8000 Implement peer banning based on `ResponseCheckTx` · Issue #623 · cometbft/cometbft · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Implement peer banning based on ResponseCheckTx #623

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
2 tasks
Tracked by #65
jmalicevic opened this issue Mar 30, 2023 · 0 comments
Open
2 tasks
Tracked by #65

Implement peer banning based on ResponseCheckTx #623

jmalicevic opened this issue Mar 30, 2023 · 0 comments
Labels
abci Application blockchain interface enhancement New feature or request mempool p2p security tracking A complex issue broken down into sub-problems

Comments

@jmalicevic
Copy link
Contributor
jmalicevic commented Mar 30, 2023
edited
Loading

Feature Request

Ban peers that send transactions that could never have been valid (due to misconfiguration of the peer for example).

Summary

ResponseCheckTx should be extended with a txNeverValid field that allows the application to inform CometBFT that the transaction could never have been valid. If CometBFT receives this code, it will disconnect from and ban the peer that sent this transaction.

Problem Definition

This issue is the result of RFC101.

The main motivation for the implementation of this feature is to prevent a node being spammed with transactions that could never be valid. As whether a transaction could never have been valid, is application specific, we allow the application to inform us via a special code.

Implementing this can increase the vulnerability of a node in case of a bug with the CheckTx call that would ban all peers. For more details, please read the RFC and the discussion around it.

Proposal

After users raised potential security issues that could be resolved by having this features, and operators foreseeing much quicker debugging of issues that could cause gossip of transactions that are never valid, we decided to implement this feature.

However, as the the p2p specification is still in development, and we are not able to clearly foresee the potential effects of peer banning on overall network connectivity, we will implement this feature in two phases:

  • abci: Add txNeverValid field to ResponseCheckTx and output error #624
    Add another field to CheckTx signalling that a transaction could never have been valid. CometBFT will output a special log message (containing information on the sending peer) in case this flag is set, thus allowing operators to quickly discover potentially faulty nodes. We should decide, whether we want to forward this log message to the sending peer itself.
  • Phase 2: In addition to outputting a log message, ban the sending peer and disconnect from him.
@jmalicevic jmalicevic added enhancement New feature or request abci Application blockchain interface mempool p2p tracking A complex issue broken down into sub-problems needs-triage This issue/PR has not yet been triaged by the team. labels Mar 30, 2023
@jmalicevic jmalicevic mentioned this issue Mar 30, 2023
Open
9 tasks
@hdevalence hdevalence mentioned this issue Mar 31, 2023
Closed
@thanethomson thanethomson added security and removed needs-triage This issue/PR has not yet been triaged by the team. labels Apr 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
abci Application blockchain interface enhancement New feature or request mempool p2p security tracking A complex issue broken down into sub-problems
Projects
No open projects
CometBFT 2023
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thanethomson @jmalicevic
0