I thought I would help clarify some things for a few of you that have had questions regarding the RAM and I/O usage for the latest DoS attacks on the Ethereum network to help you understand why it's doing what it is doing, what's being done about it, and what needs to change to keep it from happening again.
The difference between most blockchain technologies and Ethereum is that Ethereum allows the execution of
contracts on the chain. Contracts are essentially applications, they're written in a programming language called Solidity, and as a miner/node you are
executing those contracts. All of the miners together are coming to consensus on the output of the contract, and then the results are being written to the chain.
A contract can be as simple as "send ETH from user a to user b" and as complicated as you can imagine. Not only this, but you can CALL one contract from another contract and use the results from one in the other, essentially like an API. This allows things to be built on Ethereum which are simply not possibly elsewhere. It's a pretty neat technology when you think about it.
To pay miners for this work, executing a contract costs
gas. "A" gas is 1/100,000 of an ETH. The amount of gas a contract costs is based on the
complexity of the code in the contract. An attacker has realized that some of this code takes more computational resources than the gas cost would imply. So he's spending very little gas but it's causing all of the miners who evaluate it to spend a lot of time computing it, essentially slowing down/DoS attacking the network.
Geth is constantly being updated to help handle these attacks by introducing caching layers to bring the computational value closer to the gas cost. Each time a new update is put out, a different attack vector has been put in place. Long term, ETH will probably have a protocol update fork (multiple are already planned for things like Proof of Stake) which increases the gas prices of certain functions
or implements a kind of static computational analysis of contracts to set a gas cost.
Why is the attacker doing it? Well it
appears the attacker is mining with a black list in place to ignore their computationally expensive transactions, cheating the system to mine faster than everyone else who is stuck with their junk transactions in the blocks.
And as I wrote this a
new version of Geth was released to help mitigate almost all of the potential attacks using state journaling.