
# Beyond CFT: Attacks on the Network and Convergence 


So far we showed how gossip can withstand network imperfection. But what if the attacker deliberately splits and attacks the network?  


Beyond regular crashes, peer can behave in various ways violating the protocol: hide transactions, send bogus data, create Sybil entities etc.
The goal of a blockchain system is to withstand against a powerful adversary. 

To ensure that message will be seen by the peer, once the peer is back online it must fetch the data from the neighboring peers. But what if the neighboring nodes are malicious and will censor certain transactions?   

In the next notebooks we will cover techniques that help to detect/prevent malicious behaviour.



# Malicious gossip agent 

One of the goal of a blockchain system is to record transaction in a 'hard-to-tamper' way.

How can you achieve that in P2P settings?  
It is common in databases and blockchains to use cryptography to verify the integrities of the transactions.

Let's first create a malicious agent that will change the data of received transactions to split the network.  


In [11]:
# Initialize the experiment:
import networkx as nx
import p2psimpy as p2p
import warnings
warnings.filterwarnings('ignore')

# Load the previous experiment configurations
exper = p2p.BaseSimulation.load_experiment(expr_dir='crash_gossip')

Locations, topology, peer_services, serv_impl = exper


{'client': PeerType(config=<class 'p2psimpy.config.PeerConfig'>, service_map={'BaseConnectionManager': None, 'MessageProducer': None}),
 'peer': PeerType(config=<class 'p2psimpy.config.PeerConfig'>, service_map={'BaseConnectionManager': None, 'RandomDowntime': <class 'p2psimpy.config.DowntimeConfig'>, 'RangedPullGossipService': <class 'p2psimpy.config.GossipConfig'>})}

## Define malicious agents 
Let's first add malicious nodes randomly: 

In [3]:
# Change peer to a malicious 
from itertools import groupby
from random import sample

frac_malicious_nodes = 0.3 # 30 % of malicious nodes


def assign_malicious_peers(topology, mal_frac):
    type_dict = nx.get_node_attributes(topology, 'type')
    inv_type_dict = {k: {j for j, _ in list(v)}
                                for k, v in groupby(type_dict.items(), lambda x: x[1])}
    mal_nodes = sample(list(inv_type_dict['peer']), 
                       int(frac_malicious_nodes * len(inv_type_dict['peer'])))
    for b in mal_nodes:
        type_dict[b] = 'malicious'
        
    nx.set_node_attributes(topology, type_dict, 'type')
    
assign_malicious_peers(topology, frac_malicious_nodes)

## Define malicious services 

We will inherit a malicious gossip service that will relay the gossip message to one half of the network and the other half a tempered message (with different data). 



In [4]:
from p2psimpy.messages import *
from p2psimpy.consts import TEMPERED

class MaliciousGossipService(p2p.GossipService):
    
    
    def handle_message(self, msg):
        # Store the original message localy 
        self.peer.store('msg_time', msg.id, self.peer.env.now)
        self.peer.store('msg_data', msg.id, msg.data)

        if msg.ttl > 0:
            # Rely message further, modify the message
            exclude_peers = {msg.sender} | self.exclude_peers
            
            # Send the original message to one half of the network, 
            selected = self.peer.gossip(GossipMessage(self.peer, msg.id, msg.data, msg.ttl-1,
                                                      pre_task=msg.pre_task, post_task=msg.post_task), 
                                        self.fanout//2, 
                                        except_peers=exclude_peers, 
                                        except_type=self.exclude_types)
            # Change the message and send it to the other half
            new_data = TEMPERED
            exclude_peers = exclude_peers | set(selected)
            self.peer.gossip(GossipMessage(self.peer, msg.id, new_data, msg.ttl-1, 
                                           pre_task=msg.pre_task, post_task=msg.post_task), 
                             self.fanout//2, 
                             except_peers=exclude_peers, 
                             except_type=self.exclude_types)

##  Add malicious type and services 

We deliberately keep malicious nodes uncrashable. 


