Published on: 2021-07-13T00:54:29+00:00
According to a post on BitcoinTalk by Ali Sherief, the bitcoin network is being spammed with an addr message that points to invalid addresses and ports. This is causing problems with the peers.dat file and its corresponding memory structure. The custom record type used in the peers.dat file makes it difficult to parse and determine specific IP addresses listed in there. To address this issue, Sherief suggests implementing changes to prevent this type of attack from happening again. One solution proposed is to modify the AddrDb updating functionality so that it does not add nodes that are unreachable due to "connection refused" errors. These unreachable addresses can be stored in a new, separate database-like file or augmented in the peers.dat file under a new entry type. By immediately flushing invalid nodes from memory, unnecessary processing can be avoided.To facilitate the identification of blocked nodes, Sherief proposes creating a new ZMQ message that sends the node's list of ignored addresses. This will help other nodes discover and handle blocked nodes more effectively. Additionally, Sherief suggests introducing a new file or command-line/config option called "ignorelist" that contains a list of subnets that should never be read into the AddrDB buckets. This would work differently from the banlist, which is currently used to block peers that send invalid messages, not those that are simply unreachable.While it may not be feasible to completely avoid adding untried addresses, the existing structure should reasonably protect against database poisoning caused by spam. However, there is a processing cost associated with this protection. It remains unclear how easy or difficult it will be to implement these proposed changes to improve the situation.
Updated on: 2023-08-02T04:23:06.679316+00:00