Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
In (strCommand == "tx"), return if AlreadyHave() #6588
A live DoS attack observed by several nodes in recent days involved repeated rejection of duplicate transactions.
Add a call to AlreadyHave when an unsolicited full tx is received, as was the case in the observed attack. AlreadyHave uses the recentRejects filter.
I tested this change on mainnet while the actual attack was still underway.
The recentRejects filter is cleared when the tip is updated, so nothing stops attacker from re-transmitting a load of rejectable txes after a new block, and in fact our attacker was doing this. But the duplicates are stopped between blocks and the attack could get arbitrarily heavy if multiple attacking peers were involved.
The main effect is to exit processing for recently-rejected hashes, in case they are pushed to us without prior advertisement. This behavior was seen in the wild. An additional effect is to do early checks for mempool or mapOrphan existence. No logging or nDoS tracking is needed for failures of these checks.