In [5]:
gossip_config = peer_services['peer'].service_map['RangedPullGossipService']
serv_impl['RangedPullGossipService'] = p2p.GossipService



peer_services['malicious'] = p2p.PeerType(peer_services['peer'].config,
                                      {p2p.BaseConnectionManager:None,
                                       MaliciousGossipService: gossip_config}
                                     )

## Run simulation 

Let's see how malicious agents together with crashing nodes affect the message dissemination. 

In [6]:
serv_impl

{'BaseConnectionManager': p2psimpy.services.connection_manager.BaseConnectionManager,
 'MessageProducer': p2psimpy.services.message_producer.MessageProducer,
 'RandomDowntime': p2psimpy.services.disruption.RandomDowntime,
 'RangedPullGossipService': p2psimpy.services.gossip.GossipService}

In [7]:
peer_services

{'client': PeerType(config=<class 'p2psimpy.config.PeerConfig'>, service_map={'BaseConnectionManager': None, 'MessageProducer': None}),
 'peer': PeerType(config=<class 'p2psimpy.config.PeerConfig'>, service_map={'BaseConnectionManager': None, 'RandomDowntime': <class 'p2psimpy.config.DowntimeConfig'>, 'RangedPullGossipService': <class 'p2psimpy.config.GossipConfig'>}),
 'malicious': PeerType(config=<class 'p2psimpy.config.PeerConfig'>, service_map={<class 'p2psimpy.services.connection_manager.BaseConnectionManager'>: None, <class '__main__.MaliciousGossipService'>: <class 'p2psimpy.config.GossipConfig'>})}

In [7]:
from p2psimpy.messages import GossipMessage

In [8]:
# Init Graph
sim = p2p.BaseSimulation(Locations, topology, peer_services, serv_impl)
sim.run(3_200)

# Analyze the storage data




## Message data

Let's see how this fraction of malicious nodes affected the network. 
We compare the received message with the original message, we report `True` if the message wasn't tampered `False` and otherwise. 



In [9]:
import pandas as pd

def message_data(sim, peer_id, storage_name):
    store = sim.peers[peer_id].storage[storage_name].txs
    for msg_id, tx in store.items():
        client_id, msg_num = msg_id.split('_')
        client_tx = sim.peers[int(client_id)].storage[storage_name].txs[msg_id]
        yield (int(msg_num), tx.data == client_tx.data)
        
def get_gossip_table(sim, storage_name, func):
    return pd.DataFrame({k: dict(func(sim, k, storage_name)) 
                         for k in set(sim.types_peers['peer'])}).sort_index()

    
df = get_gossip_table(sim, 'msg_data', message_data)
df

Unnamed: 0,1,2,3,4,5,6,8,12,14,15,17,18,19,20,21,22,23,24
1,True,True,True,True,True,True,False,False,True,True,True,True,True,True,True,True,True,True
2,True,False,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True
3,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True
4,True,True,True,True,True,True,True,True,True,True,True,True,False,True,False,True,True,True
5,True,True,True,False,True,True,True,True,False,True,True,True,True,True,False,True,True,True
6,True,True,True,False,True,True,True,True,True,True,True,True,True,True,True,True,True,False
7,,True,True,True,False,True,False,False,True,,True,False,True,True,False,True,False,False
8,True,True,,True,True,,,True,True,True,True,False,True,False,True,True,True,False
9,False,,True,True,False,True,False,True,True,False,True,False,True,True,,True,True,True
10,True,True,False,False,True,False,True,True,False,True,True,True,True,True,False,False,True,True


In [10]:
df[df==False].count()

1     1
2     1
3     2
4     4
5     2
6     1
8     3
12    2
14    2
15    1
17    0
18    3
19    1
20    1
21    4
22    1
23    1
24    3
dtype: int64

Malicious nodes managed to trick some peers into accepting wrong data! As peers will write 'first-seen' value, adversary once having advantage over the network can perfectly split the network. 

How to deal with this?

# Signing messages

First of all, messages themselves must be verified on their **integrity** and **authenticity**. 
[Digital signatures](https://en.wikipedia.org/wiki/Digital_signature) are perfect match for this and hence all blockchain systems use them. 

