On June 25, the Cardano network experienced a DDoS attack that started at block 10,487,530. This attack prompted Cardano developers to work on a node upgrade to enhance the network’s security against similar future attacks.
Objective of the Cardano DDoS Attack
Raul Antonio, CTO of Fluid Tokens, explained that the attack aimed to manipulate the Cardano blockchain to charge lower fees for high-value transactions. If successful, the attacker could have stolen ADA tokens staked on the network. The attack took advantage of the fact that the size of reference scripts did not affect transaction fees but increased the work of validators in processing the transaction.
Response from Cardano Developers
Philip Disarro, founder and CEO of Anastasia Labs, described how he and other Cardano developers managed to thwart the attacker and recover the stolen ADA. Disarro emphasized the importance of rigorous testing and high-quality independent audits to avoid vulnerabilities.
Reaction from the Cardano Community and Next Steps
Intersect, a member organization in the Cardano ecosystem, confirmed the attack and thanked the developer community for their swift response. While the Cardano network was not compromised and functioned normally, it experienced higher than usual load, negatively affecting some staking pool operators (SPOs). The Intersect team is working to identify and test a solution to minimize the impact of such attacks in the future. Once the solution is properly tested and deployed, a new version of the nodes will be shared for SPOs to update their infrastructure. The planned node upgrade will further reinforce network security and provide better protection against future DDoS attacks.