Today at 11:45 UTC, we observed unexpected platform delays. Due to this, we were forced to halt the trading and lock the platform for investigation. We unlocked the platform but shortly after that locked it again as the problem persisted.
The investigation showed that we experienced an overwhelming number of REST messages requesting two endpoint data:
/public/get_last_trades
/public/get_instruments
As a number of REST users using different IPs were sending very high numbers of requests to these endpoints, it caused an increased strain on CPU capacity and disrupted the performance of the entire platform and especially the database.
After an in-depth investigation, our tech team successfully located the issue and has secured full functionality of the platform. Trading resumed at 1:30 UTC today.
We have blocked IPs generating the problematic requests. However, if we continue to observe any performance issues, Deribit will consider halting REST functionality until further notice. To be clear, at this moment no REST functionality has been disabled.
Later today we will implement a hotfix causing the above information to be cached by the platform removing the potential vulnerability.
We apologize for the prolonged downtime.
Thank you for your patience, understanding, and support.
AUTHOR(S)