We will modify the code to simulate the signed messages. We will not use an actual crytpographic protocol since we care about only two things for our simulation: 
- It takes time to verify and sign messages. 
- Peers should store and forward only valid messages. 



## Simulating digital signatures 

We will show an example by building a crypto validator for 456 bits [EdDSA (Ed448)](https://en.wikipedia.org/wiki/EdDSA) (one of the most popular digital signatures in the wild).
On a regular laptop it takes usually less than 1 millisecond to verify a signature. Let's take the near worse case.  


This is not real. 

We will integrate a verification task into the message itself. 
Peer before triggering other services will first run the `pre_task`.  

Since the message is first created by MessageProducer we will add a task in the configuration.



In [11]:
from p2psimpy.consts import TEMPERED
from p2psimpy.config import Config, Func, Dist


conf = peer_services['client'].service_map['MessageProducer']


def validate_task(msg, peer):
    gen_dist = Dist('norm', (1, 0.2)) # time it takes to verify the message

    yield peer.env.timeout(gen_dist.get())
    if msg.data == TEMPERED:
        # You can decide what to do in this case.
        return False
    return True


class MsgConfig(Config):
    pre_task = Func(validate_task)
    init_ttl = conf.init_ttl if conf else 3
    
    
peer_services['client'].service_map['MessageProducer'] = MsgConfig

In [12]:
serv_impl

{'BaseConnectionManager': p2psimpy.services.connection_manager.BaseConnectionManager,
 'MessageProducer': p2psimpy.services.message_producer.MessageProducer,
 'RandomDowntime': p2psimpy.services.disruption.RandomDowntime,
 'RangedPullGossipService': p2psimpy.services.gossip.GossipService}

In [13]:
# Run the simulation with a modificed message producer 

sim2 = p2p.BaseSimulation(Locations, topology, peer_services, serv_impl)
sim2.run(3_200)


In [14]:
df = get_gossip_table(sim2, 'msg_data', message_data)
df

Unnamed: 0,1,2,3,4,5,6,8,12,14,15,17,18,19,20,21,22,23,24
1,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True
2,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True
3,True,True,True,True,,True,True,True,True,True,True,True,True,True,True,True,True,True
4,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True
5,True,True,True,True,True,,True,True,True,,True,,True,True,,True,True,True
6,True,,True,True,True,,True,True,,,True,True,True,,True,True,True,True
7,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True
8,True,True,True,,True,True,True,,True,,True,True,True,True,True,,,
9,True,True,True,True,True,True,,True,True,True,True,True,True,,,,True,True
10,True,,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True,True


In [15]:
sim2.peers[12].storage['msg_data'].txs

{'26_1': GossipMessage:AIZSUBPPSEGHFVTXYUSV,
 '26_2': GossipMessage:BSVVWDIXECBXNHRKUGEY,
 '26_3': GossipMessage:XZBAURDXZJRIBJQFRKHX,
 '26_4': GossipMessage:VGDMGANGPTDTEWIEATGN,
 '26_5': GossipMessage:EBDFVVSENSQOUKXFQHKQ,
 '26_6': GossipMessage:YTMJJHSFZQZSKDWROCSM,
 '26_7': GossipMessage:AYYIUEEAKOTANMEOYLRF,
 '26_9': GossipMessage:IQMGIXZITMNZQYTANKMW,
 '26_10': GossipMessage:FVHMGJVBPVZSPWXECYKX,
 '26_11': GossipMessage:ZDLFHPYYZAYHQMCZKNON}

Now malicious nodes cannot change the message. They need to explore other attack strategies!
The malicious nodes can delay messages, hide them, freeriding in a gossip (only listening). 
Together with network attack this can create a dangerous combination. 

Let us consider a case where an honest node is surrounded by malicious nodes (all network connections are with malicious nodes) that will hide certain transactions. As a result, peer will not receive crucial transactions that might affect it's decision making process. This attack is also called **Eclipse attack**.   

