[nexus_six]

https://reticulum.network/manual/interfaces.html#announce-ra... The manual has some documentation on some of the rate limiting features built into RNS

[1oooqooq]

how do you rate_limit with "anonymous initiation"?

one malicious peer can have as many sources as they want. don't even need a botnet of IPs.

The link you posted seem to guard against flood of sinks on the distributed routing, but there's no mention of source flooding.

[kragen]

thanks!

fwiw, those seem to apply to only a single destination, and any node can sybil up as many destinations as it wants, right? `announce_cap` seems more relevant

is there a place where you've written down the threat model reticulum is intended to defend against? it's hard for me to evaluate its security measures without that context

[nexus_six]

I'm not sure there is a formal threat model yet (I'm not a maintainer), but there has been discussion regarding this topic. You can checkout the Github forum page (https://github.com/markqvist/Reticulum/discussions) and there is also an Element channel at #reticulum:matrix.org

The threat model would be highly dependent on the carrier used. For example, if you're using LoRa an adversary would be using far different methods of disruption when compared to a traditional overlay network.

[kragen]

thank you very much!

i think physical-layer disruption like lora jamming is kind of a separate consideration, but physical-layer traffic analysis might not be

i had misunderstood you to be saying that the second reticulum node ever was at your house, so i had assumed you were the author