Dear Isaac,
the protections against Sybil attacks are mostly the friend-to-friend
mode (sybil nodes cannot get connections without social engineering) and
the mitigation against the pitch black attack.
https://www.hyphanet.org/freenet-build-1492-released-video-diagnostics-pitch-black-plugins.html
On opennet, the seednodes give some limited protection, because they
rate-limit new nodes.
There are tests to spin up private Hyphanet networks on which you can
safely test attacks. Check the tests in
https://github.com/hyphanet/fred/tree/next/src/freenet/node/simulator
If you want to expand this, you could check whether you can recover and
complete the faster simulations project:
https://github.com/hyphanet/fred/pull/576
This is mainly blocked by being too big to be reviewed effectively and
not being completed because the new employer of its dev prohibited doing
copyleft work.
It should enable spinning up networks of hundreds to thousands of real
nodes for testing.
Best wishes,
Arne
Isaac W writes:
> Also, I do not know of any currently employed protections against Sybil
> attacks on Hyphanet. If there are any, these may significantly increase
> the cost of executing one.
>
> On Thu, Jun 20, 2024 at 10:31 AM Isaac W wrote:
>
> To whom it may concern,
>
> It seems that the cost of launching a successful Sybil attack on Hyphanet is
> alarmingly low. I am wondering if it would be helpful to launch
> bug bounties and fixes to address this issue.
>
> Unfortunately, white hat hacking a P2P network is difficult as it is
> practically impossible to obtain permission from the entire community.
> However, I believe these efforts, along with bug fixes would benefit the
> massive vulnerability Freenet appears to possess.
>
> Thank you.
>
> Sincerely,
> Isaac Weingrad
--
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de
signature.asc
Description: PGP signature
