Active Destruction: A Solution to Ethereum Dust Attacks

Original Title: 《Proactive Burn: A Response to Dusting Attacks》

Author: Nicholas Yoder

Compiled by: Zion & karen, Cointelegraph Chinese

Recent sanctions against Tornado Cash and the ensuing debates surrounding censorship, money laundering, and social penalties have raised several important issues that the Ethereum community needs to address.

I propose a simple, common-sense solution that can address a small part of the problem: providing Ethereum users with a proactive way to protect themselves from unwarranted associations with stolen funds or accounts related to terrorism.

Background

On August 8, 2022, the U.S. Treasury announced sanctions against Tornado Cash. To date, this cryptocurrency mixer has been used to obscure the origins of over $7 billion in cryptocurrency. In 2022 alone, 74.6% of the stolen funds on the Ethereum network (approximately 300,160 ETH) were laundered through Tornado Cash.

Following the announcement, a storm swept through the Ethereum ecosystem regarding how to balance compliance with government regulations and the good-faith attempt to isolate stolen funds or funds related to terrorists in a free, fair, and open network.

While the broader debate surrounding validator censorship and social slashing consumed much of the attention, a glaring but dangerous vulnerability in blockchain payments also emerged.

Attack Vector

An interesting outcome of studying how Ethereum, Bitcoin, and other blockchain networks operate is that transactions only need to be signed by the sender of the funds.

No one anticipated that receiving funds could devalue a wallet.

Since transactions do not require symmetric approval (both the receiver and sender approving simultaneously), a simple attack on public addresses is possible. A malicious account can simply send funds that have been marked as negative (stolen, mixed, related to terrorism, etc.) to contaminate another address. Such an attack occurred just days after the U.S. government targeted Tornado Cash.

A hacker conducted a "dusting attack" by sending 0.1 ETH to several major cryptocurrency exchanges (Binance, Kraken, Gate.io) and celebrity ETH accounts (Justin Sun, Jimmy Fallon, Dave Chappelle).

Economic Terrorism

It is not hard to imagine that as cryptocurrency becomes a core part of global finance and infrastructure, nation-states or terrorist organizations may implement more severe attacks.

Worryingly, terrorist organizations like ISIS, Al Qaeda, or foreign adversaries could freeze the assets of target wallets by unilaterally linking themselves to those wallets. A large-scale dusting attack would trigger anti-money laundering mechanisms in the banking sector, causing the entire industry to shut down for weeks.

Even more concerning is that any good-faith attempt to identify, regulate, or isolate malicious accounts could itself become a weapon of economic terrorism or extortion.

Imagine a ransom scheme like this: hackers purchase a small amount (100 ETH) of assets linked to North Korea or Hezbollah and hold it like a container filled with plutonium (a radioactive element), threatening European businesses with frozen banking operations and assets unless they quietly pay a ransom.

We need a simple proactive method that allows Ethereum users to protect themselves from malicious attacks and quickly recover their addresses.

Solution

Rather than converting Ethereum's single-signature transaction system into a more complex and slower receiver/sender protocol system, I suggest we adopt a practice to restore accounts that have received contaminated funds.

When a user/business receives unwanted funds or later discovers they have received a payment from a stolen account, they can clean their accounts through two steps:

1. Destroy the contaminated ETH by sending it to a null address (0x00…000).
2. Attach the transaction hash/ID of the destroyed asset in the memo.

The second step is crucial because users/businesses may only discover the issue after multiple transactions. Additionally, if the wallet has a high transaction volume, the source of the funds (the destruction target) may also be obscure.

Adoption

For this method of protecting user accounts to truly work, it needs to be adopted by the Ethereum community, on-chain analytics providers, and government law enforcement agencies (eventually).

In the coming weeks, I will work with my partner Vivek Raman to socialize this idea with core members of the Ethereum community and some on-chain analytics companies (Elliptic, Chainalysis, SlowMist, etc.). Ultimately, if this concept is adopted, we will also engage with OFAC, FinCEN, and the FBI.

Proposed improvements:

A user-friendly front end could be created, linking to EtherScan/memo.

A dedicated burn address could be created for the fix, rather than a null address.