search

maidsafe / sn_routing

Routing - specialised storage DHT
Other
278 stars 81 forks source link

Sybil attack through relocation #2368

Closed madadam closed 3 years ago

madadam commented 3 years ago

A relocated node can create arbitrary number of new identities and sign them with their old key and then pretend they are all different nodes joining the destination section. If the node is old enough, it can easily take control of the dst section this way.

Idea for a fix:

We record the previous name as part of the MemberInfo in the SectionPeers container. Then when inserting an entry into the container, we check whether an entry with the same previous_name already exists there. If so, we vote Offline for both of them.

Alternatively (less harsh): we use some deterministic rule to pick one and discard the other.

dirvine commented 3 years ago

I like the harsh route myself. It's a definite hack attempt so we should punish.

maqi commented 3 years ago

moved to https://github.com/maidsafe/safe_network/issues/77