-
Notifications
You must be signed in to change notification settings - Fork 455
Netgroup inbound peer eviction and secret generation - Closes #3976 #4023
Conversation
2c31ed1
to
93fb61f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't this issue also save the secret to the database?
After discussion with @jondubois we decided to delay persistence to db until a later release. The effect was minimal enough that it can be seen as an optimization rather than necessity. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, Please open an issue for saving the secret to the database =)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've left few comments. Besides, I'd like to relapse if the features we are adding in this PR is actually covered with any of the existing integration tests.
There is the limiting factor of not being able to fake the first two IP address groups in integration tests. However the |
08e207a
to
0f010d3
Compare
0f010d3
to
b9f70e1
Compare
3b2ac47
to
3c47ec9
Compare
What was the problem?
Eviction of inbound peers based on
netgroup
value was not implemented.Node required a random 32-bit entropy secret on startup.
How did I solve it?
Peers are now evicted based on 4 categories including
netgroup
value as per new protocol.Secret generated on node startup.
How to manually test it?
Start node. Set
netgroupProtectionRatio
to a high value forP2PConfig
. Check which peers are evicted.Review checklist