HIP34: Validator Node Security #223
Comments
|
I don't want to make the suggestion, but wonder whether, given the relative ease with which a DDoS attack could be used to increase earnings of unaffected validators, thought is being given to postponing the go-live pending mitigation of the vulnerability? |
I'm curious about your definition of relative ease? I think this HIP proposes a potential attack that would be easier to perform on the consumer grade ISPs that hotspots live on today. |
|
My impression was that, having static ip addresses in hand, an experienced hacker would not have difficulty mounting such an attack. However, as it has literally been decades since I worked in IT network security, and I have never attempted an attack, I should not have used the term "relative ease". Thank you. |
|
I think this is worth investigating and wargaming some possible solutions, particularly ones that could be rolled out quickly. I am interested in committing DeWi funds into bounties for this. If there is anyone reading this that has familiarity with dealing with some mentioned attacks – DDoS, DMCA/CP claims, etc – please get in touch However I don't think this vector is severe enough to merit delaying validator launch, since:
|
|
I don't disagree. The points that you cite are reasonable. I am just a bit surprised (not doubtful), that, if I am understanding correctly, an attack on a pool of what I imagine is >10K hot spots eligible for election to CG would be easier than an attack on the validators, the count of which is an order of magnitude smaller. |
|
I love this idea but I'm not sure if it needs to be a HIP. Additionally, discord & github discussion have quieted down. I would love to issue a grant to fund work like this, though, and the grants committee has expressed interest in seeing proposals like this. @Bx64 @cryptomaniac79 @GP-Colorado any interest in keeping this HIP open or should we move on? |
|
Hi @jamiew, we have attempted to reach out to developers to get a first prototype going but were unable to get people to work on the erlang p2p codebase. I'm afraid we cannot move forward until we do. We are OK with this being closed, perhaps until someone comes along who feels they can tackle the code side of the HIP. |
|
Per author comment, closing this one as inactive too. Thank you for your submission! |
Author(s): @Bx64, @cryptomaniac79
Start Date: 2021-06-01
Category: Technical
Initial PR: #211
Tracking Issue: this
Status: In Discussion
Discord channel: #hip-34-validator-node-security on https://discord.gg/helium
Rendered view:
https://github.com/helium/HIP/blob/master/0034-validator-node-security.md
Summary:
As validators will take over all activities regarding consensus on the Helium network, the pool of actors in charge of validating transactions and creating blocks is significantly reduced from the current situation (46K+ hotspots and growing fast) to a small pool of (expected) several hundreds of nodes, which significantly decreases the targets that need to be interfered with in order to impact consensus in one's own favor. Having these nodes IPs (and with that, location and hosting provider information) be publicly visible, traceable and targetable on the Helium network therefore poses a significantly increased security risk compared to the current situation. If the validator nodes are compromised, so is the progress of the chain meaning the chain could completely (and perhaps unrecoverably) stall.
The text was updated successfully, but these errors were encountered: