Late Saturday night UTC, the Dash network experienced what appears to be an attack. The network did not go down, blocks continued to form, and there was no fork. For those who might be worried and might not understand how the system works, as a blockchain, the network can’t have funds stolen (ever!) – all funds are safe.
While the attack had minimal impact on Dash users, it did affect the network infrastructure, with a great deal of masternodes becoming unresponsive. Most of the masternodes that went offline or became unresponsive were less powerful nodes that did not have enough memory to withstand the load. Thankfully, enough masternodes came back online again soon afterwards, and ChainLocks began to form again.
If you are interested in how the DCG team dealt with the issue, continue reading; otherwise, if you are an MNO, please update to version 18.1.1 ASAP.
The DCG team was made aware through Discord by splawik21 and xkcd (thank you guys) around 10PM UTC, that our network was experiencing a mass outage. Our initial response team included myself, strophy and LatteIsNotCoffee from the infrastructure team, and Pasta and UdjinM6 from the Core Dev team. We identified the issue at around 11:15 PM UTC. At midnight UTC, ChainLocks started to form again as enough MNOs upgraded their nodes with better hardware. The attack had caused about 50% of the network to experience issues, so only 10% of the network needed to be upgraded in order to meet the 60% threshold requirement for ChainLocks to form.
Within about another hour we had a fix. It was verified by UdjinM6 and Defacto to work. A few hours later we released 18.1.1.
It is hard to know whether this was an intentional attack or not. What happened was an old quorum commitment message that was valid was relayed. The attacker most likely sent these messages to a few nodes that, in turn, saw them as valid and then relayed the valid old messages to other nodes. Eventually, all the messages would be loaded into memory. Some nodes on our network could handle the memory load, some could not.
The fix is simple enough. In version 18.1.1, old quorum commitment messages are no longer propagated on the network. We apologize for the oversight of not already having this check in place.
Thanks to all who identified the issue and contributed to having it fixed. All masternode operators need to upgrade to version 18.1.1 ASAP, especially if your masternode is currently unresponsive.
To the best of our knowledge, this issue is unrelated to the chain halt experienced by the release and subsequent withdrawal of Dash Core v18.2.0. That issue will be described in a separate post.