[Bitcoin-development] My thoughts on DoS code

Amir Taaki zgenjix at yahoo.com
Sun Oct 2 23:32:33 UTC 2011


The Zen of Python is relevant here: http://www.python.org/dev/peps/pep-0020/

"In the face of ambiguity, refuse the temptation to guess."

If a node incorrectly implements the standard then it should be shunned immediately. Not only is this more secure, but it will ensure long term compatibility between different implementations. Gavin argues that being a bit lenient makes it easier for people working on other implementations.

I'd argue the opposite being the only person that's working on a full node implementation. Lucky I know my way around the code, so I don't have to guess. But if I did not things would be much harder. Imagine you're trying to interact with this protocol and then randomly it will suddenly disconnect you because of accumulated errors that have been building up.

Everything should be strict, explicit, unambiguous and loud.

I propose a new message type: "error" Payload is a uint64_t error_code and var_str reason.

Before disconnecting a node you can send it an error message. The error_code is the main class of error- i.e version_sent_twice. Reason is just an implementation specific string that can add context.

Other possible fields:
uint8_t seriousness (debug, info, warning, error, fatal)
uint8_t action_taken (disconnect, blacklist, .etc)

More information about the bitcoin-dev mailing list