New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge upstream anti DoS patches #1251
Comments
This is related to #630. The way we bootstrap the network needs to be checked for DoS vulnerabilities. |
For this ticket I'll bring in 6374 and 6636, since they're the only ones relevant to the way our testnet is currently being DoSed. |
Unless someone objects, let's not bother looking at the PRs in #1251 (comment) right now, and let's just let #1258 close this issue. |
I looked at them; some of them are possibly controversial and/or complicated, and definitely should not be in z9. But let's make sure that we keep track of them, since if I were an attacker, the next place I'd look for potential DoS attacks is things that have been fixed in Bitcoin. |
…m-anti-dos, r=daira Pull in some DoS mitigations from upstream Closes #1251. **WARNING: I force pushed**
In our (@bitcartel and I) pairing we determined we should take a second look at 7079, 5843, 6193, 6192, 7106 before 1.0. |
Ping @nathan-at-least to double-check the prioritization of this. |
#1407 and #1411 have been merged, which means we now have the following patches:
This leaves the following from #1251 (comment):
|
See: #1574 |
This ticket should be closed once #1574 lands, even though the nature of the ticket is open-ended. |
#1574 is being bumped to rc3. |
Bumped from 1.0.9. Before merging more from upstream, we need to ensure we understand and follow their own QA standards, and I suspect we will want stricter standards if feasible. |
At the time of writing, testnet is at block 4109 but the alpha node is handing out many peers who continuously advertise a block height of 1337 and are not synced. The result is that genuine nodes receiving these peers are unable to join the network.
Upstream improvements should be identified and where possible merged. For example "Connection slot exhaustion DoS mitigation" bitcoin/bitcoin#6374
The text was updated successfully, but these errors were encountered: