Open i-am-yuvi opened 2 weeks ago
As discussed with @0xB10C, we can have peer_id as the identifier for any peer instead of ipaddress+port for privacy reasons. If the peer is identified as spy, we can display the details of the peer!
Another question arises, how do we display the stats for each peer? Maybe we could have something that would display the stats after a certain time(5 mins or 10 mins) of all the peers. @0xB10C
Here in this PR #45, I have used Mutex for the shared state, I think we can use atomics instead of Mutex as it is more efficient. Also, we don't have to rely on lock and unlock operation!!
Another question arises, how do we display the stats for each peer? Maybe we could have something that would display the stats after a certain time(5 mins or 10 mins) of all the peers. @0xB10C
I think that's fine for a start until we figured out a good threshold. Maybe you can sort them based on how many getdata's they have send.
Another question arises, how do we display the stats for each peer? Maybe we could have something that would display the stats after a certain time(5 mins or 10 mins) of all the peers. @0xB10C
I think that's fine for a start until we figured out a good threshold. Maybe you can sort them based on how many getdata's they have send.
Yeah, that would be good for now!
@0xB10C I have observed some p2p messages received by Bitcoin node using logger in peer-observer i.e. NotFound([WitnessTx(225ac634fa62c...)
, is this because there is no protobuf definition for this msg type?
No, notfound is a message in the bitcoin p2p protocol.
See https://en.bitcoin.it/wiki/Protocol_documentation#notfound
If your node receives a getdata but it does not have the data, it may respond with a notfound message.
Currently, there is no feature to detect spy peers/nodes, which has been discussed here.
Some important anomalies to consider are:
We only handle INV, GETDATA, and TX p2p messages. We need to maintain a shared state – one entry (IP address + Port) for each connection with the number of INV, GETDATA, and TX sent and received. Additionally, spy peers will close the connection, so we also need to account for handling closed connections. Once all this is implemented, we can have some stats on normal/spy peers/nodes.
One approach could be to find the ratio of INV/GETDATA for each peer, but there might be other heuristics to detect peer identity.
A reference implementation has been done at the following URL: https://github.com/i-am-yuvi/peer-observer/tree/spy-detection.