reth icon indicating copy to clipboard operation
reth copied to clipboard

Published 20 hours ago verified publisher icon paradigmxyz

Body downloader response filtering

Open rkrasiuk opened this issue 2 years ago • 5 comments

Malicious peers might respond with a single valid block body. Since receiving fewer block bodies than requested is acceptable, we had to implement a check to disregard such responses.

https://github.com/paradigmxyz/reth/blob/f771e23f9a3e4238bb413a55f02d1536126a0ea1/crates/net/downloaders/src/bodies/request.rs#L120-L126

This was a critical issue because the body validation used to happen only after all responses had been collected. The immediate response validation (#1080) mitigated this issue by validating each response upon arrival.

There is still one potential "attack" vector left that would impact the sync speed. Consider the scenario where a malicious peer responds with a single valid block for 200 requested even tho the potential response size for all 200 blocks (or a subset) is within the acceptable limits (see geth's soft response limit and maximum body count).

The current method only discards responses with a single body if more than one were requested. It can be bypassed by sending 2 or 3 bodies and still negatively impact the sync speed.

@mattsse thoughts?

rkrasiuk avatar Jan 31 '23 08:01 rkrasiuk

peer responds with a single valid block for 200 requested

retries are not guaranteed to go to the same peer.

So I think we should just penalize a peer that sends fewer blocks?

mattsse avatar Jan 31 '23 10:01 mattsse

@mattsse the problem is we don't know the expected response size beforehand. for all we know these could be blocks with one tx only or massive blocks with hundreds of transactions

rkrasiuk avatar Jan 31 '23 10:01 rkrasiuk

When is this really an issue?

If during long syncing I peer with somebody that intentionally tries to feed me less blocks than I requested, but not 1? Are Geth/Erigon also vulnerable to this (I did not get how the soft limit helps with receiving less data tahn requested)

Is it an issue if I'm already synced and downloading 1 block at a time?

gakonst avatar Feb 03 '23 01:02 gakonst

@rkrasiuk is this still relevant or can we close?

mattsse avatar Jun 15 '23 15:06 mattsse

@mattsse this is still relevant, but not a priority

rkrasiuk avatar Jun 15 '23 15:06 rkrasiuk

This issue is stale because it has been open for 21 days with no activity.

github-actions[bot] avatar Sep 16 '23 01:09 github-actions[bot]

This issue was closed because it has been inactive for 7 days since being marked as stale.

github-actions[bot] avatar Sep 24 '23 01:09 github-actions[bot]