BLURT is under heavy spam attack right now

in LeoFinance4 months ago (edited)

When viewing the stats on https://blocktivity.info/ its seems that BLURT has almost reached the same activity as HIVE:

blocktivity stats

The blockchain operation counts are correct this time, so I wrote a python script to count the different operation types.

import sys
from datetime import datetime, timedelta
from prettytable import PrettyTable
import argparse
from timeit import default_timer as timer
import logging
from beem.blockchain import Blockchain
from beem.block import Block
from beem import Hive, Blurt, Steem
from beem.utils import parse_time
from beem.nodelist import NodeList

log = logging.getLogger(__name__)
logging.basicConfig(level=logging.INFO)


def parse_args(args=None):
    d = 'Show op type stats for either hive, blurt or steem.'
    parser = argparse.ArgumentParser(description=d)
    parser.add_argument('blockchain', type=str, nargs='?',
                        default=sys.stdin,
                        help='Blockchain (hive, blurt or steem)')
    return parser.parse_args(args)


def main(args=None):
    
    args = parse_args(args)
    blockchain = args.blockchain
    
    nodelist = NodeList()
    nodelist.update_nodes(weights={"block": 1})
    
    if blockchain == "hive" or blockchain is None:
        max_batch_size = 50
        threading = False
        thread_num = 16
        block_debug = 1000
        
        nodes = nodelist.get_hive_nodes()
        blk_inst = Hive(node=nodes, num_retries=3, num_retries_call=3, timeout=30)
    elif blockchain == "blurt":
        max_batch_size = None
        threading = False
        thread_num = 8
        block_debug = 20
        nodes = ["https://rpc.blurt.buzz/", "https://api.blurt.blog", "https://rpc.blurtworld.com", "https://rpc.blurtworld.com"]
        blk_inst = Blurt(node=nodes, num_retries=3, num_retries_call=3, timeout=30)
    elif blockchain == "steem":
        max_batch_size = 50
        threading = False
        thread_num = 16
        block_debug = 1000
        nodes = nodelist.get_steem_nodes()
        blk_inst = Steem(node=nodes, num_retries=3, num_retries_call=3, timeout=30)
    else:
        raise Exception("Wrong parameter, can be hive, blurt or steem")
    print(blk_inst)
    block_count = 0
    total_ops = 0
    total_trx = 0
    duration_s = 60 * 60 * 1
    blocksperday = int(duration_s / 3)
    
    blockchain = Blockchain(blockchain_instance=blk_inst, )
    current_block_num = blockchain.get_current_block_num()
    last_block_id = current_block_num - blocksperday

    last_block = Block(last_block_id, blockchain_instance=blk_inst)

    stopTime = last_block.time() + timedelta(seconds=duration_s)

    start = timer()
    op_stats = {}
    for entry in blockchain.blocks(start=last_block_id, max_batch_size=max_batch_size, threading=threading, thread_num=thread_num):
        if "block" in entry:
            block_time = parse_time(entry["block"]["timestamp"])
        else:
            block_time = entry["timestamp"]
        if block_time > stopTime:
            break
        block_count += 1
        if "block" in entry:
            trxs = entry["block"]["transactions"]
        else:
            trxs = entry["transactions"]
        for tx in trxs:
            total_trx += 1
            for op in tx["operations"]:
                if "_operation" in op["type"]:
                    op_type = op["type"][:-10]
                else:
                    op_type = op["type"]
                if op_type in op_stats:
                    op_stats[op_type] += 1
                else:
                    op_stats[op_type] = 1
                total_ops += 1

        ops_per_day = total_ops / block_count * blocksperday
        if block_count % (block_debug) == 0:
            print("%d blocks remaining... estimated ops per day: %.1f" % (blocksperday - block_count, ops_per_day))

    duration = timer() - start    
    t = PrettyTable(["Type", "Count", "percentage"])
    t.align = "l"
    op_list = []
    for o in op_stats:
        op_list.append({"type": o, "n": op_stats[o], "perc": op_stats[o] / total_ops * 100})
    op_list_sorted = sorted(op_list, key=lambda x: x['n'], reverse=True)
    for op in op_list_sorted:
        t.add_row([op["type"], op["n"], "%.2f %%" % op["perc"]])
    print(t)
if __name__ == '__main__':
    sys.exit(main())

You need to install beem (pip3 install beem) and can then start the script (after stored it as blockstats.py):

python3 blockstats.py hive
python3 blockstats.py blurt

As the API speed of BLURT is limited, I limit the time period to the last hour.
(It can be adapted at line 62).