In reality, almost nothing stops one malicious node from running multiple instances and poison the whole network. This attack is called **Sybil Attack**. 




### Exercises


- Explore the limits of the gossip protocol. What is the maximum number of malicious nodes a protocol can tolerate? 
- Try to eclipse attack some peer, make sure he doesn't get any message, or one specific message (censor)? 



## Exercise 1 
1. Change the parameter "frac_malicious_nodes" to 0.04

In [16]:
# Initialize the experiment:
from itertools import groupby
from random import sample
from p2psimpy.messages import GossipMessage
from p2psimpy.messages import *
from p2psimpy.consts import TEMPERED
from p2psimpy.consts import TEMPERED
from p2psimpy.config import Config, Func, Dist
import networkx as nx
import p2psimpy as p2p
import warnings
warnings.filterwarnings('ignore')

# Load the previous experiment configurations
exper = p2p.BaseSimulation.load_experiment(expr_dir='crash_gossip')
Locations, topology, peer_services, serv_impl = exper

frac_malicious_nodes = 0.04 


def assign_malicious_peers(topology, mal_frac):
    type_dict = nx.get_node_attributes(topology, 'type')
    inv_type_dict = {k: {j for j, _ in list(v)}
                                for k, v in groupby(type_dict.items(), lambda x: x[1])}
    mal_nodes = sample(list(inv_type_dict['peer']), 
                       int(frac_malicious_nodes * len(inv_type_dict['peer'])))
    for b in mal_nodes:
        type_dict[b] = 'malicious'
        
    nx.set_node_attributes(topology, type_dict, 'type')
    
assign_malicious_peers(topology, frac_malicious_nodes)


class MaliciousGossipService(p2p.GossipService):
    
    def handle_message(self, msg):
        # Store the original message localy 
        self.peer.store('msg_time', msg.id, self.peer.env.now)
        self.peer.store('msg_data', msg.id, msg.data)

        if msg.ttl > 0:
            # Rely message further, modify the message
            exclude_peers = {msg.sender} | self.exclude_peers
            
            # Send the original message to one half of the network, 
            selected = self.peer.gossip(GossipMessage(self.peer, msg.id, msg.data, msg.ttl-1,
                                                      pre_task=msg.pre_task, post_task=msg.post_task), 
                                        self.fanout//2, 
                                        except_peers=exclude_peers, 
                                        except_type=self.exclude_types)
            # Change the message and send it to the other half
            new_data = TEMPERED
            exclude_peers = exclude_peers | set(selected)
            self.peer.gossip(GossipMessage(self.peer, msg.id, new_data, msg.ttl-1, 
                                           pre_task=msg.pre_task, post_task=msg.post_task), 
                             self.fanout//2, 
                             except_peers=exclude_peers, 
                             except_type=self.exclude_types)

gossip_config = peer_services['peer'].service_map['RangedPullGossipService']
serv_impl['RangedPullGossipService'] = p2p.GossipService

peer_services['malicious'] = p2p.PeerType(peer_services['peer'].config,
                                      {p2p.BaseConnectionManager:None,
                                       MaliciousGossipService: gossip_config}
                                     )

# Init Graph
sim = p2p.BaseSimulation(Locations, topology, peer_services, serv_impl)
sim.run(3_200)



################################################################################

import pandas as pd

def message_data(sim, peer_id, storage_name):
    store = sim.peers[peer_id].storage[storage_name].txs
    for msg_id, tx in store.items():
        client_id, msg_num = msg_id.split('_')
        client_tx = sim.peers[int(client_id)].storage[storage_name].txs[msg_id]
        yield (int(msg_num), tx.data == client_tx.data)
        
def get_gossip_table(sim, storage_name, func):
    return pd.DataFrame({k: dict(func(sim, k, storage_name)) 
                         for k in set(sim.types_peers['peer'])}).sort_index()

    
df = get_gossip_table(sim, 'msg_data', message_data)
df


Unnamed: 0,1,2,3,4,5,6,7,8,9,10,...,15,16,17,18,19,20,21,22,24,25
1,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
2,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
3,True,True,True,False,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
4,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
5,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
6,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
7,False,True,True,False,,True,True,True,True,True,...,True,True,True,True,True,False,,,True,True
8,True,True,True,True,True,True,True,True,True,False,...,True,True,True,True,True,True,True,False,True,True
9,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
10,True,True,True,True,True,True,True,True,True,True,...,False,True,True,True,True,True,True,True,True,True


