Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[net] Don't use third-party "what is my IP" services. #81

Closed
wants to merge 1 commit into from

Conversation

Projects
None yet
2 participants
@wtogami
Copy link
Member

commented Oct 26, 2013

Backport from Bitcoin's bitcoin#3088

This patch eliminates the privacy and reliability problematic use
of centralized web services for discovering the node's addresses
for advertisement.

The Bitcoin protocol already allows your peers to tell you what
IP they think you have, but this data isn't trustworthy since
they could lie. So the challenge is using it without creating a
DOS vector.

To accomplish this we adopt an approach similar to the one used
by P2Pool: If we're announcing and don't have a better address
discovered (e.g. via UPNP) or configured we just announce to
each peer the address that peer told us. Since peers could
already replace, forge, or drop our address messages this cannot
create a new vulnerability... but if even one of our peers is
giving us a good address we'll eventually make a useful
advertisement.

Rebased-from: a851bf8
Rebased-by: Warren Togami wtogami@gmail.com

Test Plan
Add debug prints to prove that advertisements are happening as we expect.

@@ -24,6 +24,12 @@
CBlockIndex* GetLastCheckpoint(const std::map<uint256, CBlockIndex*>& mapBlockIndex);

double GuessVerificationProgress(CBlockIndex *pindex);

extern bool fEnabled;

This comment has been minimized.

Copy link
@wtogami

wtogami Nov 11, 2013

Author Member

Erroneously added. Remove it.

@wtogami

This comment has been minimized.

Copy link
Member Author

commented Nov 11, 2013

Rebased, removed erroneous line from src/checkpoints.h

[net] Don't use third-party "what is my IP" services.
This patch eliminates the privacy and reliability problematic use
of centralized web services for discovering the node's addresses
for advertisement.

The Bitcoin protocol already allows your peers to tell you what
IP they think you have, but this data isn't trustworthy since
they could lie. So the challenge is using it without creating a
DOS vector.

To accomplish this we adopt an approach similar to the one used
by P2Pool:  If we're announcing and don't have a better address
discovered (e.g. via UPNP) or configured we just announce to
each peer the address that peer told us.  Since peers could
already replace, forge, or drop our address messages this cannot
create a new vulnerability... but if even one of our peers is
giving us a good address we'll eventually make a useful
advertisement.

Rebased-from: a851bf8
Rebased-by:   Warren Togami <wtogami@gmail.com>
@wtogami

This comment has been minimized.

Copy link
Member Author

commented Nov 26, 2013

bitcoin#3088
Possible problem identified in the Bitcoin review. Holding for now.

@wtogami

This comment has been minimized.

Copy link
Member Author

commented Jan 9, 2014

Closing for now while it remains broken upstream.

@wtogami wtogami closed this Jan 9, 2014

@thrasher- thrasher- deleted the exp-0.8.5.1-externalip branch Oct 21, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.