Halborn Logo

// Blog

Blockchain Security

What Is a Dusting Attack?


profile

Rob Behnke

August 2nd, 2022


Pseudonymity is one of the core goals of many blockchains.  Since creating a blockchain account only requires generating a random private key, no information exists that links a blockchain account to its owner’s real-world identity.

Dusting is a technique that is most commonly used to break blockchain anonymity.  By making it easier to associate a user’s various blockchain accounts, dusting provides a clearer view of their entire holdings, activity, and potentially their identity.

What Is Crypto Dusting?

Dust is a term for very small fractional parts of a cryptocurrency.  On Bitcoin, a Satoshi is the smallest possible unit and is worth 0.00000001 BTC or a few hundredths of a cent in USD.  A unit this small is useless for most transactions on the blockchain unless it is combined with other cryptocurrency.

Dusting is the term for sending micropayments to addresses on the blockchain that consist of a few Satoshis or the equivalent.  

Dusting can be used for various purposes, including:

  • Mass Messaging: Blockchain transactions can carry data with them, making it possible to embed messages in dust transactions.  This makes dusting usable as an equivalent to an email blast.
  • Stress Testing: A dust transaction is a cheap transaction on the blockchain.  Dusting can be used to stress test the throughput and capacity of a blockchain network.
  • Spamming: Like stress testing, spamming takes advantage of the low cost of dust transactions.  Stress testing and spamming are often indistinguishable because they perform the same action for different purposes (i.e. research vs. Denial of Service).
  • Wallet Deanonymization: Dust can’t be spent without combining it with a user’s other funds.  For this reason, it can be tracked to deanonymize blockchain accounts.

Dusting is not always malicious.  However, one of the more common uses for dusting is breaking the anonymity of blockchain accounts.

Dusting for Deanonymization

Dusting attacks were developed as a way of breaking the anonymity of the blockchain.  In theory, it should be infeasible to determine if two blockchain wallets are owned by the same user.  In practice, analysis of transactions and patterns of life on the blockchain can break anonymity.

Dusting helps with this because dust cannot be used independently for a transaction because its value is less than the transaction fee.  

For this reason, a user needs to combine dust with other holdings to use it within a transaction.  If a blockchain transaction combines dust from one address with a user’s holdings in another, then someone analyzing the transaction history on the blockchain knows that both addresses are owned by the same person.

Protecting Against Dusting Attacks

The simplest defense against dusting attacks is to not use dust sent to a blockchain account.  

Many wallets have been updated to protect against dusting attacks by identifying funds from transactions below a given threshold as dust and marking them as “Do Not Spend”.  While this means that a user can’t use all of the funds at an address, the value of the dust is negligible.

Users can also protect their anonymity on the blockchain by using a hierarchical deterministic (HD) blockchain wallet that creates a new address for each blockchain transaction.  All funds in an address are drained in a transaction and the excess is sent to a new address, making it difficult to determine if the new address is owned by the user or not.  With single-use addresses, it is much more difficult to track a user’s activity and identity on the blockchain.