In [17]:
df[df==False].count()

1     1
2     0
3     0
4     3
5     0
6     0
7     0
8     0
9     0
10    1
11    0
12    0
13    1
14    0
15    1
16    0
17    0
18    0
19    0
20    1
21    0
22    1
24    0
25    0
dtype: int64

2. Change the parameter "frac_malicious_nodes" to 0.03

In [18]:
# Initialize the experiment:
from itertools import groupby
from random import sample
from p2psimpy.messages import GossipMessage
from p2psimpy.messages import *
from p2psimpy.consts import TEMPERED
from p2psimpy.consts import TEMPERED
from p2psimpy.config import Config, Func, Dist
import networkx as nx
import p2psimpy as p2p
import warnings
warnings.filterwarnings('ignore')

# Load the previous experiment configurations
exper = p2p.BaseSimulation.load_experiment(expr_dir='crash_gossip')
Locations, topology, peer_services, serv_impl = exper

frac_malicious_nodes = 0.03


def assign_malicious_peers(topology, mal_frac):
    type_dict = nx.get_node_attributes(topology, 'type')
    inv_type_dict = {k: {j for j, _ in list(v)}
                                for k, v in groupby(type_dict.items(), lambda x: x[1])}
    mal_nodes = sample(list(inv_type_dict['peer']), 
                       int(frac_malicious_nodes * len(inv_type_dict['peer'])))
    for b in mal_nodes:
        type_dict[b] = 'malicious'
        
    nx.set_node_attributes(topology, type_dict, 'type')
    
assign_malicious_peers(topology, frac_malicious_nodes)


class MaliciousGossipService(p2p.GossipService):
    
    def handle_message(self, msg):
        # Store the original message localy 
        self.peer.store('msg_time', msg.id, self.peer.env.now)
        self.peer.store('msg_data', msg.id, msg.data)

        if msg.ttl > 0:
            # Rely message further, modify the message
            exclude_peers = {msg.sender} | self.exclude_peers
            
            # Send the original message to one half of the network, 
            selected = self.peer.gossip(GossipMessage(self.peer, msg.id, msg.data, msg.ttl-1,
                                                      pre_task=msg.pre_task, post_task=msg.post_task), 
                                        self.fanout//2, 
                                        except_peers=exclude_peers, 
                                        except_type=self.exclude_types)
            # Change the message and send it to the other half
            new_data = TEMPERED
            exclude_peers = exclude_peers | set(selected)
            self.peer.gossip(GossipMessage(self.peer, msg.id, new_data, msg.ttl-1, 
                                           pre_task=msg.pre_task, post_task=msg.post_task), 
                             self.fanout//2, 
                             except_peers=exclude_peers, 
                             except_type=self.exclude_types)

gossip_config = peer_services['peer'].service_map['RangedPullGossipService']
serv_impl['RangedPullGossipService'] = p2p.GossipService

peer_services['malicious'] = p2p.PeerType(peer_services['peer'].config,
                                      {p2p.BaseConnectionManager:None,
                                       MaliciousGossipService: gossip_config}
                                     )

# Init Graph
sim = p2p.BaseSimulation(Locations, topology, peer_services, serv_impl)
sim.run(3_200)

import pandas as pd

def message_data(sim, peer_id, storage_name):
    store = sim.peers[peer_id].storage[storage_name].txs
    for msg_id, tx in store.items():
        client_id, msg_num = msg_id.split('_')
        client_tx = sim.peers[int(client_id)].storage[storage_name].txs[msg_id]
        yield (int(msg_num), tx.data == client_tx.data)
        
def get_gossip_table(sim, storage_name, func):
    return pd.DataFrame({k: dict(func(sim, k, storage_name)) 
                         for k in set(sim.types_peers['peer'])}).sort_index()

