/biz/ - Business & Finance

How to make chainlink nodes lose their staked deposits (version 2.0):
1. Make an order for data from a medium to small data provider, like Kaiko chainlink. It's not going to work with google, too big.
https://docs.chain.link/docs/kaiko-chainlink-ethereum-mainnet
2. Offer a big fee, but demand big offline penalty deposit.
3. Some node(s) inevitably accept.
4. DDOS the data provider on api level - repeated requests for the exact api you requested (cloudflare is unable to protect against this).
The api must stop to be able to respond to new requests.
5. Do this until the offline penalty is activated.
6. The node loses all of its staked link.

An interesting variant is partially successful ddos with aggregation. If 60% of nodes managed to connect and 40% didn't, 40% is going to be penalized due to no fault of their own. This is unfixable even with intel sgx, there's no way to prove the data provider was really unreachable. What a disaster. Penalty payments will have to go.

Wrong solutions from the previous thread >>14956116
>require kyc from users
Doesn't work, no proof the requester is the attacker + requests are public, so I can attack somebody else's request.
>cloudflare
Only works for static content, dynamic data can't be cached.
>If the API itself is down and no nodes are able to provide data, the lack of data is the correct answer and none of the nodes will be penalized
Not distinguishable from nodes that do nothing, destroys the concept of penalty payments for being offline. Doesn't work for the partial variant at all.
>that brainlet who posted intel optane benchmark of a json serialization of "hello world"
That's intel optane alone, not the capability of a real life web server.
https://help.dreamhost.com/hc/en-us/articles/215945987-Web-server-performance-comparison
At 2500 concurrent connections, nginx tops at 7500 requests per second, and that's without any database connection. Maybe you can get 10x that on a beefy server, still trivially ddosable.