search

scsibug / nostr-rs-relay

Mirror of https://sr.ht/~gheartsfield/nostr-rs-relay/
MIT License
569 stars 154 forks source link

NIP-05 verification denial of service #118

Open yuvadm opened 1 year ago

yuvadm commented 1 year ago

Relays can be DoS attacked via NIP-05 verification, with multiple logs showing up:

WARN nostr_rs_relay::nip05: Error when checking for NIP-05 verification records: DatabasePoolError(Error(None))

What options are available for resolving this attack?

yuvadm commented 1 year ago

Answering myself -

Either disable NIP-05 verification or blacklist spamming domains (I see you nostr-vip.org).

But maybe some extra code stability is required?