-
Notifications
You must be signed in to change notification settings - Fork 36.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net: Remove -whitelistrelay #15984
net: Remove -whitelistrelay #15984
Conversation
This change would make it impossible to have a node that processes no unconfirmed transactions for security/resource usage purposes, but which still has peers which are whitelisted for the purpose of bypassing anti-DOS/resource-limits to increase reliability... which should be a standard config for a border node in front of a service that doesn't need unconfirmed transactions. This is a case where we're suffering from white-listing being overloaded to mean multiple things. Is there actually a use case for accepting transactions when we're otherwise configured to not accept transactions at all? Regardless, I think this is going in the wrong direction: we should be narrowing the definition of whitelisting so that users can make more use of it, not widening it so that they can't. |
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
There has been a long history around whitelisting and relay, I don't think this should be removed, or at least needs much more discussion:
|
Needs rebase |
…sonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see #9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also #15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…sonly 6d76dce [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see #9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin/bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
…o blocksonly 20ea9ef [doc] mention whitelist is inbound, and applies to blocksonly (Sjors Provoost) Pull request description: * `-whitelist` only impacts inbound nodes (see bitcoin#9923). This is obvious in the context of allowing those nodes to connect to you, but there are additional whitelist features where this is less obvious, such as mempool relay behavior. * `whitelistrelay` (on by default) explains that `-blocksonly` makes an exception for transactions from whitelisted nodes, but it wasn't documented (nor obvious imo) the other way around. See also bitcoin#15984 (comment) Top commit has no ACKs. Tree-SHA512: 03e363a5da5d81ad147d1c7e38bf11114df8bb89bdd66fb551520b25f810efa886ec6e649d3b435c4935e0ae4f39bb718bc7bb5778b9de6aa0b71e970a431af8
This removes an option that has no documented use case.
The option is on by default and can either be disabled directly or by setting
-blocksonly
(an undocumented debug option). Instead of disabling-whitelistrelay
to not accept txs from whitelisted peers, the user shouldn't whitelist peers in the first place.