    
df = get_gossip_table(sim, 'msg_data', message_data)
df


Unnamed: 0,1,2,3,4,5,6,7,8,9,10,...,16,17,18,19,20,21,22,23,24,25
1,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
2,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
3,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
4,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
5,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
6,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
7,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,,True,True,True,True
8,True,True,,True,True,True,True,,True,True,...,True,True,True,True,True,True,True,True,True,
9,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,True,True,True
10,True,True,True,True,True,True,True,True,True,True,...,True,True,True,True,True,True,True,,True,True


In [19]:
df[df==False].count()

1     0
2     0
3     0
4     0
5     0
6     0
7     0
8     0
9     0
10    0
11    0
12    0
13    0
14    0
15    0
16    0
17    0
18    0
19    0
20    0
21    0
22    0
23    0
24    0
25    0
dtype: int64

### Findings: Under current simulation settings (25 peers), the maximum number of malicious nodes a protocol can tolerate is 3% of total nodes.

## Exercise 2: Simulate eclipse attack.

- Here, instead of using "frac_malicious_nodes" to set some fraction of malicious nodes, we choose a honest peer with "honest_peer_id" parameter, and set it all neighbors with "malicious" type.

1. Load experiment from previous notebook.

In [33]:
# Initialize the experiment:
from itertools import groupby
from random import sample
from p2psimpy.messages import GossipMessage
from p2psimpy.messages import *
from p2psimpy.consts import TEMPERED
from p2psimpy.consts import TEMPERED
from p2psimpy.config import Config, Func, Dist
import networkx as nx
import p2psimpy as p2p
import warnings
warnings.filterwarnings('ignore')

# Load the previous experiment configurations
exper = p2p.BaseSimulation.load_experiment(expr_dir='crash_gossip')
Locations, topology, peer_services, serv_impl = exper

2. Get the node type information.

In [34]:
nx.get_node_attributes(topology, 'type')

{1: 'peer',
 2: 'peer',
 3: 'peer',
 4: 'peer',
 5: 'peer',
 6: 'peer',
 7: 'peer',
 8: 'peer',
 9: 'peer',
 10: 'peer',
 11: 'peer',
 12: 'peer',
 13: 'peer',
 14: 'peer',
 15: 'peer',
 16: 'peer',
 17: 'peer',
 18: 'peer',
 19: 'peer',
 20: 'peer',
 21: 'peer',
 22: 'peer',
 23: 'peer',
 24: 'peer',
 25: 'peer',
 26: 'client'}

3. Now we use "honest_peer_id" to set a honest node (in this example No.15), and set all it's neighbor nodes with "malicious" type.

In [167]:
honest_peer_id = 15

def assign_malicious_peers(topology, id):
    type_dict_1 = nx.get_node_attributes(topology, 'type')

    for c in topology.neighbors(id):
        if type_dict_1[c] == "peer":
            type_dict_1[c] = 'malicious'
        
    nx.set_node_attributes(topology, type_dict_1, 'type')
    
assign_malicious_peers(topology, honest_peer_id)

In [168]:
nx.get_node_attributes(topology, 'type')

{1: 'malicious',
 2: 'malicious',
 3: 'malicious',
 4: 'peer',
 5: 'malicious',
 6: 'peer',
 7: 'peer',
 8: 'malicious',
 9: 'malicious',
 10: 'peer',
 11: 'malicious',
 12: 'malicious',
 13: 'peer',
 14: 'malicious',
 15: 'malicious',
 16: 'malicious',
 17: 'malicious',
 18: 'malicious',
 19: 'malicious',
 20: 'peer',
 21: 'peer',
 22: 'malicious',
 23: 'malicious',
 24: 'malicious',
 25: 'peer',
 26: 'client'}

4. Load the MaliciousGossipService and run the simulation.

In [169]:
class MaliciousGossipService(p2p.GossipService):
    
    def handle_message(self, msg):
        # Store the original message localy 
        self.peer.store('msg_time', msg.id, self.peer.env.now)
        self.peer.store('msg_data', msg.id, msg.data)

        if msg.ttl > 0:
            # Rely message further, modify the message
            exclude_peers = {msg.sender} | self.exclude_peers
            
