aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorGregory Maxwell <greg@xiph.org>2014-07-20 23:32:25 -0700
committerGregory Maxwell <greg@xiph.org>2014-11-07 12:13:46 -0800
commit845c86d128fb97d55d125e63653def38729bd2ed (patch)
tree1afeba7816baa72623cbfc6058f21d01fe1e2749 /doc
parent06037f3f46463e65ab74e0f34ba5f7a869d053fd (diff)
Do not use third party services for IP detection.
This is a simplified re-do of closed pull #3088. This patch eliminates the privacy and reliability problematic use of centralized web services for discovering the node's addresses for advertisement. The Bitcoin protocol already allows your peers to tell you what IP they think you have, but this data isn't trustworthy since they could lie. So the challenge is using it without creating a DOS vector. To accomplish this we adopt an approach similar to the one used by P2Pool: If we're announcing and don't have a better address discovered (e.g. via UPNP) or configured we just announce to each peer the address that peer told us. Since peers could already replace, forge, or drop our address messages this cannot create a new vulnerability... but if even one of our peers is giving us a good address we'll eventually make a useful advertisement. We also may randomly use the peer-provided address for the daily rebroadcast even if we otherwise have a seemingly routable address, just in case we've been misconfigured (e.g. by UPNP). To avoid privacy problems, we only do these things if discovery is enabled.
Diffstat (limited to 'doc')
0 files changed, 0 insertions, 0 deletions