No Branch/Tag Specified
arm
asyncnotedecryption
danger
dev
dev-aarch64
dev-mac
dev-old-randomx
divzaddrs
dragonx
duke
freebsd
getfilterednotes
hip39
hushutils
insync
jahway603
master
mvstuff
onryo
p2p_privacy
ramhash
relaytx
rx-largepages
setbestchain
warmup
witness_cache
wolfssl
wolfssl_win
z_createrawtransaction
z_importwallet
z_signmessage
v0.11.2.z0
v0.11.2.z1
v0.11.2.z2
v0.11.2.z3
v0.11.2.z4
v0.11.2.z5
v0.11.2.z6
v0.11.2.z7
v0.11.2.z8
v0.11.2.z9
v1.0.0
v1.0.0-beta1
v1.0.0-beta2
v1.0.0-rc1
v1.0.0-rc2
v1.0.0-rc3
v1.0.0-rc4
v1.0.1
v1.0.10
v1.0.10-1
v1.0.11
v1.0.11-rc1
v1.0.12
v1.0.12-rc1
v1.0.13
v1.0.13-rc1
v1.0.13-rc2
v1.0.14
v1.0.14-rc1
v1.0.15
v1.0.15-rc1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7-1
v1.0.8
v1.0.8-1
v1.0.9
v1.1.0
v1.1.0-rc1
v1.1.1
v1.1.1-rc1
v1.1.1-rc2
v1.1.2
v1.1.2-rc1
v2.0.0
v2.0.0-rc1
v2.0.1
v3.0.0
v3.1.0
v3.1.1
v3.10.0
v3.10.1
v3.10.2
v3.2.0
v3.2.1
v3.2.1-alpha
v3.2.1-beta
v3.2.2
v3.2.3
v3.3.0
v3.3.1
v3.3.2
v3.4.0
v3.4.1
v3.5.0
v3.5.1
v3.5.2
v3.6.0
v3.6.1
v3.6.2
v3.6.3
v3.7.0
v3.7.1
v3.8.0
v3.9.0
v3.9.1
v3.9.2
v3.9.3
v3.9.4
Labels
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it testing
related to testing tor
related to tor wontfix
this won't be fixed
Apply labels
Clear labels
0-500 bounty
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it testing
related to testing tor
related to tor wontfix
this won't be fixed
No Label
0-500 bounty
2001-5000 bounty
501-2000 bounty
arm
beginners
bug
build
documentation
feature
high priority
i2p
low priority
medium priority
question
release
testing
tor
wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Assign users
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.
No due date set.
Dependencies
This issue currently doesn't have any dependencies.
Reference in new issue
There is no content yet.
Delete Branch '%!s(MISSING)'
Deleting a branch is permanent. It CANNOT be undone. Continue?
No
Yes
From BTC 0.18 relnotes:
BTC now has drastically changed their internals of ban management, and keeps track of manual vs automatic bans, and allows automatically banned nodes to reconnect in some situations. This is no doubt because many bans happen to honest nodes which are not attacking, potentially almost all bans are from nodes which are accidentally misbehaving, not attackers. A real attacker can easily just use another IP address, banning nodes for 24hrs mostly hurts honest nodes and basically does nothing against a determined attacker.
Hush currently bans nodes for 24hrs, we should decide on a more reasonable time, somewhere between 2 and 4 hours. For instance, if you are a Hush full node admin, and some issue causes your node to be banned (potentially from the entire rest of the network), the problem is often fixed within a few hours, but you still cannot connect to other nodes for a full day.
Additionally, banning IP addresses doesn't even make good sense when you take into account ISPs often changing residential internet IP addresses. You end up blocking the the IP of an honest person that happens to get that IP next.
Finally, banning IP's for 24hrs allowed for an interesting attack against Bitcoin Tor nodes that goes like this: Say I am an attacker that wants to prevent Bitcoin nodes from submitting transactions via Tor. Then I simply submit invalid transactions via Tor so that every single Tor exit node IP gets banned by the Bitcoin network, which lasts 24hrs. Repeating this once every 24hrs effectively cuts off anybody in the world from submitting transactions via Tor. I believe this is why BTC devs changed the way banning works, and now even has a concept of "discouraged nodes" which is different from "banned nodes".
From the BTC 0.20.1 relnotes:
One additional idea I had was this:
We can make "automatic bans" (bans that are done automatically by internals, not by a user calling the setban RPC) use a smaller ban-time, since those can often ban accidentally misconfigured nodes for an entire day. "Manual bans" from the
setban
RPC would still default to a full day ban, which is more backward-compatible. This is also more in line with the latest behavior of BTC full node banning logic.We should probably just change the default bantime to 4hrs as an intermediate step. Changing our internals to use "discouraged nodes" instead of banning nodes is a big change