inv attack

[rebroad]

It looks like someone is attacking the network as I just saw 42,104 "nm winner" inv announcements (the hashes were in numerical order also) from a node, which is considerably more than the number of masternodes in existence. I suspect they are trying to fill mapAlreadyAskedFor so that it is less useful for valid masternodes. Some additional DoS logic would help here, plus the ability to associate entries with the peer that provided them so that when misbehaviour is identified that those entries can be deleted.

The ofending node FYI, was:-

2016-12-22 05:34:32 receive version message: /Dash Core:0.12.0.58/: version 70103, blocks=591051, peer=1, peeraddr=52.202.28.159:9999

[UdjinM6]

That's not an attack imo, that's by design:

• mnw message is a vote for a winner signed by MN who voted;
• it takes 10 votes from top 10 MNs at each block (you can think of them as a block of votes) to determine the actual mn winner;
• we store slightly more blocks of votes than there are MNs to reconstruct history of voting a bit more accurate;
• votes are stored in map which is an ordered structure by its nature.

With this in mind 42104 is even a bit lower than it could be but that's ok too because some votes become obsolete when their MNs are going out of list and such mnws are not relayed.

[rebroad]

oh,... so 4000 masternodes are voting on how many things? If n things, then n * 4000 votes being broadcast?

[UdjinM6]

top 10 mns vote on 1 thing but we keep history for as many blocks as there are masternodes so when you sync it's N(mns) x 10 = ~4200 x 10