hannahhoward
commented
5 years ago Per @whyrusleeping:
things shouldnt be trivially DoSable but i think if a simple rate limiter would prevent the DoS, then thats acceptable
Closed hannahhoward closed 5 years ago
hannahhoward
commented
5 years ago Per @whyrusleeping:
things shouldnt be trivially DoSable but i think if a simple rate limiter would prevent the DoS, then thats acceptable
The Graphsync spec states:
Other notes
Cost to the responder. The graphsync protocol will require a non-zero additional overhead of CPU and memory. This cost must be very clearly articulated, and accounted for, otherwise we will end up opening ugly DoS vectors
This is true. If responders simply accept every GraphSync query sent to them a DoS attack becomes trivial. I am wondering if and how we need to account for this before GraphSync is integrated into go-filecoin or any production system.