Results

Hive

+-------------------------+-------+------------+
| Type                    | Count | percentage |
+-------------------------+-------+------------+
| custom_json             | 22413 | 58.24 %    |
| vote                    | 13786 | 35.82 %    |
| comment                 | 716   | 1.86 %     |
| transfer                | 554   | 1.44 %     |
| claim_reward_balance    | 398   | 1.03 %     |
| comment_options         | 209   | 0.54 %     |
| limit_order_create      | 86    | 0.22 %     |
| claim_account           | 84    | 0.22 %     |
| feed_publish            | 76    | 0.20 %     |
| limit_order_cancel      | 57    | 0.15 %     |
| delegate_vesting_shares | 27    | 0.07 %     |
| create_claimed_account  | 11    | 0.03 %     |
| transfer_to_vesting     | 10    | 0.03 %     |
| update_proposal_votes   | 10    | 0.03 %     |
| convert                 | 9     | 0.02 %     |
| account_update          | 8     | 0.02 %     |
| account_update2         | 8     | 0.02 %     |
| delete_comment          | 6     | 0.02 %     |
| witness_set_properties  | 6     | 0.02 %     |
| account_witness_vote    | 5     | 0.01 %     |
| withdraw_vesting        | 4     | 0.01 %     |
| transfer_to_savings     | 1     | 0.00 %     |
| transfer_from_savings   | 1     | 0.00 %     |
+-------------------------+-------+------------+

BLURT

+------------------------+-------+------------+
| Type                   | Count | percentage |
+------------------------+-------+------------+
| witness_set_properties | 37589 | 99.88 %    |
| claim_reward_balance   | 16    | 0.04 %     |
| vote                   | 14    | 0.04 %     |
| comment                | 9     | 0.02 %     |
| comment_options        | 4     | 0.01 %     |
| transfer               | 1     | 0.00 %     |
| custom_json            | 1     | 0.00 %     |
+------------------------+-------+------------+

Spam attack on BLURT

This issue indicates that the broadcasted witness_set_properties operations are indeed an attack to the BLURT blockchain:
https://gitlab.com/blurt/blurt/-/issues/89
image.png

Transaction fee on BLURT

image.png
The bandwidth has increased from 0.01 BLURT/KByte(as far as I remember) to 0.250 BLURT/KByte. As the transaction fee has to be paid in front for every broadcasted operation from the users wallet, this 25x increase is painful.

Blurt price

The BLURT price has reacted to the spam attack and is almost 1 Sat/BLURT:
image.png

Conclusion

99.88 % of all operations on the BLURT blockchain are spam witness_set_properties operations. 9 posts/comments have been written in the last hour and 14 votes have been cast. This is not much in comparison to 716 posts / comments and 13786 votes on Hive. This indicates that the attack works and blurt user have almost stopped using the chain. This is also indicated by the price movement.

The strange thing is that the attacker seems not to pay a bandwidth fee for their attack:
image.png

https://blocks.blurtwallet.com/#/@gbemyktquwtpfizr
image.png
As it can be seen that the blurt wallet is almost empty, it seems to me that the attacker have found a way to cast their spam ops for free.

I found the problem:
https://gitlab.com/blurt/blurt/-/blob/dev/libraries/plugins/rc/include/blurt/plugins/rc/resource_sizes.hpp :
witness_set_properties has no
blurt::plugins::rc::state_object_size_info properties, which means that broadcasting a witness_set_properties op seems not to costs any blurt fee.

Posted Using LeoFinance Beta

Sort:  

The price dump was due to WBLURT getting hacked and sold on the markets

https://info.uniswap.org/pair/0x617bb9c787b7bbb35d7b46aacaac44b016e02526

Until I see proof, I doubt the @wblurt account was hacked. It was two very different processes.

I've lost interest in Blurt as there's not enough activity to be interesting. Others manage to milk it with impunity as there are no downvotes. Maybe an increased transaction fee will mean less junk there. I am sure some people will still shill it.