            # Send the original message to one half of the network, 
            selected = self.peer.gossip(GossipMessage(self.peer, msg.id, msg.data, msg.ttl-1,
                                                      pre_task=msg.pre_task, post_task=msg.post_task), 
                                        self.fanout//2, 
                                        except_peers=exclude_peers, 
                                        except_type=self.exclude_types)
            # Change the message and send it to the other half
            new_data = TEMPERED
            exclude_peers = exclude_peers | set(selected)
            self.peer.gossip(GossipMessage(self.peer, msg.id, new_data, msg.ttl-1, 
                                           pre_task=msg.pre_task, post_task=msg.post_task), 
                             self.fanout//2, 
                             except_peers=exclude_peers, 
                             except_type=self.exclude_types)

gossip_config = peer_services['peer'].service_map['RangedPullGossipService']
serv_impl['RangedPullGossipService'] = p2p.GossipService
peer_services['malicious'] = p2p.PeerType(peer_services['peer'].config,
                                      {p2p.BaseConnectionManager:None,
                                       MaliciousGossipService: gossip_config}
                                     )

############################################################################
# Simulating digital signatures
conf = peer_services['client'].service_map['MessageProducer']


def validate_task(msg, peer):
    gen_dist = Dist('norm', (1, 0.2)) # time it takes to verify the message

    yield peer.env.timeout(gen_dist.get())
    if msg.data == TEMPERED:
        # You can decide what to do in this case.
        return False
    return True


class MsgConfig(Config):
    pre_task = Func(validate_task)
    init_ttl = conf.init_ttl if conf else 3
    
    
peer_services['client'].service_map['MessageProducer'] = MsgConfig
###############################################################################

# Init Graph
sim_new = p2p.BaseSimulation(Locations, topology, peer_services, serv_impl)
sim_new.run(3_200)

import pandas as pd

def message_data(sim, peer_id, storage_name):
    store = sim.peers[peer_id].storage[storage_name].txs
    for msg_id, tx in store.items():
        client_id, msg_num = msg_id.split('_')
        client_tx = sim.peers[int(client_id)].storage[storage_name].txs[msg_id]
        yield (int(msg_num), tx.data == client_tx.data)
        
def get_gossip_table(sim, storage_name, func):
    return pd.DataFrame({k: dict(func(sim, k, storage_name)) 
                         for k in set(sim.types_peers['peer'])}).sort_index()

    
df = get_gossip_table(sim_new, 'msg_data', message_data)
df

Unnamed: 0,4,6,7,10,13,20,21,25
1,True,True,True,True,True,True,True,True
2,,True,,True,True,True,,
3,True,True,True,True,True,True,,
4,True,True,True,True,True,True,True,True
5,True,,True,True,,,,True
6,,,,,True,,True,
7,True,True,True,,True,True,,
8,True,True,,True,,,True,True
9,True,,True,True,True,True,,True
10,True,,True,True,,True,,


5. Next, we specifically changed the MaliciousGossipService, make sure that the malicious node will only send "tempered" data to all nodes. 

In [170]:
# Initialize the experiment:
from itertools import groupby
from random import sample
from p2psimpy.messages import GossipMessage
from p2psimpy.messages import *
from p2psimpy.consts import TEMPERED
from p2psimpy.consts import TEMPERED
from p2psimpy.config import Config, Func, Dist
import networkx as nx
import p2psimpy as p2p
import warnings
warnings.filterwarnings('ignore')

