-
Notifications
You must be signed in to change notification settings - Fork 944
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sybil defence #4769
Comments
I don't think it is a valid topic here in libp2p. libp2p is built heavily around connections, not the application and network built on top of it. |
Thanks for posting this. Can you summarise what the mitigation strategy presented in the paper is? I tried to skim it but couldn't find a concise summary. |
@drHuangMHT I understand your position, however this approach provides an API addition that upper layers can use for effective sybil defence. If we make this happen, the man projects could benefit from a network layer approach. @thomaseizinger I have used Claude2 to help me summarise this. I find it more effective than a human. Here is a summary of the Sybil mitigation strategy described in the paper:
To implement the Sybil mitigation strategy in rust-libp2p, the main changes would be:
Some specifics:
This achieves censorship resistance for target CIDs under attack by ensuring providers and requesters communicate through regions guaranteed to have honest peers. The changes maintain compatibility with existing peers. Region queries are only used when needed to limit overhead. Overall, this provides an effective and practical solution to the DHT vulnerability. |
As a follow up on KL divergance, I hope this is useful The Kullback-Leibler (KL) divergence is a statistical measure used to quantify the difference between two probability distributions. It can be used to detect if an empirical distribution of samples differs significantly from an expected theoretical distribution. In the context of detecting Sybil attacks in DHTs, here is an explanation of how KL divergence is used:
D(q||p) = Σx q(x) * log(q(x) / p(x))
So in summary, KL divergence provides a principled statistical test to detect Sybil attacks by quantifying the mismatch between the actual and expected peer ID distributions, without needing direct labels about which peers are Sybils. |
Thank you for this! Region-based queries are not implemented in @mxinden as the original author of From what I understand, this is entirely an implementation-detail (modulo perhaps a config parameter for the divergence threshold). |
It's a pleasure. Thank you for the mentor offer. I am time limited, but I will ask the guys (maidsafe) and see if we can line up some resource when we see how Max feels about this as well. It also may be a nice one to fund as a grant of some kind. I think the freenet guys would also benefit. @sanity may also be interested in this approach. |
@dirvine sorry for the delay. Thanks for starting this conversation.
@dennis-tra given your familiarity with the Go implementation and your recent work on it, can you add more details here?
As Thomas said above, today neither the detection nor the mitigation mechanism is implemented in rust-libp2p. Unfortunately I am also not aware of any out-of-tree implementation in Rust.
Agreed. This simplifies the implementation process significantly, given that no coordination with other peers is needed.
Open for contributions! Would be great to see an implementation in Rust. Note however that I would only consider merging it when the gained security is worth the complexity it comes along with. (@dennis-tra since you know the authors, they might enjoy the interest here.) |
…5555) ## Description This PR is to expose a kad query facility that allowing specify num_results dynamically. It is related to the [Sybil Defence issue](#4769), that during the attempt of implementation on higher level code, it is find will be useful if libp2p-kad can expose such facility. The PR try not to cause any interference to the existing work flow, only introduce an `extra exposal`. ## Change checklist <!-- Please add a Changelog entry in the appropriate crates and bump the crate versions if needed. See <https://github.com/libp2p/rust-libp2p/blob/master/docs/release.md#development-between-releases>--> - [x] I have performed a self-review of my own code - [x] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [x] A changelog entry has been made in the appropriate crates --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…ibp2p#5555) ## Description This PR is to expose a kad query facility that allowing specify num_results dynamically. It is related to the [Sybil Defence issue](libp2p#4769), that during the attempt of implementation on higher level code, it is find will be useful if libp2p-kad can expose such facility. The PR try not to cause any interference to the existing work flow, only introduce an `extra exposal`. ## Change checklist <!-- Please add a Changelog entry in the appropriate crates and bump the crate versions if needed. See <https://github.com/libp2p/rust-libp2p/blob/master/docs/release.md#development-between-releases>--> - [x] I have performed a self-review of my own code - [x] I have made corresponding changes to the documentation - [ ] I have added tests that prove my fix is effective or that my feature works - [x] A changelog entry has been made in the appropriate crates --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Description
Sorry to bother you. I am wondering how much, if any, of this paper https://ssg.lancs.ac.uk/wp-content/uploads/ndss_preprint.pdf is implememented in this crate?
Much of the paper seems to make sense and I belive the go impl has made strides in this direction.
Motivation
Sybil defence at the network layer would benefit every decentralised project and allow a focussed approach.
Current Implementation
I am not familiar enough with the codebase to infer any insights here.
Are you planning to do it yourself in a pull request ?
No
The text was updated successfully, but these errors were encountered: