Skip to content
This repository has been archived by the owner on Jun 11, 2024. It is now read-only.

Avoid low broadhash consensus attacks in partial mesh network #3969

Closed
ishantiw opened this issue Jul 16, 2019 · 0 comments
Closed

Avoid low broadhash consensus attacks in partial mesh network #3969

ishantiw opened this issue Jul 16, 2019 · 0 comments
Assignees
@diego-G
Labels
elements/P2P
Milestone
Sprint 4

Comments

@ishantiw
Copy link
Contributor

Expected behavior

Broadhash consensus should be greater than 50% for forging a block.

Actual behavior

Since in partial view of the network, a node can have a max of 20 outbound connections and 100 inbound connections. We take these peers (120 peers in total) into account to calculate broadhash consensus, there is a possibility that an attacker can start many malicious nodes and connect to a particular node in the network and manipulate its broadhash consensus. The worse case will be if the attacker knows the IP of any delegate then it can manipulate the broadhash consensus of that delegate by creating a lot of incoming connections and make him miss its slot to forge.

We can avoid it by only trusting the outbound connections and only use them for calculating broadhash consensus. Also, with a low(10 connections) outbound connection, there is a possibility that a node is connected to more than 10 malicious nodes that can also change its broadhash consensus. So we can use 40 or 50 outbound connections that will be big enough to avoid this kind of attack.

Steps to reproduce

Start a large number of nodes and connect to a node in the network.

Which version(s) does this affect? (Environment, OS, etc...)

v2.3
@jondubois jondubois added this to the P2P resilience milestone Jul 17, 2019
@shuse2 shuse2 removed this from the P2P resilience milestone Jul 17, 2019
@diego-G diego-G self-assigned this Jul 23, 2019
@shuse2 shuse2 assigned ishantiw and unassigned diego-G Aug 1, 2019
@diego-G diego-G assigned diego-G and unassigned ishantiw Aug 5, 2019
@sridharmeganathan sridharmeganathan added this to the Sprint 4 milestone Aug 7, 2019
@diego-G diego-G assigned ishantiw and unassigned diego-G Aug 9, 2019
@sridharmeganathan sridharmeganathan modified the milestones: Sprint 4, Sprint 5 Aug 21, 2019
@diego-G diego-G assigned diego-G and unassigned ishantiw Aug 22, 2019
@diego-G diego-G mentioned this issue Aug 23, 2019
Merged
5 tasks
shuse2 added a commit that referenced this issue Aug 26, 2019
@shuse2
Merge pull request #4134 from LiskHQ/3969-consensus_from_outbound_pee…
e96d66a 
…rs_only

Calculate consensus only from outbound connected peers - Closes #3969
@shuse2 shuse2 closed this as completed Aug 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@diego-G diego-G

Labels
elements/P2P
Projects
None yet
Milestone
Sprint 4
Development

No branches or pull requests
5 participants
@jondubois @diego-G @shuse2 @ishantiw @sridharmeganathan