As many may have noticed, there has been a spam attack happening on some of the more active Status public channels such as #status, #support, #dapps, & #watercooler. The immediate issue has been mitigated but has the potential to restart.
The attack is coming in the form of very long messages being repeatedly sent to public channels, rendering them relatively unusable for the community. This attack only affects public channels that are widely known. It does not impact private 1:1 or private group chats at all. The attack is coming from separate accounts so to get rid of the spam currently, you have to block each one of these accounts individually – but spammers can easily and cheaply create new ones.
Status is committed to a core set of principles, Privacy, Censorship Resistance, and Decentralization being 3 of them. This attack is an interesting challenge to solve while staying true to the core values of the community and project.
- Privacy - Status leverages advanced forms privacy centric technology and does not implement any in-app tracking or analytics of any kind. This renders investigating the root nature and details of the attack much more difficult than say in a Web2 product with extensive user logs, analytics, and data.
- Censorship Resistance - the long term goal of Status is to provide a communication tool that is censorship resistance from malicious third parties, centralized organizations, and even Status itself. Channel moderation is an active line of work that is not solved for in a way that adheres to the Status Principles. Therefore, simply banning certain accounts, messages, or IP addresses, is simply not as straightforward in Status, by design..
- Decentralization - Status uses a peer-to-peer protocol called Waku for message sending. This removes centralized choke points and third parties from messages as much as possible (Status does in fact leverage mail servers to relay messages to offline users). Therefore, pinpointing the exact user and source of the attack is far more difficult than in a centralized, client-server messaging app.
Also, as noted in the Status open discuss forum, account creation is extremely cheap. A fundamental feature — which is a challenge in this scenario — is the ability for a user to generate any number of accounts (i.e. key pairs) with the click of a button or a script. Therefore, account based filtering does not work in Status.
For the reasons stated above, this provides a unique challenge for the crypto idealists committed to the values of Web3. These are issues that have been in the minds of the Status Core team for some time and have been under active investigation to find the right solution….not merely a simple fix.
A Community Effort
This attack has brought a pressing issue top of mind for the Status Core Contributors and community contributors alike. Many ideas have been put forth by the Ethereum and security community.
Status is looking to mitigate the issue as soon as possible while deeply exploring the best possible long term solution to DoS (denial of service), sybil, and spam attacks. For security purposes, specifics of the immediate plans will be outlined in detail once fixes are in place and a post-mortem has been completed. However, all Status code is available in the open source, public repos.
- Short Term - the Status core contributors have rolled out a hotfix release in 1.6.1 that was merely a mitigation attempt to protect the end user experience and chat UI. Core contributors have been in a “distributed war room” if you will, discussing and working on patches to the immediate problem. The immediate goal is to offer workarounds and ensure the end user experience is no longer hindered by the extremely long messages or spam from multiple accounts.
- Mid Term - The goal of these efforts is to reduce the impact on and protect the UI (user interface) as well as the Status messaging network. Ideally we strike a balance between adhering to principles and efficacy.
- Long term - the goal here is to find a solution that benefits the user while living up to Status values and delivers a privacy first, decentralized experience. Many people from around the community have contributed ideas such as:
- Vitalik’s response to convo with Corey on Twitter
- barryWhiteHat’s semaphore idea
- Organizational channels discuss post
- Visibility Stake for Public Chat Room Governance discuss post
- Friend-to-Friend Content Discovery & Community Feeds discuss post
- Non-transferable Chat badges
- Michael’s discuss post on kinds of “objective spam”
- Spam overview from Chris
Status will continue to provide updates on the issue. For more information please ask in the Status #security public channel or view the code yourself on Github.