I see people equating downvotes with hate, but they have a purpose. Hive would be overrun with spam without them. Of course people can be bullies, but that's like life. Make more friends than enemies.

This is what happens when you remove the downvote button.

#SPAMrules

Posted Using LeoFinance Beta

Too bad that it won't be Blurt anymore if they reimplement the downvote button or is Blurt known for another thing other than Steemit and Hive without the downvote button?

Yeah, decentralized spamhub to @cryptopie content.

On Steemit or Hive they would get downvoted enough to stop... BLURT has no downvotes #Free4all

Posted Using LeoFinance Beta

Downvotes could not solve this, it's an issue with their fee system. On Hive RCs would prevent it.

Or is it due to having a failed witness selection/retention system?

Maybe. I'm laughing. That doesn't mean it's funny though

Posted Using LeoFinance Beta

Blurt is al cock and no balls!

Downvote button might have some use in the end. It is not censorship but a democratic vote on content. Can that chain be rescued? I don't think so at the moment.

Posted Using LeoFinance Beta

Interesting. Thanks for the information.

I did not power down and still have full of my stake in there, which is a bad move from my side. Maybe if they manage to rescue the chain, I will manage to get it out, at least a part of it. :)

Posted Using LeoFinance Beta

I powered down and sold all my blurt and one of the founders compared that to cryptodrive having hundreds of thousands of Hive from the DHF which he won't return. On Steem he decided to power it all up to sell leases for his dlease business even though the proposal promised never to use it for personal gain.

500k for positive identification, and enough personal info for a police report

wait they want to report blockchain transaction to the police?

What do you think happened after the hive hardfork when Hive was removed from accounts without a password?

That debunked not your keys not your coins. And also alerted the authorities. Very useful people hivers are.

It will be bad if they will just turn it off ! People invested in that !

I guess that explains why beem isn't connecting to blurt oo.

Regards to you all, so altruistic people. I've seen that @davedickeyyall and @alexvan opened this subject regarding the implementation of the downvote button :) and in my humble artistic point of view, I do think that the major problem is the downvote :) I've seen a lot of #support for #art especially through my activity inside #hive ... which developed this hate trend on #steemit ... which is not good, no matter what you would think about the person who rules #trx ... Rregarding #blurt i think this will be the first true platform, and #nerday which anihilated the idiotic hate button of downvoting ... The things are simple ... I don't like something??? I simply don't vote :) Especially cover music and so many other fake acts of art ... and not only ... This space is too much invaded by the same non-sense subjects in matter of this silly spectrum of #crypto ... Ooops, what did i just say? :) Regards to you all ... Please stop this silly implementation of downvote button ... Art is not ment to go through such an idiotic process :)

Cia a tutti!

What's the bad thing about downvotes?

Like, is it the emotional impact? Someone expressing dislike makes you feel bad?

Or does it have more to do with financials, the people should only express where they want rewards to go and not express that something is getting too much of the reward pool?

Those are just examples to try and clarify the question: What's the bad thing about downvotes?

The entire #blockchain and the beast name internet it's a funny thing that developed the inner space of so many people to become filled in with so much hate ... i am sorry, that as an artist, i can sense a little bit aggression in your virtual keyboard voice :)

You should not be like this, and, especially you should not support these actions ... as i've said, you don't like my #art for instance :) maybe it's too abstract, not so commercial and on the menu of consumism, just move forward, don't read, don't listen ...

In my humble opinion, the first sign that we are part of a community based and build on something non-organic, is the fact that if someone follows you, no one, almost are following back so we can create that healthy community or blockchain ...

Have a Happy New Year filled with less hate ... @foxon

😆No, not hating. I was just curious about why it was bad. I like thinking about systems and how they can function. YouTube, for instance, is heavily reliant on the downvote function for its algorithm. Twitter has no downvote. Both are very successful, but their use case doesn't really translate directly to Hive. If my question lead you to believe I was hating something or mad at you, then I do apologize. It was only curiosity and a desire to continue developing Hive

Sorry again if I offended. Enjoy your time on the Internet!

Nothing personal @foxon

Thanks for stepping by and commenting to my point of view. For me twitter and youtube are totally two beasts that are working totally different on how they are managing the way the dopamine invades the brains of people ...

