Hacker News new | ask | show | jobs
by edave64 1741 days ago
Do you mean some technicality like "only broadcast messages" and the deduplication list or something that can actually stop DDOS?

There is also a bounce limit, but I would expect that (average number of peers) ^ 3 might be plenty amplification
1 comments
asciilifeform 1741 days ago
Only validly-signed (from one of the station's peers) messages move past the decoding stage ("prologue"), and of these only ones with timestamp +/-15min. of station's time; these finally searched for in dedupe queue; and at the end may be rebroadcast, if so marked, to the station's peers strictly.

You can be DOSed, so to speak, by one of your peers, but not DDOSed by a third party -- a reasonable machine can reject signature-failing or replayed-stale packets from multiple NICs at line rate, so long as your WOT is compact (i.e. less than 100 entries). This of course remains to be experimentally tested. Currently there is only an algorithm!

link
edave64 1741 days ago
The fact that indirect messages are marked as unverifiable "hearsay" (seemingly regardless of how many peers confirm it), the fact you can only join the network if you peer with someone, and the bounce limit seems to imply that you would want to peer very liberally.

And the trick is that you can't just be DOSed by a peer, you can be DDOSed by the peers of your peers of your peers, as I see it.

link
asciilifeform 1741 days ago
Indirect messages must be marked as hearsay, given as (barring the use of asymmetric crypto, which is AFAIK impossible to carry out at Gb+/s line-rate without specialized hardware) there is no way to verify, in any useful sense, their authorship.

The most that can be done to infer authenticity of indirect messages is to see whether such a message rejects the authorship of a known previous message having the same handle -- via the SelfChain. In virtually any case of handle collision, this will occur.

Re: floods -- a station only processes messages from a peer. So in fact in all cases the proximate cause of a flood is identifiable, and you can "UNPEER" and "GAG" him.

Flooding by a peer is annoying, but is not what people normally think of as "DDOS" (normally the term implies a flood of rubbish received directly from unauthenticated third parties.)

How liberally to peer -- is a matter for an individual station operator. Peering with every passing acquaintance has obvious down-sides.

link