johanstokking
commented
2 years ago @NicolasMrad let's triage in next call
Closed johanstokking closed 2 years ago
johanstokking
commented
2 years ago @NicolasMrad let's triage in next call
johanstokking
commented
2 years ago @nicholaspcr if you need any help, please let me know. We can also schedule a session to address this together if you like.
Summary
References https://github.com/TheThingsIndustries/lorawan-stack/issues/2229
Why do we need this?
To reduce the amount of used DevNonces in our database. Also, many end devices do not have a true random number generator, leading to values being reused more often than should. Since the session key derivation also takes into account Join Nonce, this isn't too much of a problem.
What is already there? What do you see now?
The number of used DevNonces is infinite.
What is missing? What do you want to see?
It should be limited to a configured maximum, by default 10.
How do you propose to implement this?
On successful join, append the latest DevNonce and only store up to N used DevNonces back in the registry.
How do you propose to test this?
CI
Can you do this yourself and submit a Pull Request?
Will review. @nicholaspcr let me know if you need any pointers or assistance. Relevant code is: https://github.com/TheThingsNetwork/lorawan-stack/blob/v3.17/pkg/joinserver/joinserver.go#L333-L336