Anniway, we shall continue creating and enjoying this Matrix as much as we can while we are still here ...

Happy 2021!

(Emotional impact)*(Perceived Monetary Loss) = damage to community

But it seems specific to social blockchain. YouTube has downvotes. It hurts people's feelings and results in preceived monetary loss

Downvotes aren't strictly necessary.

Curation of content, including nuking filth and spam, is strictly necessary.

Then I suppose the real question is: who determines that curation?
In the case of Hive, stake makes that determination
In the case of Steem, a corporate identity is responsible
For Blurt, the regents and a council

They all have "down votes" (demonetization).
The designer, Dan Larimer, mostly spoke for Hive's model so I won't rehash all the morality of why stake should make the determination.
Blurt seems basically the same as the YouTube model when it comes to demonetization (not at all the same when it comes to censorship).
Steem has YouTube's demonetization AND censorship model.
Last we heard your thoughts on the matter, the morality of who makes this determination was more about "money for enemies". That seems to not be the current direction, so it'd be interesting to hear your current thoughts on the matter

Emotional impact? LoL.

Facts don't care about your feelings.
~Ben Shapiro

What about the emotional impact of parents letting their children destroy the house with flinging shit at the wall? No, they downvote that activity real quick...

Edit: I'm more socialist Democrat then republican... But I do love me see shapiro.

@luciannagy, art shall not be downvoted, we all agree on this.

Childporn for example yes. Sorry for getting with such an extreme example, but there are things that shall not be tolerated.

Posted Using LeoFinance Beta

All the best from my side to the lovely people in #pARADis ;)

Posted Using LeoFinance Beta

Gruss dich @alexvan

Kommst du auch aus dem Westen dieses Landes, genauer gesagt aus der Sah'Arad-Region? :)

Zumindest durch diesen kommentar von mir habe ich die Einladung initiiert, ein bisschen mehr zu reden :)
Nichts persönliches, besonders mit Menschen, die im positiven Sinne der Kunst in dieser blockchain aktiv sind ... Ich wünsch dir ein frohes Neues Jahr!

Născut și crescut în #pARADis :)

Normal că înțeleg arta sau mai bine formulat nevoia de încurajare și protecție a artei în general. Mai înțeles în aceste vremuri depresive.

Am două argumente pro downvote, unul este abuzul menționat în alt comentariu și al doilea este plagiarismul care pentru mine reprezintă furt.


Ti cum ești? Cum ești în perioada aceasta?

Posted Using LeoFinance Beta

Ma bucur sa aud asta @alexvan

Culmea ca eu am concertat in Munchen de multe ori ... chiar anul acesta trebuia sa am cateva concerte si in Karlsruhe si Stuttgart alaturi de Rhani Krija ( perc.lui Sting si Sarrah o'Connor) dar managera mea din DE a trebuit sa anuleze toate concertele ...

Aveam cateva concerte si in Stuttgart cu un oudist din Irak, Ali Jabor si a trebuit sa anulam tot la Stuttgart Stadts Theather ... poate la anul se vor intampla concertele, desi dupa cu vad eu Viitorul, cam tot ce stiam normal si firesc de pana acum, putem sa uitam ...

Egal, poate pastram legatura pe twitter via mesaj privat ...

Numai bine.

Ciao si un An Nou Fericit!

https://luciannagy.com/?page_id=513

Poate ne vedem local în Arad sau prin Germania. Îmi pare rău că nu ai mai avut concerte cum era plănuit și orice ajutor contează acum pentru un artist. Clar păstrăm legătura!

An Nou Fericit!

Posted Using LeoFinance Beta

The down vote button is to help control spam, to prevent plagiarism, and to prevent the excessive rewarding of spam and stolen property which seems to run rampant on blurt and steem and it also prevents or mitigates a lot of excessive my shit don't stink so I am going to throw my massive vote on all my post. That is once again primarily the province of steem and blurt.

This subject regarding #steemit for instance will be a never ending story, since it happened what happened these two platforms.

Regarding plagiarism, i think the entire #blockchain actually smashed himself with a stone in its own head, since allowed for instance, musicians from some areas of this Matrix to present cover-music for instance and no one pays the royalties for those songs, and when i've opened up the subject, no one responded to my #blog i've wrote ... Because truth hurts and no one likes it ...

