[bisq-network/bisq] Bisq does not verify maker node is online when displaying offers aka ghost offers (#4026)
chimp1984
notifications at github.com
Wed Apr 29 23:51:10 UTC 2020
We receive from seed nodes lots of expired data as well as from our peers over broadcast messages. We check 60 sec for expired data and remove it but if an attacker (or dev who manipulated code without knowing what he does) broadcast all the time to the network outdated data we get still polluted as it takes each node 60 seconds to clean up.
https://github.com/bisq-network/bisq/pull/4215 adds a expire check when we receive the data and return if it is expired, thus avoiding that those data is stored and further broadcast.
If we still see many such expired messages we should check the address of that peer and at him to the ban list, once the release is well propagated. But at current situations all nodes would broadcast such data so we must not ban those ;-).
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/issues/4026#issuecomment-621528848
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20200429/1e804d98/attachment-0001.html>
More information about the bisq-github
mailing list