Does cabal have any sort of flooding resistance?

[cblgh]

from bashrc in the public cabal:

I was wondering if this is vulnerable to the same failure modes as irc. In irc without any logins to a central server the adversary can create a million accounts and have them all pump out garbage as a denial of service. Some of that was documented in the Snowden leaks.

i answered:

not really, flooding is hard to disambiguate for p2p distributed systems  
what's the diff between someone flooding and someone coming online after a lengthy (but message-producing) internet absence  
the resistance would be moderation actions as applied to flooders  
other approaches could also temporarily restrict connections to only known ids (to prevent e.g. raids)

[ghost]

The way this is handled in irc is only allowing registered users to connect until the attack subsides. We could do something similar with the network patches in #96 / cabal-club/cabal-client#61

[makoConstruct]

Previous thoughts on this: cabal-club/commons#22

Basically: Invite-only channels, invite links, and keeping records of who invited who.

what's the diff between someone flooding and someone coming online after a lengthy (but message-producing) internet absence

I guess it would be the timestamps on the messages, right? The messages wont be annoying (they wont be seen) unless they're all recent.

temporarily restrict connections to only known ids (to prevent e.g. raids)

Will it be possible to add new ids manually while in lockdown? Wouldn't that constitute an invite system? Once started, when would you expect one of these attacks to end? The attacks would be especially cheap to automate, given that all they need to do to be annoying is send enough messages to shout over the humans.

I don't know much about the transport protocol you're using, presumably you can start IP-banning if it gets that bad, but it would be preferable to not be reliant on a transport protocol with a limited, identifying addresses, wouldn't it?