From 7d320ac87ab1166003ee8e6a73c5c35fab46fc7f Mon Sep 17 00:00:00 2001
From: vyzo <vyzo@hackzen.org>
Date: Sat, 16 May 2020 13:05:26 +0300
Subject: [PATCH] only allow GRAFT from outbound peers when we are at or over
 Dhi

---
 gossipsub.go | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/gossipsub.go b/gossipsub.go
index 2ef7b64..75be76e 100644
--- a/gossipsub.go
+++ b/gossipsub.go
@@ -587,6 +587,15 @@ func (gs *GossipSubRouter) handleGraft(p peer.ID, ctl *pb.ControlMessage) []*pb.
 			continue
 		}
 
+		// check the number of mesh peers; if it is at (or over) Dhi, we only accept grafts
+		// from peers with outbound connections; this is a defensive check to restrict potential
+		// mesh takeover attacks combined with love bombing
+		if len(peers) >= gs.Dhi && !gs.isOutboundConnection(p) {
+			prune = append(prune, topic)
+			gs.addBackoff(p, topic)
+			continue
+		}
+
 		log.Debugf("GRAFT: add mesh link from %s in %s", p, topic)
 		gs.tracer.Graft(p, topic)
 		peers[p] = struct{}{}
@@ -640,6 +649,17 @@ func (gs *GossipSubRouter) handlePrune(p peer.ID, ctl *pb.ControlMessage) {
 	}
 }
 
+func (gs *GossipSubRouter) isOutboundConnection(p peer.ID) bool {
+	conns := gs.p.host.Network().ConnsToPeer(p)
+	for _, c := range conns {
+		if c.Stat().Direction == network.DirOutbound {
+			return true
+		}
+	}
+
+	return false
+}
+
 func (gs *GossipSubRouter) addBackoff(p peer.ID, topic string) {
 	gs.doAddBackoff(p, topic, GossipSubPruneBackoff)
 }