Skip to content
This repository has been archived by the owner on Jun 11, 2024. It is now read-only.

Security issue: IP of specific delegate can be found #49

Closed
simonmorgenthaler opened this issue Apr 12, 2016 · 2 comments
Closed

Security issue: IP of specific delegate can be found #49

simonmorgenthaler opened this issue Apr 12, 2016 · 2 comments
Labels
status: wontfix

Comments

@simonmorgenthaler
Copy link

simonmorgenthaler commented Apr 12, 2016
edited by fix
Loading

It's possible to find the IP of a specific delegate (or all delegates)
@karmacoma karmacoma self-assigned this Apr 13, 2016
@mrv777
Copy link
Contributor

mrv777 commented May 10, 2016

If you use the API whitelist and block everyone but yourself, is this still possible?

I only know how to do this with an open API, which the API whitelist provides an easy solution to prevent.

Idea, maybe when you do bash lisk.sh coldstart, it asks if you want the node to be a public peer or not, adjusting the API whitelist in config.json as needed. Maybe even promoting for your forging passphrase to add in there too. Simplifying the setup to this two step menu instead of opening up the config.json file yourself and editing it (even though that's really not that difficult to do :) )

@karmacoma karmacoma removed their assignment Jun 14, 2016
@fix
Copy link
Contributor

fix commented Aug 30, 2016

I think there is no way (at least not known to me) to prevent such feature:

  • delegate must be reachable by all delegates blocks in a very decent time (< 5s)
  • active delegate forges blocks every 16 min

Those footprints are impossible to hide imho.

@fix fix closed this as completed Aug 30, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
status: wontfix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@karmacoma @fix @mrv777 @simonmorgenthaler