Don't penalize flooding peers; Just rate limit them

2020-10-13 15:37:25 +03:00 · 2020-10-13 15:37:25 +03:00 · e69af00e3a
parent 4d66914f5a
commit e69af00e3a
3 changed files with 9 additions and 6 deletions
--- a/beacon_chain/eth2_network.nim
+++ b/beacon_chain/eth2_network.nim
@ -380,7 +380,6 @@ const
  maxRequestQuota = 1000000.0
  fullReplenishTime = 5.seconds
  replenishRate = (maxRequestQuota / fullReplenishTime.nanoseconds.float)
-  requestFloodingThreshold = -500000.0

 proc updateRequestQuota*(peer: Peer, reqCost: float) =
  let
@ -391,9 +390,10 @@ proc updateRequestQuota*(peer: Peer, reqCost: float) =
  peer.lastReqTime = currentTime
  peer.requestQuota = min(replenishedQuota, maxRequestQuota) - reqCost

-  if peer.requestQuota < requestFloodingThreshold:
-    peer.updateScore(PeerScoreFlooder)
-    peer.requestQuota = 0.0
+template awaitNonNegativeRequestQuota*(peer: Peer) =
+  let quota = peer.requestQuota
+  if quota < 0:
+    await sleepAsync(nanoseconds(int((-quota) / replenishRate)))

 func allowedOpsPerSecondCost*(n: int): float =
  (replenishRate * 1000000000'f / n.float)
--- a/beacon_chain/keystore_management.nim
+++ b/beacon_chain/keystore_management.nim
@ -568,6 +568,7 @@ proc pickPasswordAndSaveWallet(rng: var BrHmacDrbgContext,
    echoP "For your convenience, the wallet can be identified with a name " &
          "of your choice. Please enter a wallet name below or press ENTER " &
          "to continue with a machine-generated name."
+    echo ""

    while true:
      var enteredName = ask "Wallet name"
--- a/beacon_chain/sync_protocol.nim
+++ b/beacon_chain/sync_protocol.nim
@ -158,6 +158,7 @@ p2pProtocol BeaconSync(version = 1,
      peer.updateRequestQuota(
        blockByRangeLookupCost +
        max(0, endIndex - startIndex + 1).float * blockResponseCost)
+      peer.awaitNonNegativeRequestQuota()

      for i in startIndex..endIndex:
        doAssert not blocks[i].isNil, "getBlockRange should return non-nil blocks only"
@ -168,7 +169,7 @@ p2pProtocol BeaconSync(version = 1,
      debug "Block range request done",
        peer, startSlot, count, reqStep, found = count - startIndex
    else:
-      raise newException(InvalidInputsError, "Potential DoS attack: empty blocksByRange")
+      raise newException(InvalidInputsError, "Empty range requested")

  proc beaconBlocksByRoot(
      peer: Peer,
@ -178,13 +179,14 @@ p2pProtocol BeaconSync(version = 1,
      response: MultipleChunksResponse[SignedBeaconBlock])
      {.async, libp2pProtocol("beacon_blocks_by_root", 1).} =
    if blockRoots.len == 0:
-      raise newException(InvalidInputsError, "Potential DoS attack: empty blocksByRoot")
+      raise newException(InvalidInputsError, "No blocks requested")

    let
      chainDag = peer.networkState.chainDag
      count = blockRoots.len

    peer.updateRequestQuota(count.float * blockByRootLookupCost)
+    peer.awaitNonNegativeRequestQuota()

    var found = 0
    for i in 0..<count: