Skip to content

Attacker can DDOS a regular node with invalid item hashes #148

Open
Open
Attacker can DDOS a regular node with invalid item hashes#148
Assignees
gladcow
Labels
enhancementNew feature or request
@gladcow

Description

@gladcow
gladcow
opened on Sep 24, 2019

Bug Description
Attacker or buggy node can send a lot of incorrect item hashes before it is disconnected, and attacked node will request other peers this items in spite of the fact that the first peer was recognized as unsafe source of information and disconnected.

Porting from Bitshares or other Graphene forks
Corresponding PR:
- bitshares/bitshares-core#1007

Impacts
Describe which portion(s) of Peerplays may be impacted by this bug. Please tick at least one box.

  • API (the application programming interface)
  • Build (the build process or something prior to compiled code)
  • CLI (the command line wallet)
  • Deployment (the deployment process after building such as Docker, Gitlab, etc.)
  • [*] P2P (the peer-to-peer network for transaction/block propagation)
  • [*] Performance (system or user efficiency, etc.)
  • Protocol (the blockchain logic, consensus, validation, etc.)
  • [*] Security (the security of system or user data, etc.)
  • UX (the User Experience)
  • Other (please add below)

Steps To Reproduce
To reproduce this bug you need to create and start the node that emulate attacker logic. This attacker node should send a lot of blocks with invalid item hashes, attacked node should disconnect it but it should request this invalid items from other peers.

Expected Behavior
Attacked node should not request from its other peers invalid items received from disconnected attacker .

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions