-
Notifications
You must be signed in to change notification settings - Fork 114
p2p blacklisting
In addition to implementation of devp2p in py-evm (now trinity), we constitute the following blacklisting rules:
All blacklisting info is local to the node possessing the information, and will not convey to other nodes in the network. However, blacklisting causes nodes to be removed from routing table, as a result it will be harder for other nodes to discover them.
Blacklisting is applied to IP addresses instead of node identity (IP+PORT+PUBKEY).
- when establishing secure connection with a remote node failed
- exemption: whitelisted node
- exemption: the case of secure connection failing with error message "too many peers", "blacklisted" (*)
- the remote node will be removed from routing table; and will not be added back
- when dialing out, the node will not be picked (1 will also cause the node not being picked when dialing out)
- the blacklist period is 24 hours
- when a remote node dials in and failed to establish a secure connection
- p2p protocol determines the remote peer is misbehaving(**)
- exemption: whitelisted node
- exemption: the case of secure connection failing with error message "too many peers"
- the remote node will be removed from routing table; and will not be added back
- when dialing out, the node will not be picked (1 will also cause the node not being picked when dialing out)
- when receiving dialins, reject the attempt with "blacklisted"
- the blacklist period is 16 hours
(*) an indication of the remote node has dialin-blacklisted us, should not retaliate by blacklisting
(**) currently, close_with_error()
is a good indication
The criteria for dialin blacklisting is more strict than that of dialout, and the punishment is more severe (for a shorter period of time).
Official Website: https://www.quarkchain.io/
Discord Developer Community: https://discord.me/quarkchain