diff options
author | Gregory Maxwell <greg@xiph.org> | 2014-07-20 23:32:25 -0700 |
---|---|---|
committer | Gregory Maxwell <greg@xiph.org> | 2014-11-07 12:13:46 -0800 |
commit | 845c86d128fb97d55d125e63653def38729bd2ed (patch) | |
tree | 1afeba7816baa72623cbfc6058f21d01fe1e2749 /doc | |
parent | 06037f3f46463e65ab74e0f34ba5f7a869d053fd (diff) |
Do not use third party services for IP detection.
This is a simplified re-do of closed pull #3088.
This patch eliminates the privacy and reliability problematic use
of centralized web services for discovering the node's addresses
for advertisement.
The Bitcoin protocol already allows your peers to tell you what
IP they think you have, but this data isn't trustworthy since
they could lie. So the challenge is using it without creating a
DOS vector.
To accomplish this we adopt an approach similar to the one used
by P2Pool: If we're announcing and don't have a better address
discovered (e.g. via UPNP) or configured we just announce to
each peer the address that peer told us. Since peers could
already replace, forge, or drop our address messages this cannot
create a new vulnerability... but if even one of our peers is
giving us a good address we'll eventually make a useful
advertisement.
We also may randomly use the peer-provided address for the
daily rebroadcast even if we otherwise have a seemingly routable
address, just in case we've been misconfigured (e.g. by UPNP).
To avoid privacy problems, we only do these things if discovery
is enabled.
Diffstat (limited to 'doc')
0 files changed, 0 insertions, 0 deletions