Anniway, thanks for sharing your thoughts. @bashadow

Have a Blessed New Year!

There is a lot of misconceptions about cover songs and music in general, always has been, likely always will be. After looking at a couple pages on copyright as it concerns music, I think I will play it safe and not provide any votes on cover song renditions. I was aware of the Art and written works plagiarism, but was not very familiar with the music worlds stand on copyright infringement. Now I am more informed.

Why not downvote those posts yourself if you disagree with cover songs being rewarded? or downvote fan arts that are rewarded because they take in copy righted material and the artist creates their own version from an existing intellectual property?

No one can stop anyone from sharing content but anyone has free reign to upvote or downvote content. Isn't downvote also an expression of one's freedom to protest as one can also have the freedom to support with an upvote?

Interesting attitude @adamada :)

Do you think a true artists reacts with silly "protests"? :) The sub-mediocre world will dissapear by itself nature.

On the other hand, since i am feeling a kind of aggressive state, regarding the term of "protesting" ... I guess, soon as every soul will start to clean first his room, he or she will realize that this action of protesting it's non-sense and actually it's a trap for you as entity :)

The room is a projection of your own nature as person, especially where you are right now ...

Ciao

I don't know about you but art has been used as a means of expression of protesting. You have an interesting bubble to believe that everything you create will be received positively.

Be aggressive. Be passive. You are an artist are you not? What is an artist without a recognition of their own means of expression? If you disagree with cover songs being rewarded, downvoting is an option made available.

Projection card is always a convenient card.

....you are right.

That said, there are surely better ways coming.

Blurt doesn't have DV's, so they need to run hardfork everytime spammer shows up, remember black cock Hf? Failed project

And how exactly you plan to fight against spam, plagiarism and selfvoting habbits by malivious actors?
We should just allow them to drain the pool? It means less funds for real content creators :)
I think there should be difference between vote and like tho

They won't fight it. They will reward it.

Upvoted to thank you @holger80 for supporting the CO2Fund by, e.g., supporting posts, banner presentation, SP/HP delegation, dustsweeper gifts, helpful tools, etc.

This sucks. Blurt had a better chance than Hive.

Unfortunately someone may not have liked the competition.

How many sockpuppets did you upvote during the hostile takeover?

Two.

Yes, as @dalz says, oh boy! 🤦

Posted Using LeoFinance Beta

Combine with the wBlart hack, The Mall Cop Coin™ isn't doing so well.

Thanks for sharing

Great research!!
So this means they forget to add that properties?

So this is why the trx fee shot up recently. .

tx fees went up to keep chain state small.

Account creation fees went up in a misguided attempt to stop the attack.

ok thanks for letting me know. Saw the announcement an hour ago that it's back up and running now.

I noticed the transaction fee on the increase also on blurt and yet no views were coming in..i created a post yesterday and it cost me 0.3 blurt. Yet to make another still

Posted Using LeoFinance Beta

Eesh, thanks for always getting to the bottom of things. Blurt always seemed like a place for all the angriest hivesters and steemians to complain together. I tried to give it a chance but all I heard was complaining about hive, no real vision.

Thanks for sharing this information

Holger, du bist der Beste.

Findest mal eben noch heraus, was auf anderen Chains schief läuft :D


Cheers, @minnowspower You Successfully Shared 0.100 WINE With @holger80.
You Earned 0.100 WINE As Curation Reward.
You Utilized 3/3 Successful Calls.

wine-greeting


WINE Current Market Price : 0.000 HIVE

Thanks for input

Congratulations @holger80! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

You distributed more than 23000 upvotes. Your next target is to reach 24000 upvotes.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @hivebuzz:

Guess the producer of the "50 Million Block" and win HIVES
First Hive Power Up Day of 2021 - Get a Hive Power delegation

what the heck is blurt again ?

Posted Using LeoFinance Beta

Someone recently contacted me in a message to tell me about my free airdrop (or something) of BLURT and I went and looked at the site for around 10 minutes before I was able to tell that it was not for me.

@holger80 hive is biggest scam than blurt :p lol all the coin has increased a lot except hive. Hive is decreasing daily :p

At Least we believe that blurt price will increase. Not that fucking hive which only decrease.