Proof-of-DDoS: A ‘Malicious’ New Consensus Mechanism

A University of Colorado assistant professor and a Ph.D. student from the University of Michigan have formulated a new Altcoin that has an unusual consensus mechanism. The theoretical cryptocurrency, dubbed “DDoSCoin,” pays attackers for participating in distributed denial of service (DDoS) attacks.

Also read: Purse Releases Open-Source Wallet Code for ‘Philosophical Reasons’

Proof-Of-DDoS Rewards Miners for Attacking ‘Victim Servers’

bombe-ddosDDoSCoin theorists Eric Wustrow and Benjamin VanderSloot have formulated a cryptocurrency that rewards attacks on TLS web servers. The white paper explains the whole process and proposes a new type of proof-of-work protocol developed by the researchers.

Miners on the coin’s network are incentivized for sending and receiving significant amounts of network traffic to attack targets.

DDoSCoin will be able to be traded just like bitcoin and other cryptocurrencies on exchanges that trade Altcoins. The white paper also states the Altcoin provides miners and botnet owners an opportunity to reap revenues for helping with a decentralized DDoS attack.

The white paper explains:

The malicious “proof-of-DDoS” operates by having miners create a large number of TLS connections to a target web server, and using the server’s signed responses as a proof of connection. In modern versions of TLS, the server signs a client-provided parameter during the handshake, along with server-provided values used in the key exchange of the connection. This allows the client to prove to others that it has communicated with the server. In addition, the signed value returned by the server is not predictable to the client, and is randomly distributed.

In addition to the proof-of-DDoS concept, the researchers envision miners selecting victim servers by consensus using the proof-of-stake protocol. Instead of selecting a random website to attack, choosing a victim by consensus gives the network a collective decision on who is targeted. The design of DDoSCoin enables miners to repeatedly create connections to TLS victim servers. If the parameters of the protocol are satisfied, it can be published by the miner as a new valid block.


In order to validate the block, several steps have to be verified. First miners have to verify the previous block hash and merkle roots, much like the Bitcoin protocol. Then, they have to validate the certificate chain that is tethered to the validated victim server. Furthermore, after the victim server is validated, a public key is given to the server exchange signature. Lastly, the block also must be validated to meet the network’s current target difficulty.

The white paper describes the Pay-to-DDoS consensus mechanism selection process:

In order to allow victims to be (temporarily) selected for DoS, DDoSCoin allows ‘bounties’ for targeting specific servers. To accomplish this, DDoSCoin introduces a new payment opcode, PAY_TO_DDOS, that can be used in transactions subject to certain constraints. This opcode takes two arguments in an output script: a string representing a domain name that the payer wishes to have attacked, and a target difficulty corresponding to the amount of connections the payer wishes to be made.

Ethical Considerations

DDoSCoin seems like an interesting project for hackers that enjoy performing distributed denial of service attacks, and now they can be rewarded. However, questions regarding the ethics of such a coin are unavoidable. The paper does get into the ethical considerations and explain that, currently, there is no working model for this type of Altcoin — at least for now.

The authors say they have designed a concept that takes “precautions to limit harm.” They also believe the system allows people to verify the miner and possibly their IP address because of the published proof-of-DDoS block in its public blockchain.

However, identifying attackers probably won’t be so simple. “Many attackers may use proxies, botnets, or bullet-proof hosting to carry out their attacks,” the researchers say in their paper. “Finding an attacker’s IP address may not be sufficient for legal action.”

What do you think about the DDoSCoin concept? Do you think it is a good idea to reward these types of attacks? Let us know in the comments below.

Images courtesy of blackVPN via Medium, DDoSCoin White Paper.