Google Drive
Gist
Clipboard
At what rate of the traffic our network won't be able to handle it? What kind of resources have to be spent to lower reliability and increase latency noticeably? It is a critical problem if we can prove that it can be done from single laptop.
How much traffic is too much for mobile device? For example, I have 2gb of free traffic per month. For anything beyond that I will have to pay. Is it a critical problem or small inconvinience?
I tend to think that it is not possible to spam the network from mobile or desktop client in any a way that will have those described effects. So, any solution that we will discuss should take into account that network is spammed by an intentionally written program. And we can expect certain level of creativity.
Sending 10mb of traffic with TTL of 20 seconds and PoW 0.2 - cost ~30 seconds of computation using only single core. For 2gb - ~2h. PoW definitely eliminates the possibility that network will spammed at a rate that will decrease its reliability. But it is still possible to make mobile device to download lots of traffic.
Rate limiting can be used to solve both of these problems. There are several concerns about it. Identities in the p2p network are free. And we can expect creation of multiple identities, because of the reason dicussed above. Another concern, to make them useful we need to set limits to quite a low number. Like 10mb per hour.
It solves the problem of free identities. Public IPs are scarce and will increase resources required to execute an attack. The main concern are multiple devices behind NAT. Any "good" participant can be affected by spammer that accidentally shares same IP. It might be not an issue while Status is not widely addopted.
Using funds for access to the network is a solution for free identities. Those who spam can be blacklisted and "lose" their funds this way. The concern is how requirement to pay for the network will impact adoption.
Every participant in the network must have a local limit for received traffic. Defined as traffic unit per duration (100mb/hour). It will be splitted between existing peers in a fair way. And, it must be advertisted using separate whisper method.
On the image below you can see peers in the network (this of links as bidirectional, even they are not the graph). A is a regular mobile device. E and F are our whisper "cluster" nodes. B is a spammer.
For A local limit is 20mb/hour. F and E have local limit of 2gb/hour. B defined local limit is 10gb/hour. I am using hours, but i think those should be seconds to make it practically useful.
Rate limits of all links:
E -> A : 10mb/hour. Advertised by A.
A -> E : 100mb/hour. Advertised by E.
F -> E : 1gb/hour. Advertised by E.
E -> F : 1gb/hour. Advertised by F.
B -> E : 1gb/hour. Advertised by E.
E -> B : 1gb/hour. Advertised by B.
F -> B : 1gb/hour. Advertised by B.
B -> F : 1gb/hour. Advertised by F.
If B sends to E more than 1gb/hour it gets disconnected and blacklisted. E must not send to A more than 10mb/hour. Some traffic must be dropped. We could drop traffic from peer B, but it won't be enough because of the next situation. If B sends to F more than 1gb/hour - B will be blacklisted on peer F. But some traffic will go through. What we do with traffic that B -> F -> E that must not be sent to A. Proposed classification methods:
Peer that wants to spam the network will rarely be known for long time. Thats an immediate identifier of not-trustworthy peer.
If someone will be using same key for signatures such traffic will be easily identifiable as malicious. I am assuming that chat user can't break limits.
Known topics such as Status can be easily spammed. Somewhat hard to understand what is more important, receiving messages in 'Status' channel or not receing tons of useless traffic.
Mobile devices will almost never receive more than required amount of traffic. In case of intentional spam - some part of useful traffic may not be received by mobile devices.
or
or
By clicking below, you agree to our terms of service.
Sign in with Wallet
New to HackMD? Sign up
| Syntax | Example | Reference | |
|---|---|---|---|
| # Header | Header | 基本排版 | |
| - Unordered List |
|
||
| 1. Ordered List |
|
||
| - [ ] Todo List |
|
||
| > Blockquote | Blockquote |
||
| **Bold font** | Bold font | ||
| *Italics font* | Italics font | ||
| ~~Strikethrough~~ | |||
| 19^th^ | 19th | ||
| H~2~O | H2O | ||
| ++Inserted text++ | Inserted text | ||
| ==Marked text== | Marked text | ||
| [link text](https:// "title") | Link | ||
|  | Image | ||
| `Code` | Code |
在筆記中貼入程式碼 | |
| ```javascript var i = 0; ``` |
|
||
| :smile: |  |
Emoji list | |
| {%youtube youtube_id %} | Externals | ||
| $L^aT_eX$ | LaTeX | ||
| :::info This is a alert area. ::: |
This is a alert area. |
On a scale of 0-10, how likely is it that you would recommend HackMD to your friends, family or business associates?
Please give us some advice and help us improve HackMD.
Do you want to remove this version name and description?
Syncing
-
Any changes
Be notified of any changes
-
Mention me
Be notified of mention me
-
Unsubscribe
Subscribe