# Load the previous experiment configurations
exper = p2p.BaseSimulation.load_experiment(expr_dir='crash_gossip')
Locations, topology, peer_services, serv_impl = exper

honest_peer_id = 15

def assign_malicious_peers(topology, id):
    type_dict_1 = nx.get_node_attributes(topology, 'type')

    for c in topology.neighbors(id):
        if type_dict_1[c] == "peer":
            type_dict_1[c] = 'malicious'
        
    nx.set_node_attributes(topology, type_dict_1, 'type')
    
assign_malicious_peers(topology, honest_peer_id)

class MaliciousGossipService(p2p.GossipService):
    
    def handle_message(self, msg):
        # Store the original message localy 
        self.peer.store('msg_time', msg.id, self.peer.env.now)
        self.peer.store('msg_data', msg.id, msg.data)

        if msg.ttl > 0:
            # Rely message further, modify the message
            exclude_peers = {msg.sender} | self.exclude_peers
            
#             # Send the original message to one half of the network, 
#             selected = self.peer.gossip(GossipMessage(self.peer, msg.id, msg.data, msg.ttl-1,
#                                                       pre_task=msg.pre_task, post_task=msg.post_task), 
#                                         self.fanout//2, 
#                                         except_peers=exclude_peers, 
#                                         except_type=self.exclude_types)
            # Change the message and send it to the other half
            new_data = TEMPERED
            exclude_peers = exclude_peers
            self.peer.gossip(GossipMessage(self.peer, msg.id, new_data, msg.ttl-1, 
                                           pre_task=msg.pre_task, post_task=msg.post_task), 
                             self.fanout, 
                             except_peers=exclude_peers, 
                             except_type=self.exclude_types)

gossip_config = peer_services['peer'].service_map['RangedPullGossipService']
serv_impl['RangedPullGossipService'] = p2p.GossipService
peer_services['malicious'] = p2p.PeerType(peer_services['peer'].config,
                                      {p2p.BaseConnectionManager:None,
                                       MaliciousGossipService: gossip_config}
                                     )

############################################################################
# Simulating digital signatures
conf = peer_services['client'].service_map['MessageProducer']


def validate_task(msg, peer):
    gen_dist = Dist('norm', (1, 0.2)) # time it takes to verify the message

    yield peer.env.timeout(gen_dist.get())
    if msg.data == TEMPERED:
        # You can decide what to do in this case.
        return False
    return True


class MsgConfig(Config):
    pre_task = Func(validate_task)
    init_ttl = conf.init_ttl if conf else 3
    
    
peer_services['client'].service_map['MessageProducer'] = MsgConfig
###############################################################################

# Init Graph
sim_new = p2p.BaseSimulation(Locations, topology, peer_services, serv_impl)
sim_new.run(3_200)

import pandas as pd

def message_data(sim, peer_id, storage_name):
    store = sim.peers[peer_id].storage[storage_name].txs
    for msg_id, tx in store.items():
        client_id, msg_num = msg_id.split('_')
        client_tx = sim.peers[int(client_id)].storage[storage_name].txs[msg_id]
        yield (int(msg_num), tx.data == client_tx.data)
        
def get_gossip_table(sim, storage_name, func):
    return pd.DataFrame({k: dict(func(sim, k, storage_name)) 
                         for k in set(sim.types_peers['peer'])}).sort_index()

    
df = get_gossip_table(sim_new, 'msg_data', message_data)
df

Unnamed: 0,4,6,7,8,10,11,13,14,15,16,19,20,21,22,25
1,True,True,True,True,,True,True,,,True,True,True,,,True
2,True,True,True,,,True,True,True,,,True,,,True,True
3,True,True,True,True,True,True,True,True,,True,True,True,,True,True
4,,True,True,,True,True,True,,,True,,,,True,
5,,True,,,True,,,,,,True,True,,,
6,,True,True,,,True,,True,,True,True,,True,,True
7,True,True,True,,,True,True,True,,,True,,,True,True
8,,True,,,,True,True,,,,True,,,,
9,,,True,,,True,,True,,,,,,True,
10,True,True,True,,,True,,True,,True,,True,True,True,True


### Conclusion: 
- As we can see from the above table, honest_peer_id =15 didn't get any (true) message. 
- Similarly, we can simulate the eclipse attack on any peer node, expect for those peers directly connect to the cliet.
(No. 1 5 6 7 9 11 13 14 19 22 24 in our topology)