search

AleoNet / snarkOS

A Decentralized Operating System for ZK Applications
http://snarkos.org
Apache License 2.0
4.24k stars 2.59k forks source link

Disconnect from requests decreasing in height #3227

Closed vicsn closed 2 months ago

vicsn commented 3 months ago

Motivation

Prevents a DoS attack by a peer who keeps requesting large amounts of the same blocks. We disconnect as soon as we encounter a repetitive request, and it is allowed again after INBOUND_BLOCK_REQUEST_INTERVAL = 60 seconds.

I tried to re-use the Cache abstraction without imposing too many additional assumptions.

Test Plan

Added some unit tests, but this should definitely be tested on a running network.

Related PRs

Extends: https://github.com/AleoHQ/snarkOS/pull/3223

howardwu commented 2 months ago

What's the status on this PR? I see one unresolved conversation.

vicsn commented 2 months ago

What's the status on this PR? I see one unresolved conversation.

Still unresolved, thx for the ping

vicsn commented 2 months ago

Closing this because:

  1. honest nodes request the same block twice sometimes under very normal conditions. Great find @kpandl !
  2. It's not that great of a DoS protection, an attacker could use multiple clients which intermittendly keep requesting increasing block ranges