* DOS protection of non relay protocols - rate limit phase3:
- Enhanced TokenBucket to be able to add compensation tokens based on previous usage percentage,
- per peer rate limiter 'PeerRateLimier' applied on waku_filter_v2 with opinionated default of acceptable request rate
- Add traffic metrics to filter message push
- RequestRateLimiter added to combine simple token bucket limiting of request numbers but consider per peer usage over time and prevent some peers to over use the service
(although currently rule violating peers will not be disconnected by this time only their requests will get not served)
- TimedMap utility created (inspired and taken from libp2p TimedCache) which serves as forgiving feature for peers had been overusing the service.
- Added more tests
- Fix rebase issues
- Applied new RequestRateLimiter for store and legacy_store and lightpush
* Incorporate review comments, typos, file/class naming and placement changes.
* Add issue link reference of the original issue with nim-chronos TokenBucket
* Make TimedEntry of TimedMap private and not mixable with similar named in libp2p
* Fix review comments, renamings, const instead of values and more comments.
* bump_dependencies.md: add nim-results dependency
* change imports stew/results to results
* switching to Nim 2.0.8
* waku.nimble: reflect the requirement nim 1.6.0 to 2.0.8
Adding --mm:refc as nim 2.0 enables a new garbage collector that we're
not yet ready to support
* adapt waku code to Nim 2.0
* gcsafe adaptations because Nim 2.0 is more strict
* Separation of node health and initialization state from rln_relay status. Make (only) health endpoint avail early and install others in the last stage of node setup.
* Proper json report from /health, adjusted and fixed test, added convenient script for checking node health
* Stop wakunode2 if configured rest server cannot be started
* Fix wakuRlnRelay protocol existence check
* Fix typo
* Removed unused imports from touched files.
* Added missing /health test for all
* feat: Added simple, configurable rate limit for lightpush and store-query
Adjust lightpush rest response to rate limit, added tests ann some fixes
Add rest store query test for rate limit checks and proper error response
Update apps/wakunode2/external_config.nim
Move chronos/tokenbucket to nwaku codebasee with limited and fixed feature set
Add meterics counter to lightpush rate limits
Co-authored-by: gabrielmer <101006718+gabrielmer@users.noreply.github.com>
* chore: remove deprecated legacy filter protocol
* fix: do not use legacy import in test
* fix: remove legacy test references
* fix: more test fixes, starting filter client
* fix: sigh. more references to remove.
* fix: fix dereferencing error
* fix: fix merge mess up
* fix: sigh. merge tool used tabs.
* fix: more peer manager tests needed fixing
---------
Co-authored-by: Hanno Cornelius <hanno@status.im>
Co-authored-by: Hanno Cornelius <68783915+jm-clius@users.noreply.github.com>
* chore(rln-relay-v2): additional testing
* fix: bump librln to v0.4.2 for v2
* fix: catch possible error from the copyFrom
* ci: rename step title for rln-version
* Add allowOrigin configuration for wakunode and WakuRestServer
Update nim-presto to the latest master that contains middleware support
Rework Rest Server in waku to utilize chronos' and presto's new middleware design and added proper CORS handling.
Added cors tests and fixes
Co-authored-by: Ivan FB <128452529+Ivansete-status@users.noreply.github.com>
A node that handles REST-Store requests normally acts as a
Store-client and therefore it retrieved the messages from another
Store-node.
With these changes, we allow a node with Store mounted, to retrieve
its messages. In other words, the node can act as a Store-server of
its messages.
* test_rest_store.nim: add a new test to validate that the self-node can
retrieve its messages to the REST client.
* rest/store/client.nim: add new proc to allow making a GET store
request without peerAddr.
* rest/store/handle.nim: add logic to handle requests that don't
provide peerAddr but the self/local node has Store mounted. In this case,
the self/local node will retrieve its locally stored messages.
* waku_store/self_req_handler.nim: logic to handle "store" requests
allowing the REST-store node to act as a Store-server node. The
'self_req_handler.nim' helps to bypass the store protocol and directly
retrieve the messages from the local/self node. I added this logic in
a separate file from 'protocol.nim' because it doesn't participate in
any libp2p communication.
* waku_store/protocol.nim: make 'queryHandler' attribute public so that
it can be used from the 'self_req_handler.nim' module.
* Refactor of FilterV2 subscription handling and maintenance with addition subscription time-to-live support.
Fixed all tests and reworked where subscription handling changes needed it.
Adapted REST API /admin filter subscription retrieve to new filter subscription structure.
* Fix tests and PR comments
* Added filter v2 subscription timeout tests and fixed
* Fix review comments and suggestions. No functional change.
* Remove leftover echoes from test_rest_admin
* Fix failed legacy filter tests due to separation of mounting the filters.
* Small fixes, fix naming typo, removed duplicated checks in test
The following vendors have changes but are not being updated for
the reason explained.
nim-web3: not updated because unit tests started to fail and no
straightforward solution found.
nim-toml-serialization: not updated because it introduced a breaking
change on how the --config-file attribute is parsed. The array
attributes now need a comma. For example, the following attribute
from within the config file:
pubsub-topic = [ "/waku/2/default-waku/proto" "/waku/2/testing-store" ]
... should be converted to:
pubsub-topic = [ "/waku/2/default-waku/proto", "/waku/2/testing-store" ]
and we cannot accept that breaking change
This reverts commit dba9820c1f.
We need to revert this commit because
the waku-simulator stopped working. i.e. the nodes couldn't establish
connections among them: 054ba9e33f
Also, the following js-waku test fails due to this commit:
"same cluster, different shard: nodes connect"
* waku_lightpush/protocol.nim: minor changes to make it compile after revert
* on_chain/group_manager: use .async: (raises:[Exception]).
* bump nim-dnsdisc
* update nim-chronos to the latest state
* chat2.nim: catch any possible exception when stopping
* chat2bridge.nim: make it to compile after vendor bump
* ValidIpAddress (deprecated) -> IpAddress
* vendor/nim-libp2p additional bump
* libwaku: adapt to vendor bump
* testlib/wakunode.nim: adapt to vendor bump (ValidIpAddress -> IpAddress)
* waku_node: avoid throwing any exception from stop*(node: WakuNode)
* test_confutils_envvar.nim: ValidIpAddress -> IpAddress
* test_jsonrpc_store: capture exception
* test_rln*: handling exceptions
* adaptation to make test_rln_* to work properly
* signature enhancement of group_manager methods