diff options
author | Lee Clagett <code@leeclagett.com> | 2019-11-17 17:54:37 +0000 |
---|---|---|
committer | Lee Clagett <code@leeclagett.com> | 2020-05-15 07:57:35 +0000 |
commit | 67ade80055984a247d1bc2499a17c937f40883f4 (patch) | |
tree | d47215fce15257456d01c8f0d2a260fe7804afdd /src/cryptonote_protocol | |
parent | Merge pull request #6470 (diff) | |
download | monero-67ade80055984a247d1bc2499a17c937f40883f4.tar.xz |
Add randomized delay when forwarding txes from i2p/tor -> ipv4/6
Diffstat (limited to 'src/cryptonote_protocol')
-rw-r--r-- | src/cryptonote_protocol/cryptonote_protocol_handler.inl | 18 | ||||
-rw-r--r-- | src/cryptonote_protocol/enums.h | 1 | ||||
-rw-r--r-- | src/cryptonote_protocol/levin_notify.cpp | 18 |
3 files changed, 28 insertions, 9 deletions
diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.inl b/src/cryptonote_protocol/cryptonote_protocol_handler.inl index f8e032fde..ef3ea837d 100644 --- a/src/cryptonote_protocol/cryptonote_protocol_handler.inl +++ b/src/cryptonote_protocol/cryptonote_protocol_handler.inl @@ -927,7 +927,19 @@ namespace cryptonote return 1; } - relay_method tx_relay; + /* If the txes were received over i2p/tor, the default is to "forward" + with a randomized delay to further enhance the "white noise" behavior, + potentially making it harder for ISP-level spies to determine which + inbound link sent the tx. If the sender disabled "white noise" over + i2p/tor, then the sender is "fluffing" (to only outbound) i2p/tor + connections with the `dandelionpp_fluff` flag set. The receiver (hidden + service) will immediately fluff in that scenario (i.e. this assumes that a + sybil spy will be unable to link an IP to an i2p/tor connection). */ + + const epee::net_utils::zone zone = context.m_remote_address.get_zone(); + relay_method tx_relay = zone == epee::net_utils::zone::public_ ? + relay_method::stem : relay_method::forward; + std::vector<blobdata> stem_txs{}; std::vector<blobdata> fluff_txs{}; if (arg.dandelionpp_fluff) @@ -936,10 +948,7 @@ namespace cryptonote fluff_txs.reserve(arg.txs.size()); } else - { - tx_relay = relay_method::stem; stem_txs.reserve(arg.txs.size()); - } for (auto& tx : arg.txs) { @@ -962,6 +971,7 @@ namespace cryptonote fluff_txs.push_back(std::move(tx)); break; default: + case relay_method::forward: // not supposed to happen here case relay_method::none: break; } diff --git a/src/cryptonote_protocol/enums.h b/src/cryptonote_protocol/enums.h index a3a52b83f..36e8ca04c 100644 --- a/src/cryptonote_protocol/enums.h +++ b/src/cryptonote_protocol/enums.h @@ -37,6 +37,7 @@ namespace cryptonote { none = 0, //!< Received via RPC with `do_not_relay` set local, //!< Received via RPC; trying to send over i2p/tor, etc. + forward, //!< Received over i2p/tor; timer delayed before ipv4/6 public broadcast stem, //!< Received/send over network using Dandelion++ stem fluff, //!< Received/sent over network using Dandelion++ fluff block //!< Received in block, takes precedence over others diff --git a/src/cryptonote_protocol/levin_notify.cpp b/src/cryptonote_protocol/levin_notify.cpp index 127801092..0ff194986 100644 --- a/src/cryptonote_protocol/levin_notify.cpp +++ b/src/cryptonote_protocol/levin_notify.cpp @@ -357,11 +357,15 @@ namespace levin return true; }); - // Always send txs in stem mode over i2p/tor, see comments in `send_txs` below. + /* Always send with `fluff` flag, even over i2p/tor. The hidden service + will disable the forwarding delay and immediately fluff. The i2p/tor + network is therefore replacing the sybil protection of Dandelion++. + Dandelion++ stem phase over i2p/tor is also worth investigating + (with/without "noise"?). */ for (auto& connection : connections) { std::sort(connection.first.begin(), connection.first.end()); // don't leak receive order - make_payload_send_txs(*zone_->p2p, std::move(connection.first), connection.second, zone_->pad_txs, zone_->is_public); + make_payload_send_txs(*zone_->p2p, std::move(connection.first), connection.second, zone_->pad_txs, true); } if (next_flush != std::chrono::steady_clock::time_point::max()) @@ -811,12 +815,11 @@ namespace levin case relay_method::block: return false; case relay_method::stem: - tx_relay = relay_method::fluff; // don't set stempool embargo when skipping to fluff - /* fallthrough */ + case relay_method::forward: case relay_method::local: if (zone_->is_public) { - // this will change a local tx to stem or fluff ... + // this will change a local/forward tx to stem or fluff ... zone_->strand.dispatch( dandelionpp_notify{zone_, std::addressof(core), std::move(txs), source} ); @@ -824,6 +827,11 @@ namespace levin } /* fallthrough */ case relay_method::fluff: + /* If sending stem/forward/local txes over non public networks, + continue to claim that relay mode even though it used the "fluff" + routine. A "fluff" over i2p/tor is not the same as a "fluff" over + ipv4/6. Marking it as "fluff" here will make the tx immediately + visible externally from this node, which is not desired. */ core.on_transactions_relayed(epee::to_span(txs), tx_relay); zone_->strand.dispatch(fluff_notify{zone_, std::move(txs), source}); break; |