The Zcash protocol might be under a spam attack, as analysts pointed out on Twitter in a long discussion that started since Wednesday.
Being a privacy-focused protocol, Zcash’s “Shielded Transaction” feature designed for privacy is now being misused by the attacker.
According to the details shared by the analysts, the attacker has been adding output data to the shielded transactions, which are largely known to be data sensitive. By virtue of the attack, the size of the blockchain has grown from 31 GB in mid-June to more than 100 GB at this time per data from Blockchair.
The attack has been ongoing for a while, even though it has just been brought to the public’s notice. In fact, the knowledge exhibited by the contributors to the discourse on Twitter is evident that many have been investigating the occurrence for quite some time.
Notably, Zcash has not had any known downtime to date. The spam of the shielded transactions is placing intense demands on the protocol, thus causing a lag. The blocks are finding it hard to synchronize with the broader protocol, a situation which, if persisted, could cause a major drawback for the protocol.
“At this point, there only seems to be two problems with the spam: it’s bloating the chain size, and it’s making it harder for wallets to sync,” Sean Bowe, an engineer at Zcash’s core development firm Electric Coin Company said, adding that “Neither problem is contributed to by Orchard at all. It shouldn’t even be part of the equation even if the spammer was using Orchard!”
It is unclear what the benefit is to the hacker at this time, but analysts on Twitter noted that the attack has survived this long because of the lack of a transparent fee structure on the Zcash protocol. The attack is notably costing the perpetrator(s) as low as $10 per day.
The prevalence of hacking in the blockchain ecosystem is now very alarming, with Solana and Ethereum Classic having recorded their fair share of disruptions in recent times.
Image source: Shutterstock