search

neo-project / neo

NEO Smart Economy
MIT License
3.47k stars 1.03k forks source link

Limit attacks by malicious nodes #1316

Open Tommo-L opened 4 years ago

Tommo-L commented 4 years ago

Summary or problem description

If we are under attack, a large number of transactions are sent from a certain node. Parallel verification of transactions in Blockchain will result in fewer opportunities for other normal user transactions to be verified. https://github.com/neo-project/neo/pull/1298#issuecomment-559341882

Do you have any solution you want to propose?

Need more discussion, one simple solution is to add message frequency limitation.

Neo Version

Where in the software does this update applies to?

lock9 commented 4 years ago

I think we need to implement weighted distribution to process messages per peer, in different queues. We could have priority nodes too, making them have a greater weight in message distribution.

shargon commented 4 years ago

Also, verify signatures could be expensive, we should disconnect nodes if the fail the verify of the message that he relay.

ShawnYun commented 4 years ago

If we use index to synchronize the blocks, we also need to consider the attack with invalid blocks.

vncoelho commented 4 years ago

@Tommo-L, perhaps we should focus on NEO3 only.

@shargon, agreed with that, surely we should disconnect from nodes that sent invalid signatures, I do not see a normal case that this may happen.

@ShawnYun, do you think that the metrics we mentioned on #1397 should be discussed here as well? Agree with you as well about the index of invalid blocks.