Bitcoin Core should throw a warning if peerbloomfilters=1 #9540

issue tulip0 opened this issue on January 13, 2017

tulip0 commented at 4:43 AM on January 13, 2017: none

In line with conversation about the risks of BIP37 peer bloom filters (#6579, #7708), Bitcoin Core should throw a warning during init if the peerbloomfilters boolean is enabled (this is currently set by default). Running NODE_BLOOM enabled presents severe risks to node operators (#9238) which they may be unaware of.

In public knowledge the p2p protocol extension has been used for large scale anti attacks using the mempool command to bypass transaction trickling, denial of service due to the enormous CPU load caused by the act of filtering blocks, and potentially other undisclosed issues. This is a stepping stone towards eventually default disabling the feature.
jonasschnelli commented at 7:43 AM on January 13, 2017: contributor

I think this would be wise. Concept ACK.
jonasschnelli added the label Easy to implement on Jan 13, 2017
jonasschnelli added the label P2P on Jan 13, 2017
sipa commented at 3:30 PM on January 13, 2017: member

It seems strange to show a warning for a setting that is default?
tulip0 commented at 4:57 PM on January 13, 2017: none

It seems strange to have BIP37 enabled by default, but there's no alternatives to it yet.
Eric-Warehime referenced this in commit ffbc8b4b24 on Feb 21, 2017
Varunram referenced this in commit bbd5b6445b on Oct 24, 2017
mooleshacat commented at 1:44 AM on October 14, 2018: none

This "fix" may be causing issues with NOMP (possibly yiimp too) where p2p is disconnecting...

https://github.com/zone117x/node-open-mining-portal/issues/626

Can we not find a way to prevent DDoS with peerbloomfilters=1 ???

Maybe detect bad peers and ban them automatically with iptables, ufw, or csf? Have some sort of command line arguments for how often and how many connections before ban? Also what about command line options for connection timeouts?

It looks like those clients (for example, connecting to rpc or p2p port with web browser and sending garbage text - or any text not related to btc protocol) are not currently being banned.

bitcoind needs some DDoS protection... Rate limiting, filtering of the incoming data, and banning in iptables etc on repetitive garbage.

Remember the RPC ports as well, it is only localhost in most cases, however they need the same kind of connection rate limiting and data filtering with banning in iptables as well...

stratum-pool needs this functionality as well, monitoring of stratum ports for proper connections and data... With banning through iptables or csf or just denying the connections.

You can only do so much with iptables, ufw, and csf... They do not know what a "good" client is. My opinion is the bitcoind needs to protect itself to the best of its ability without crippling its p2p functionality.

This also may be related to my other issue here: https://github.com/foxer666/node-stratum-pool/issues/31

Thanks to bitcoin devs for their hard work! Many thousands of other projects rely on you and your hard beautiful work for their copy and paste garbage to work lol :1st_place_medal:
mooleshacat commented at 3:20 AM on October 23, 2018: none

Nevermind, the restart issue was fixed.

https://github.com/foxer666/node-stratum-pool/issues/31#issuecomment-432073801
MarcoFalke commented at 2:25 PM on July 21, 2019: member

Closing for now. Not sure what the goal here is, now that "#16152: Disable bloom filtering by default" has been merged
MarcoFalke closed this on Jul 21, 2019
MarcoFalke removed the label good first issue on Jul 21, 2019
DrahtBot locked this on Dec 16, 2021

Contributors

Labels

Linked (view graph)

#6579 Add NODE_BLOOM service bit and bump protocol version #7708 De-neuter NODE_BLOOM #9238 Ignore BIP35 mempool command by default #11553 [P2P] Throw Warning if -peerbloomfilters is enabled