public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Ali Sherief <ali@notatether.com>
To: "bitcoin-dev@lists.linuxfoundation.org"
	<bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] An idea to block invalid addresses from reaching the peers.dat buckets
Date: Mon, 12 Jul 2021 23:33:16 +0000	[thread overview]
Message-ID: <PKeS7M-QWkdvfikZ0M_yH-Gj4t1VlxmSF43XMEuR8aCGps1WAbt-kglEm1ee-YDhsmSIM68G4-_xNMFgOB9u5H6UAT1qow8sW1yt4iaIShI=@notatether.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 1944 bytes --]

This is an interesting read: https://bitcointalk.org/index.php?topic=5348856.0

So according to this, somebody is spamming the bitcoin network with addr message pointing to invalid addresses and ports, which bloats the peers.dat and corresponding structure in memory.

Since peers.dat uses a custom record type which I don't know how to parse, I wasn't able to check specifics of IP addresses listed in there, but I believe I have a workaround to prevent this kind of thing from happening. Exactly how easy or difficult it will be to implement this change I don't know.

- Change the AddrDb updating functionality so that it does not add nodes that are unreachable. Not unreachable by timeout, but "connection refused" kind of errors.

Such addresses can either be stored in a new, separate database-like file such as "ignore.dat", or they can be augmented in the peers.dat file under a new entry type (I'm not sure if this is even possible). In both cases the invalid nodes can be immediately flushed from memory to avoid processing them.

-- This is only done the first time the node is seen in the wild. To avoid blocking nodes which happened to go offline, the check won't be made if it's already in the buckets. So it won't clean up an attack like this (meaning peers.dat files have to be recreated to fix this) but it will prevent another in the future.

- In order to facilitate other nodes discovering blocked nodes, a new ZMQ message can be made that sends the node's list of ignored addresses. Since I haven't used ZMQ much I don't know the specifics of how to do this.

- Introduce a new file or command-line/config option called "ignorelist" or something with a list of subnets that will *not* be read into the AddrDB buckets in any case.

It will work differently from the banlist, whose primary job is to block peers that send invalid messages, not peers that are not, and cannot, be unreachable in the first place.

- Ali Sherief

[-- Attachment #2: Type: text/html, Size: 2408 bytes --]

             reply	other threads:[~2021-07-12 23:40 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-07-12 23:33 Ali Sherief [this message]
2021-07-13  0:54 ` [bitcoin-dev] An idea to block invalid addresses from reaching the peers.dat buckets Pieter Wuille

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='PKeS7M-QWkdvfikZ0M_yH-Gj4t1VlxmSF43XMEuR8aCGps1WAbt-kglEm1ee-YDhsmSIM68G4-_xNMFgOB9u5H6UAT1qow8sW1yt4iaIShI=@notatether.com' \
    --to=ali@notatether.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox