mversic
commented
1 month ago one concern is message boundedness. For example, peer can send huge vector to another peer. Or client can send a huge vector to the peer. This has to be limited
Open SamHSmith opened 1 month ago
mversic
commented
1 month ago one concern is message boundedness. For example, peer can send huge vector to another peer. Or client can send a huge vector to the peer. This has to be limited
We need to start investigating and hardening Iroha against malicious network inputs. The consensus is robust against malicious peers but is not robust against many peers being successfully targeted by denial of service. We therefore need to start thinking about limits on the data coming in and ways we currently can be exploited. We probably need some general techniques we can apply generally as handling things on a case by case basis may become overwhelming.