summaryrefslogblamecommitdiffstats
path: root/README.md
blob: 514f7b9699520be4bf1dde10d17f4c1764a1f1c6 (plain) (tree)
1
2
3
4
5
6
7
8

                                     
                                 

      
           
                                                                    
                                                                        


                                                                  







                                                                                                                                   




                                                                                                                                                                                                                                                                                                                                     



                                                                    
# external libraries
* https://github.com/kokke/tiny-AES-c
* libmd-dev for sha1.h and sha2.h

# todo
* use ppoll
* implement BEP-0042 DHT security extension, requires crc32c library
* metadata receiving from uTorrent does not work for some unknown reason
* uses A LOT of bandwidth, implement packet deduplication (fixed?)

# anti sybil measures:
* analysis: geoip for queries, get their localtime and update counter for current 15 minute period in countries time(queries) chart
* only get_peers when aren't any peers to test
* periodic counter for packets that resets on periodic call, breaks into debugger if any of the following is larger than 2**14:
    - received queries
    - sent queries
    - received responses
    - sent responses
* detecting sybil with buckets > 64 (done)
* disallowing IP addresses to be added into our own bucket that already exist in the routing table (done)
    - currently only if IP address is the one that causes the split, this may be suboptimal
* TODO: accept every replied node into the routing table only after pinging it with a random ID, storing in t encrypted first MAXT-1 bytes of the id that it sent with packet that generated a replied(). upon receiving the reply, if the r/id and decrypted t don't match in MAXT-1 bytes, ignore the node (it's a sybil attacker).
    - MAXT-1 instead of MAXT because MAXT sized ts are sent in get_peers queries
    - only consider possible nodes when reading "nodes" and "nodes6" in responses when responses are verified with this strategy, I think this prevents massive data sendings because of poorly programmed sybil nodes and poorly programed travnik.

# known non-posix
* `MSG_DONTWAIT`, `SOCK_NONBLOCK`: replace with `fcntl` `O_NONBLOCK`
* `MSG_NOSIGNAL` on `sendto`: replace with `SIGPIPE` signal handler