Closed codyborn closed 1 year ago
I think this is a larger item since we'll need to get data into BigQuery/Metabase to build thorough charts. Last milestone I tried to cover this in StackDriver and reached the limits of what it's capable of:
This should be reviewed in the context of the 'Attacks on ODIS' discussion
Alerting on rate of ODIS usage over time (compared to expected Valora usage). Start with simple alert if we see more requests than expected over a day or week period. Another potential alert is on the max number of requests from a single address. If a single address requests thousands of ODIS signatures, it's likely unexpected and abusive.
Update: Output of this ticket should be a written investigation into abuse monitoring approaches. Additional tickets may be created to implement these approaches depending on their complexity