Dust Attack

What Is a Dust Attack?

A dust attack is a deanonymization technique where an attacker sends extremely small amounts of Bitcoin to a large number of addresses. These tiny outputs, called "dust," are amounts so small that the transaction fee required to spend them would exceed their value. On their own, dust outputs are worthless. The attack relies on what happens next: when a wallet automatically includes dust in a future transaction, the attacker gains information about which addresses belong to the same person.

In Bitcoin's UTXO model, every transaction explicitly lists its inputs. If a user spends dust from the attacker alongside coins from their other addresses, those addresses are now publicly linked on the blockchain. Chain analysis firms and attackers can use this information to cluster addresses, build spending profiles, and potentially tie pseudonymous Bitcoin activity to real-world identities.

The term "dust" refers to Bitcoin amounts that fall below a practical spending threshold. Bitcoin Core defines a dust limit: the minimum output value at which it makes economic sense to spend the output given current fee rates. Outputs below this threshold are considered dust because the cost of including them in a transaction exceeds their face value.

How It Works

A dust attack unfolds in three phases: distribution, waiting, and analysis. The attacker needs only a modest amount of Bitcoin and access to the public blockchain to execute it.

Phase 1: Dust Distribution

The attacker creates a transaction (or series of transactions) sending tiny amounts to many target addresses. A typical dust output might be 546 satoshis (the minimum non-dust amount for standard P2PKH outputs) or slightly above, just enough to avoid being rejected by nodes enforcing dust limits.

# Simplified example of a dust distribution transaction
# One input funds hundreds of tiny outputs

Input:  0.01 BTC (from attacker)
Output: 546 sats → address_target_1
Output: 546 sats → address_target_2
Output: 546 sats → address_target_3
...
Output: 546 sats → address_target_n
Fee:    remaining balance

The attacker typically selects targets from blockchain data: addresses that have appeared in transactions on exchanges, in public payment contexts, or addresses identified through other means. Some dust attacks are broad, targeting thousands of addresses indiscriminately. Others are surgical, focusing on specific addresses of interest.

Phase 2: Waiting for Consolidation

After distributing dust, the attacker monitors the blockchain. They track every dust output they sent and wait for those outputs to be spent. Many wallets automatically select UTXOs for transactions using algorithms like "largest first" or "branch and bound." If the wallet does not distinguish between user-generated UTXOs and unsolicited dust, it may include the dust as an input in a future transaction.

This is the critical moment. When the victim's wallet constructs a transaction that spends the dust alongside other UTXOs, all input addresses appear together in that transaction. The UTXO transaction model makes this linkage permanent and publicly visible on the blockchain.

Phase 3: Cluster Analysis

Once dust is spent alongside other inputs, the attacker applies the "common input ownership heuristic": the assumption that all inputs in a single transaction belong to the same entity. This is the foundational heuristic of blockchain analysis. While not always true (CoinJoin transactions deliberately break this assumption), it holds for the vast majority of Bitcoin transactions.

With address clusters established, the attacker can:

• Map out a user's full set of addresses and calculate their total holdings
• Track spending patterns over time, identifying merchants, exchanges, and counterparties
• Cross-reference clustered addresses with known exchange deposit addresses or other identity-linked data points
• Build a transaction graph connecting the victim to other users in the network

The Bitcoin address privacy audit demonstrates how clustering and entity identification work for any Bitcoin address.

Dust Limits and UTXO Bloat

Bitcoin Core enforces a dust threshold to prevent the UTXO set from being bloated with economically unspendable outputs. Every unspent output must be stored in memory by every full node, so minimizing worthless UTXOs is important for network health.

The dust limit depends on the output script type because different script types require different-sized inputs to spend:

These thresholds are calculated based on a fee rate of 3 sat/vB: if spending the output at that rate would cost more than the output is worth, it qualifies as dust. Nodes will not relay transactions that create outputs below these limits, which provides a floor against extreme dusting. However, attackers can still send outputs just above the dust limit, making the attack viable even with these protections in place.

The concept of ephemeral dust in Lightning channel management is related but distinct: ephemeral dust outputs are intentionally created as part of protocol mechanics (like anchor outputs) and are expected to be spent immediately, unlike attack dust that persists in the UTXO set.

Use Cases for Dust Attacks

While dust attacks are primarily a privacy concern, they serve different purposes depending on who is conducting them:

• Chain analysis firms use dusting as one technique among many to cluster addresses for compliance monitoring, law enforcement support, and exchange risk scoring
• Targeted surveillance: an adversary interested in a specific individual may dust their known addresses to discover additional addresses and map their financial activity
• Spam and disruption: some dust attacks aim to bloat the UTXO set or fill the mempool, increasing costs for node operators. This overlaps with concerns about fee market dynamics and block space demand
• Advertising: some entities have used dust transactions with embedded OP_RETURN data to broadcast messages, though this is more accurately described as transaction spam than a dust attack

Mitigations

Defending against dust attacks requires awareness and proper wallet configuration. The most effective strategy is preventing dust from being spent in the first place.

Coin Control

Coin control is the most powerful defense. Wallets that support coin control let users manually select which UTXOs to include in a transaction. By never selecting unsolicited dust outputs, users prevent the address linkage that makes dusting effective.

Many self-custody wallets offer coin control features. Users can label incoming UTXOs and freeze suspicious ones so they are never automatically selected for spending. This approach requires some technical understanding of how Bitcoin transactions work, but it is the most reliable mitigation available.

UTXO Labeling and Freezing

Modern wallet software increasingly supports UTXO labeling: tagging each output with metadata about its source. When a new, unsolicited tiny output appears, users can label it as potential dust and freeze it. Frozen UTXOs are excluded from automatic coin selection.

# Example: freezing a dust UTXO in Bitcoin Core
bitcoin-cli lockunspent false '[{"txid":"<dust_txid>","vout":0}]'

# List locked (frozen) UTXOs
bitcoin-cli listlockunspent

Wallet Architecture

Using HD wallets with proper address hygiene reduces dust attack effectiveness. Key practices include:

• Generating a new address for every receive transaction so that dust sent to one address cannot be linked to others through address reuse
• Using separate wallets or accounts (different derivation paths) for different purposes, so that dusting one context does not compromise another
• Reviewing transaction inputs before signing, especially for large or sensitive transactions, to ensure no unexpected dust is included

Privacy-Preserving Techniques

Beyond direct dust mitigation, broader privacy practices reduce the impact of address clustering:

• CoinJoin transactions break the common input ownership heuristic by combining inputs from multiple users into a single transaction, making cluster analysis unreliable
• Layer 2 solutions like Lightning move transactions off-chain, where they are not visible to blockchain analysts. The onion routing used in Lightning further protects payment privacy
• Avoiding address reuse ensures that each address appears in at most two transactions (one receiving, one spending), limiting the data available for clustering

Risks and Considerations

Privacy Erosion Is Permanent

Once dust is spent and address linkage is recorded on the blockchain, the privacy loss cannot be reversed. The blockchain is immutable: every transaction that revealed address relationships will be visible forever. This makes prevention far more important than remediation.

Wallet Default Behavior

Many wallets, particularly those designed for simplicity, do not offer coin control or UTXO freezing. These wallets may automatically include dust in transactions without alerting the user. When choosing a self-custody wallet, coin control support should be a key consideration for privacy-conscious users.

False Positives

Not every small incoming payment is a dust attack. Legitimate transactions, change outputs from your own spending, and small payments from known parties can all produce small UTXOs. Overzealous dust filtering could cause users to freeze legitimate funds. Context matters: unexpected tiny amounts from unknown sources are suspicious, while small change outputs from your own transactions are normal.

Economic Cost to Attackers

Dust attacks are not free. The attacker must pay transaction fees to distribute dust, and during periods of high fees the cost of a large-scale dusting campaign increases significantly. The replace-by-fee mechanism and rising base fees have made broad dusting more expensive over time, though targeted attacks against specific addresses remain inexpensive.

Relationship to UTXO Management

Dust attacks highlight the broader importance of UTXO management in Bitcoin. Understanding the UTXO model and its privacy implications is essential for anyone holding significant amounts of Bitcoin. Good UTXO hygiene protects not only against dust attacks but also against fee inefficiency and other forms of chain analysis. Solutions like cold storage with proper coin control offer the strongest combination of security and privacy for long-term holders.

This glossary entry is for informational purposes only and does not constitute financial or investment advice. Always do your own research before using any protocol or technology.