From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 82E27C002D for ; Thu, 9 Jun 2022 18:24:15 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 71AAC82CFA for ; Thu, 9 Jun 2022 18:24:15 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.101 X-Spam-Level: X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URI_DOTEDU=0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp1.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eD-5dIANIjeR for ; Thu, 9 Jun 2022 18:24:14 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mail-40135.protonmail.ch (mail-40135.protonmail.ch [185.70.40.135]) by smtp1.osuosl.org (Postfix) with ESMTPS id 097A882BF5 for ; Thu, 9 Jun 2022 18:24:13 +0000 (UTC) Date: Thu, 09 Jun 2022 18:24:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1654799051; x=1655058251; bh=L+y8SHfwHBv0rc32/PP0HWBsvKe9cddyp9xNZ/ge7eA=; h=Date:To:From:Reply-To:Subject:Message-ID:Feedback-ID:From:To:Cc: Date:Subject:Reply-To:Feedback-ID:Message-ID; b=Q+X6o9xeu2P01tfeljxi8021x6459qCAh0KukmoS6rlYU2GbWMohYHgM9wBRjIoj3 vGEAjOwWy7UEVKh2/ERSkOVzwbeLkNJOWeY7sj85yfDAaZOCx4i+25wpF1eSKOLF/v wkuO6pMEKiAu1lj1eh1g9LhRE92ID2md+hpxoKi0Jt2wiR9gLNA9zuWBCtS1KWcltP eEiYiOAkNzoOQ7dwGjTya30YbN8U5w7t3pybJ20I015Ys49cmgZ+4L+UrQ12qWalm4 YnOtZJ2mKFyti0PEYE9uNrvEECL+z3Mue+UJ+9qmPzyahO/X5+8Ekix2xFvBWuEjs+ UpMYMDKP2b9ag== To: Bitcoin Protocol Discussion From: alicexbt Reply-To: alicexbt Message-ID: Feedback-ID: 40602938:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Thu, 09 Jun 2022 18:30:32 +0000 Subject: [bitcoin-dev] BGP hijacking on Bitcoin p2p network X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Jun 2022 18:24:15 -0000 Hi Bitcoin Developers, Based on this [answer][1] from 2014, bitcoin nodes are vulnerable to BGP hi= jacking. There was an incident in March 2022, twitter prefix was hijacked a= nd details are shared in 2 blog posts: https://isc.sans.edu/diary/rss/28488 https://www.manrs.org/2022/03/lesson-learned-twitter-shored-up-its-routing-= security/ 'nusenu' had written an article about Tor network being vulnerable to BGP h= ijacking attacks: https://nusenu.medium.com/how-vulnerable-is-the-tor-netwo= rk-to-bgp-hijacking-attacks-56d3b2ebfd92 After doing some research I found that RPKI ROA and BGP prefix length can h= elp against BGP hijacking attacks. I checked BGP prefix length and RPKI ROA= for first 10 IP addresses returned in `getnodeaddresses` in bitcoin core a= nd it had vulnerable results. https://i.stack.imgur.com/KD7jH.png Has anyone written a detailed blog post or research article like nusenu? If= not I would be interested to write one in next couple of weeks? Looking for some "technical" feedback, links if this was already discussed = in past with some solutions. =C2=A0 [1]: https://bitcoin.stackexchange.com/a/30305/133407 /dev/fd0 Sent with Proton Mail secure email.