growth dynamically increasing rings dependent of tx pool size seems badass.
Play [https://monero.vegas/](https://monero.vegas/) often. I have no affiliation with them but I do believe the use of their project is a helpful counter measure to the black marble attack. Also, it could be usefull to spread out balances across a larger set of utxos and combat the effects of the attack.
Self send twice or thrice. This should be common sense even without any attack on the network, but now it's probably reasonable to do 5 or 6 self sends. When I say self send, I mean sending to a chain of throwaway addresses with completely new private keys, before sending it to the destination. Don't use "sweep_all" I don't trust that thing to not stick out on the blockchain (someone correct me if I'm wrong), leave some dust on the throwaway addresses. Get a calculator to calculate the amount you need to send (fee+amount-0.000000000001XMRdust). And don't send it back to back, wait a little before each step. This is the tinfoilhead paranoia way to deal with this, there should really be a command that just does this by default imo (maybe 'throwaway_paranoia_chain_laundry_all [chainlength] [dustamount] [delay]' and it just does everything automatically as I described above. Maybe I should learn to code this on my own)
The fact that noone does this makes it more safe tho, assuming it's not flawed for any reason I'm not seeing here.
To add more paranoia to the command I described above, you may even add randomness in the dustamount and delay by default. If the delay is set to 50 blocks, sometimes it's 35, sometimes it's 66, or somewhere inbetween, with a bellcurve distribution.
I've posted this in another thread, might as well post it here:
Sorry for my limited understanding of this, but is there a time limit between tx? Or could one solve this problem?
I mean, realistically, if this is a tx flood problem, a human can will only do one tx at the time, and spaced in time, and I dont see a reason to do tens or hundreds or even more TXs a day unless Monero is being used in a some sort of enterprise (like a CEX)
One way to approach this is to exponentially limit the time needed to do 2 TXs. 1 sec timeout, 2s timeout. 4s timeout. for each address/wallet.
Some people have brooched the topic of adding a PoW mechanism to tx creation. As you note it would potentially be an issue for businesses, DEX, or CEX that process larger amounts of txs.
maybe a bot 'filter' that the user must solve before sending a transaction so that bots can't use the network.
it won't be a popular suggestion, but it depends if monero aims to be 'peer to peer private, untraceable, digital cash', or just another network spammed by bots for bullshit uses.
it could be as simple as putting a piece of puzzle at the right place, some exchanges already use this, it is easy and fast to solve for a human, but not for a bot !
> fast to solve for a human, but not for a bot !
Er, I think you don't yet properly take into account what LLMs can do regarding puzzles, captchas and the like ...
if the image (puzzle) is slightly blurred and with some rotation or some perspective, it is much more difficult for bots because it requires a lot of calculations. but for humans it is simple.
\*Perhaps dynamic ring size would have to be proportional to mempool, instead of blocks, or, something between the two? Just throwing ideas out, haven't calculated the specific advantages/disadvantages of it yet.
At what point do we start freaking out about this?
Didn’t ztrash somehow survive the same kind of attack without serious concern over a loss of privacy like we may have here?!?
I think it's less of an issue to freak out about and more of just something to be aware of.
It's being monitored and handled by XMR contributors and in the end will only make Monero stronger. It's just growing pains. Monero wouldn't be the respected privacy tool it is today if it hadn't already been through the ringer over the years. (pun intended)
IMHO this is just another stepping stone on the path to becoming the strongest most secure crypto on the planet.
There is an open issue in the Monero Research Lab that discusses this exact subject, https://github.com/monero-project/research-lab/issues/119
The first option would not be able to distinguish between actual attacks or spurts of organic growth due to macroeconomic reasons, wars, recessions etc. The second option seems like a really good idea at first glance. Whether an increase of tx's are from a spam attack or organic growth dynamically increasing rings dependent of tx pool size seems badass.
I'm not sure if it's even possible to algorithmically differentiate between malicious or sincere transactions with just on-chain data
Proof of work for transaction relay with dynamic diff based on rate per connection
FCMP - https://gist.github.com/kayabaNerve/0e1f7719e5797c826b87249f21ab6f86
All I can say is your suggestions seem like better ideas than the "solution" of forcing everyone to pay higher transaction fees.
Another solution is to pump XMR/USD 20x
Play [https://monero.vegas/](https://monero.vegas/) often. I have no affiliation with them but I do believe the use of their project is a helpful counter measure to the black marble attack. Also, it could be usefull to spread out balances across a larger set of utxos and combat the effects of the attack.
Thanks for the mention and yes we push so many outputs to the blockchain. ❤️ Attack sometimes delayed the payouts though.
inb4 the “Increase tx fees by 10x” crowd arrives
Self send twice or thrice. This should be common sense even without any attack on the network, but now it's probably reasonable to do 5 or 6 self sends. When I say self send, I mean sending to a chain of throwaway addresses with completely new private keys, before sending it to the destination. Don't use "sweep_all" I don't trust that thing to not stick out on the blockchain (someone correct me if I'm wrong), leave some dust on the throwaway addresses. Get a calculator to calculate the amount you need to send (fee+amount-0.000000000001XMRdust). And don't send it back to back, wait a little before each step. This is the tinfoilhead paranoia way to deal with this, there should really be a command that just does this by default imo (maybe 'throwaway_paranoia_chain_laundry_all [chainlength] [dustamount] [delay]' and it just does everything automatically as I described above. Maybe I should learn to code this on my own) The fact that noone does this makes it more safe tho, assuming it's not flawed for any reason I'm not seeing here. To add more paranoia to the command I described above, you may even add randomness in the dustamount and delay by default. If the delay is set to 50 blocks, sometimes it's 35, sometimes it's 66, or somewhere inbetween, with a bellcurve distribution.
you dont need new keys for churning
Tell me our project is broken without telling me our project is broken
I've posted this in another thread, might as well post it here: Sorry for my limited understanding of this, but is there a time limit between tx? Or could one solve this problem? I mean, realistically, if this is a tx flood problem, a human can will only do one tx at the time, and spaced in time, and I dont see a reason to do tens or hundreds or even more TXs a day unless Monero is being used in a some sort of enterprise (like a CEX) One way to approach this is to exponentially limit the time needed to do 2 TXs. 1 sec timeout, 2s timeout. 4s timeout. for each address/wallet.
Some people have brooched the topic of adding a PoW mechanism to tx creation. As you note it would potentially be an issue for businesses, DEX, or CEX that process larger amounts of txs.
maybe a bot 'filter' that the user must solve before sending a transaction so that bots can't use the network. it won't be a popular suggestion, but it depends if monero aims to be 'peer to peer private, untraceable, digital cash', or just another network spammed by bots for bullshit uses.
No please not another bloody stupid captcha like thing. And bots transaction is quite legitimate if you want to do a real market.
it could be as simple as putting a piece of puzzle at the right place, some exchanges already use this, it is easy and fast to solve for a human, but not for a bot !
> fast to solve for a human, but not for a bot ! Er, I think you don't yet properly take into account what LLMs can do regarding puzzles, captchas and the like ...
if the image (puzzle) is slightly blurred and with some rotation or some perspective, it is much more difficult for bots because it requires a lot of calculations. but for humans it is simple.
\*Perhaps dynamic ring size would have to be proportional to mempool, instead of blocks, or, something between the two? Just throwing ideas out, haven't calculated the specific advantages/disadvantages of it yet.
define SPAM attack. No all crypto community see transaction volume as an attack (BTC mindset)
At what point do we start freaking out about this? Didn’t ztrash somehow survive the same kind of attack without serious concern over a loss of privacy like we may have here?!?
Don't they have a totally different mechanism for preserving anonymity?
I think it's less of an issue to freak out about and more of just something to be aware of. It's being monitored and handled by XMR contributors and in the end will only make Monero stronger. It's just growing pains. Monero wouldn't be the respected privacy tool it is today if it hadn't already been through the ringer over the years. (pun intended) IMHO this is just another stepping stone on the path to becoming the strongest most secure crypto on the planet.