coosld/kubo
1
0
Fork 0
mirror of https://github.com/ipfs/kubo.git synced 2026-02-28 05:47:51 +08:00
Code Issues Actions 13 Packages Projects Releases Wiki Activity
0cdc2e0adf
kubo/routing
History
Juan Batiz-Benet 0cdc2e0adf dht: split out online record verification 
Online record verification -- meaning record verification
that might cause messages to other peers -- presents a
way to perform an attack on a dht node: forge a record and
make the node attempt to fetch the public key to verify.
This becomes a very powerful amplification attack if
online verification is done for records _received passively_.
This means records that were received as the result of a
PUT_VALUE or ADD_PROVIDER. Thus we only accept records we
can verify offline (whose public keys we already have). In
practice this is not at all a problem for us, because
typical connections are encrypted: we've already exchanged
public keys.
2014-12-21 05:45:30 -08:00
..
dht dht: split out online record verification 2014-12-21 05:45:30 -08:00
kbucket kbucket now uses peer.ID 2014-12-20 13:26:52 -08:00
keyspace moved XOR keyspace -> util 2014-10-18 20:01:27 -07:00
mock routing/mock now uses peer.ID and peer.PeerInfo 2014-12-20 13:51:14 -08:00
routing.go Routing interface uses peer.PeerInfo 2014-12-20 13:49:22 -08:00