status-im
/
nimbus-eth2
mirror of https://github.com/status-im/nimbus-eth2.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Don't penalize flooding peers; Just rate limit them

This commit is contained in:
Zahary Karadjov 2020-10-13 15:37:25 +03:00 committed by zah
parent 4d66914f5a
commit e69af00e3a
3 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
beacon_chain/eth2_network.nim
View File

@ -380,7 +380,6 @@ const
maxRequestQuota = 1000000.0 maxRequestQuota = 1000000.0
fullReplenishTime = 5.seconds fullReplenishTime = 5.seconds
replenishRate = (maxRequestQuota / fullReplenishTime.nanoseconds.float) replenishRate = (maxRequestQuota / fullReplenishTime.nanoseconds.float)
requestFloodingThreshold = -500000.0
proc updateRequestQuota*(peer: Peer, reqCost: float) = proc updateRequestQuota*(peer: Peer, reqCost: float) =
let let
@ -391,9 +390,10 @@ proc updateRequestQuota*(peer: Peer, reqCost: float) =
peer.lastReqTime = currentTime peer.lastReqTime = currentTime
peer.requestQuota = min(replenishedQuota, maxRequestQuota) - reqCost peer.requestQuota = min(replenishedQuota, maxRequestQuota) - reqCost
if peer.requestQuota < requestFloodingThreshold: template awaitNonNegativeRequestQuota*(peer: Peer) =
peer.updateScore(PeerScoreFlooder) let quota = peer.requestQuota
peer.requestQuota = 0.0 if quota < 0:
await sleepAsync(nanoseconds(int((-quota) / replenishRate)))
func allowedOpsPerSecondCost*(n: int): float = func allowedOpsPerSecondCost*(n: int): float =
(replenishRate * 1000000000'f / n.float) (replenishRate * 1000000000'f / n.float)

1
beacon_chain/keystore_management.nim
View File

@ -568,6 +568,7 @@ proc pickPasswordAndSaveWallet(rng: var BrHmacDrbgContext,
echoP "For your convenience, the wallet can be identified with a name " & echoP "For your convenience, the wallet can be identified with a name " &
"of your choice. Please enter a wallet name below or press ENTER " & "of your choice. Please enter a wallet name below or press ENTER " &
"to continue with a machine-generated name." "to continue with a machine-generated name."
echo ""
while true: while true:
var enteredName = ask "Wallet name" var enteredName = ask "Wallet name"

6
beacon_chain/sync_protocol.nim
View File

@ -158,6 +158,7 @@ p2pProtocol BeaconSync(version = 1,
peer.updateRequestQuota( peer.updateRequestQuota(
blockByRangeLookupCost + blockByRangeLookupCost +
max(0, endIndex - startIndex + 1).float * blockResponseCost) max(0, endIndex - startIndex + 1).float * blockResponseCost)
peer.awaitNonNegativeRequestQuota()
for i in startIndex..endIndex: for i in startIndex..endIndex:
doAssert not blocks[i].isNil, "getBlockRange should return non-nil blocks only" doAssert not blocks[i].isNil, "getBlockRange should return non-nil blocks only"
@ -168,7 +169,7 @@ p2pProtocol BeaconSync(version = 1,
debug "Block range request done", debug "Block range request done",
peer, startSlot, count, reqStep, found = count - startIndex peer, startSlot, count, reqStep, found = count - startIndex
else: else:
raise newException(InvalidInputsError, "Potential DoS attack: empty blocksByRange") raise newException(InvalidInputsError, "Empty range requested")
proc beaconBlocksByRoot( proc beaconBlocksByRoot(
peer: Peer, peer: Peer,
@ -178,13 +179,14 @@ p2pProtocol BeaconSync(version = 1,
response: MultipleChunksResponse[SignedBeaconBlock]) response: MultipleChunksResponse[SignedBeaconBlock])
{.async, libp2pProtocol("beacon_blocks_by_root", 1).} = {.async, libp2pProtocol("beacon_blocks_by_root", 1).} =
if blockRoots.len == 0: if blockRoots.len == 0:
raise newException(InvalidInputsError, "Potential DoS attack: empty blocksByRoot") raise newException(InvalidInputsError, "No blocks requested")
let let
chainDag = peer.networkState.chainDag chainDag = peer.networkState.chainDag
count = blockRoots.len count = blockRoots.len
peer.updateRequestQuota(count.float * blockByRootLookupCost) peer.updateRequestQuota(count.float * blockByRootLookupCost)
peer.awaitNonNegativeRequestQuota()
var found = 0 var found = 0
for i in 0..<count: for i in 0..<count: