Friday, June 27, 2014

Did You Enjoy Sochi? Not According to the Block Chain.

Back during the 2014 Winter Olympics an unknown party sent out 1200 separate satoshi sized transactions to over a thousand separate wallets.  Then these unspent outputs were sent out to other peoples wallets.  Much reddit freaking out ensued.  Astonishingly enough CoinDesk didn't cover the story.  I guess they were too wrapped up with the Mt. Gox saga, a larger investor story for sure. So the best discussions can be found on the tech boards, such as bitcoin talk.

You would think with such a large scatter spray or transactions someone would have cashed in that free money.  Right?  More asonishinly, the answer is no.  Not a single transaction.  But what is left over is the staging that set up the spam spray.  A chart of balance over time shows a narrow range of activity, all deposits no withdraws.
Enjoy Sochi balance over time

Most of the business happened before 10 Feb, specifically between blocks 284500 and 285200.

Enjoy Sochi Main Load Sequence
One question you should be asking however is how do I know the two addresses are tied?  Why am I speaking of them one and the same?  Here's the transaction graph of all of the loads occurring.  (warning: tall chart on load).
Enjoy Sochi Main Load Graph
This is about 600 transaction in two roughly parallel chains, representing all 1200 or so sochi addresses.  Here's a detail for those who don't want to zoom:
Enjoy Sochi Transaction Graph Detail
Each transaction sent two coins/UTXOs one to each of enjoy and sochi.  The change was sent to the same address, and the split went almost the same all the way down.  Except at the highlighted detail one small changes occurred.  The tower took a break between blocks 284840 and 284912, between 8 to 9 hours.  It then reduced the coin size form 129.99 bits to 107.49 bits.

So why don't we see any more evidence on the blockchain?  All of those thousands of transactions to other peoples wallets never confirmed.  After a while the nodes started forgetting about them and not broadcasting them, and eventually all the memory pool was emptied of those transactions.  None of them cleared because the didn't post a fee and never attained high enough priority to be included in a block (presuming the mining pools didn't explicitly bar those transactions).

The greatest loss of information, however, is that I cannot find any of these unconfirmed transactions on the internet, they have all gone to the bit bucket.  None of the block explorers I've seen keep long term records of all the unconfirmed or rejected transactions for all time.  The closest I've found is one that tracks it back to late February, about two weeks after this dust storm blew over.

So what was the motivation behind this?  We may never know.  As a spam attack it caused only negative sentiment and zero monetization.  If the goal was to clog up the free transaction pool I'de say it was a failure.  If any transaction had cleared then you could argue it took up space other transaction could have used, but no such luck.  If it was designed to slow down the transaction processing of the nodes feeding the minors, no one noticed.  These are questions we may never know the answer to.