Spammer: An entity whose behavior tends to increase the cps of the network.
flagged accounts: Accounts who have violated the design principle
the cps of the network at an epoch X
X (X is an unix epoch, that increases in an interval Y)*
(block_height - previous_confirmedBlock_height)/z if z==0, z=1
account_age + z
network_time - previous confirmed block's network_time
The model calculates the threat of an account being a spam.
An account is a spam account, if its behavior increases the network_cps. So by definition, the network_cps should stay static or decrease.
network_cps stays static or decreases, when an account does
network_cps/total_number_accounts many transactions per second at most (considering all accounts are active). In other words, for an account not to be a threat as a spammer, an account can not do more than the allocated tps. Thus, 'threat' can be defined as the rate at which an account is using the allocated tps. If the tps allocated is
network_cps, we have:
account_tps / network_cps
To create a barrier of entry for future spammers, the threat is further amplified by multiplying it with the inverse of
. threat =
account_tps / (network_cps * account_age)
The network calculates the
Yseconds, such that
network_time X = previousX + Y.
creation of transaction, the node requests
network_timefrom the network.
The response of
step1 of creation of transactionwill also include these variables plus the threat as well.
A block is created with all the variables mentioned above plus the threat.
Once the transaction is created, the network checks if the network_cps and the network_time that the block has is same as the ones that were sent. If they are different, the transaction will not get a place in the back-log table -- the account will be flagged, and higher POW will be required from the account for further transactions for an hour. Even with the highest POW, the block's priority will still be lower than that of the unflagged accounts'.
The network will broadcast it.
The priority is based on unflagged accounts first, then POW, then the threat.
The first node to vote on the block will also validate whether the threat and the account_age are falsified or not. If they are falsified, and the quorum agrees, the transaction won't be confirmed, the account and the node will be flagged, and the POW for the account and the transactions coming from the node will increase significantly.
Mass account attack and Sleeper cell attack:
Mass account attack is when millions of accounts are sending transactions. And a Sleeper cell attack is a mass account attack but with the accounts created in the past.
In a sleeper cell attack, the attacker will be able to use
account_age to its advantage, as much as imaginable. The model doesn't offer any solution for it, except getting rid of account_age.
However, maybe, a variable
level_tps can be added that tracks the average tps of the level-by-stake.
avg(account_tps) of the accounts at the level-by-stake
tps allocated for the level = network_tps
level_threat = level_tps/network_tps
threat = threat *
In case of a sleeper cell attack, or a mass account attack, the
level_threat rises significantly, increasing the threat. Although it is best that
level_tps is updated dynamically to reflect the organic growth in the cps, it can also be initialized to censor attacks like current low-raw attacks.