Open ackintosh opened 2 years ago
AgeManning
commented
2 years ago I'm not sure that paper is relevant to our discv5. I think we have built a few interesting counter-measures for eclipses.
I'm very curious to see how discv5 works under eclipse scenarios.
ackintosh
commented
2 years ago You are right. The paper is mentioning Geth and Node Discovery Protocol v4. So I customed the attacks the paper introduces to apply them to discv5.
Still a work in progress, I have observed discv5 avoids the attacks, with effective configuration. 🚀
AgeManning
commented
2 years ago Oh nice. I was curious about how effective some of the measures we've added are. :rocket:
ackintosh
commented
2 years ago I noticed a scenario where attackers can add its node id to the victim's routing table as "outgoing".
From what I've seen of the code, the scenario can not happen on our discv5 implementation. 👍 https://github.com/sigp/discv5/blob/a00c872075d0b9d06a09292db99084559fcd7e91/src/handler/mod.rs#L670
I think it's worth implementing the scenario as a simulation, to check the validity of our implementation continuously.
(update) I'm planning to implement a scenario that is based on the above, the victim node sends FINDNODE, not PING.
AgeManning
commented
2 years ago Oh yeah nice. Looks like we cover this scenario. Have you seen this happen elsewhere?
I think the concept of ingoing/outgoing is something we have added independently and its not used in other implementations, i'm not sure tho
ackintosh
commented
2 years ago I've only seen Prysm before, it also uses inbound/outbound (slightly different name from our discv5) concept. I'm not sure if the scenario happens on Prysm though because I haven't dug into Prysm. 🤔
Ref: Low-Resource Eclipse Attacks on Ethereum’s Peer-to-Peer Network