From a0c515a38cdc4105f778db7ee9d815ac42c02922 Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 11:42:59 +0800 Subject: [PATCH 01/10] Initial cut --- waku.md | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/waku.md b/waku.md index 17bf16a01..005ccb5a6 100644 --- a/waku.md +++ b/waku.md @@ -322,15 +322,28 @@ Waku is a different subprotocol from Whisper so it isn't directly compatible. Ho It is desirable to have a strategy for maintaining forward compatibility between `waku/0` and future version of waku. Here we outline some concerns and strategy for this. - ## Security considerations There are several security considerations to take into account when running Waku. Chief among them are: scalability, DDoS-resistance and privacy. These also vary depending on what capabilities are used, such as mailserver, light node, and so on. -### Light node privacy +### Scalability and UX + +**Bandwidth usage:** + +In version 0 of Waku, bandwidth usage is likely to be an issue. For more investigation into this, see the theoretical scaling model described [here](https://vac.dev/fixing-whisper-with-waku). + +**Mailserver High Availability requirement:** + +A mailserver has to be online to receive messages for other nodes, this puts a high availability requirement on it. This can be somewhat mitigated by the use of something like [MVDS](https://specs.vac.dev/mvds.html) on top, thereby treating a mailserver as a form of cache. + +### Privacy + +**Light node privacy:** The main privacy concern with light nodes is that directly connected peers will know that a message originates from them (as it are the only ones it sends). This means nodes can make assumptions about what messages (topics) their peers are interested in. +### Spam resistance + ## Implementation Notes ### Implementation Matrix From 1cfc7dc8f3f250b673fc5bbee814e47be7a7c0e9 Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 11:51:08 +0800 Subject: [PATCH 02/10] scalability ux section --- waku.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/waku.md b/waku.md index 005ccb5a6..042f4be39 100644 --- a/waku.md +++ b/waku.md @@ -336,6 +336,14 @@ In version 0 of Waku, bandwidth usage is likely to be an issue. For more investi A mailserver has to be online to receive messages for other nodes, this puts a high availability requirement on it. This can be somewhat mitigated by the use of something like [MVDS](https://specs.vac.dev/mvds.html) on top, thereby treating a mailserver as a form of cache. +**Gossip-based routing:** + +Use of gossip-based routing doesn't necessarily scale. It means each node can see a message multiple times, and having too many light nodes can cause too low propagation probability. See [Whisper vs PSS](https://our.status.im/whisper-pss-comparison/) for more and a possible Kademlia based alternative. + +**Lack of incentives:** + +Waku currently lacks incentives to run nodes, which means node operators are more likely to create centralized choke points. + ### Privacy **Light node privacy:** From ad4c30b47a37266bd52bec6d3f1ab25dd8de35c7 Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 12:02:48 +0800 Subject: [PATCH 03/10] moar --- waku.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/waku.md b/waku.md index 042f4be39..8bd51798c 100644 --- a/waku.md +++ b/waku.md @@ -350,8 +350,38 @@ Waku currently lacks incentives to run nodes, which means node operators are mor The main privacy concern with light nodes is that directly connected peers will know that a message originates from them (as it are the only ones it sends). This means nodes can make assumptions about what messages (topics) their peers are interested in. +**Bloom filter privacy:** + +By having a "tight" bloom filter you reveal which messages you are interested in. This is a fundamental tradeoff between bandwidth usage and privacy, though the tradeoff space is likely suboptimal in terms of the [Anonymity](https://eprint.iacr.org/2017/954.pdf) [trilemma](https://petsymposium.org/2019/files/hotpets/slides/coordination-helps-anonymity-slides.pdf). + +**Mailserver client privacy:** + +A mailserver client has to trust a mailserver, which means they can send direct traffic. This reveals what topics / bloom filter a node is interested in, along with its peerID (with IP). + +**Privacy guarantees not rigorous:** + +Privacy for Whisper / Waku haven't been studied rigorously for various threat models like global passive adversary, local active attacker, etc. This is unlike e.g. Tor and mixnets. + +**Topic hygiene:** + +Similar to bloom filter privacy, if you use a very specific topic you reveal more information. See scalability model linked above. + ### Spam resistance +**PoW bad for heterogenerous devices:** + +Proof of work is a poor spam prevention mechanism. A mobile device can only have a very low PoW in order not to use too much CPU / burn up your phone battery. This means someone can spin up a powerful node and overwhelm the network. + +**Mailserver trusted connection:** + +A mailserver has a direct TCP connection, which means they are trusted to send traffic. This means a malicious or malfunctioning mailserver can overwhelm an individual node. + +### Censorship resistance + +**Devp2p TCP port blockable:** + +By default Devp2p runs on an odd, high valued port. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port 80 or 443, but there are still outstanding issues. See libp2p and Tor's Pluggable Transport for how this can be improved. + ## Implementation Notes ### Implementation Matrix From 342306feb0e590178c5bb6e00879c5769f347549 Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 12:04:14 +0800 Subject: [PATCH 04/10] version and toc --- waku.md | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/waku.md b/waku.md index 8bd51798c..e370bc211 100644 --- a/waku.md +++ b/waku.md @@ -1,6 +1,6 @@ # Waku Whisper Specification -> Version 0.1.0 (Initial release) +> Version 0.1.1 (Initial release) > > Authors: Oskar Thorén oskar@status.im, Dean Eigenmann dean@status.im @@ -19,11 +19,17 @@ - [Additional capabilities](#additional-capabilities) - [Light node](#light-node) - [Mailserver and client](#mailserver-and-client) + - [Requesting messages](#requesting-messages) + - [Receiving historic messages](#receiving-historic-messages) - [Backwards Compatibility](#backwards-compatibility) - [Waku-Whisper bridging](#waku-whisper-bridging) - [Forwards Compatibility](#forwards-compatibility) -- [Security considerations](#security-considerations) -- [Implementation Notes](#implementation-notes) +- [Appendix A: Security considerations](#appendix-a-security-considerations) + - [Scalability and UX](#scalability-and-ux) + - [Privacy](#privacy) + - [Spam resistance](#spam-resistance) + - [Censorship resistance](#censorship-resistance) +- [Appendix B: Implementation Notes](#appendix-b-implementation-notes) - [Implementation Matrix](#implementation-matrix) - [Footnotes](#footnotes) - [Changelog](#changelog) @@ -322,7 +328,7 @@ Waku is a different subprotocol from Whisper so it isn't directly compatible. Ho It is desirable to have a strategy for maintaining forward compatibility between `waku/0` and future version of waku. Here we outline some concerns and strategy for this. -## Security considerations +## Appendix A: Security considerations There are several security considerations to take into account when running Waku. Chief among them are: scalability, DDoS-resistance and privacy. These also vary depending on what capabilities are used, such as mailserver, light node, and so on. @@ -382,7 +388,7 @@ A mailserver has a direct TCP connection, which means they are trusted to send t By default Devp2p runs on an odd, high valued port. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port 80 or 443, but there are still outstanding issues. See libp2p and Tor's Pluggable Transport for how this can be improved. -## Implementation Notes +## Appendix B: Implementation Notes ### Implementation Matrix @@ -410,6 +416,7 @@ Notes useful for implementing Waku mode. | Version | Comment | | :-----: | ------- | +| 0.1.1 | Add security considerations appendix | | 0.1.0 (current) | Initial Release | ### Differences between shh/6 waku/0 From 66705b4cf5e3fe23eaa6e5f2ce0d808b887a3f30 Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 19:24:10 +0800 Subject: [PATCH 05/10] fix port --- waku.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/waku.md b/waku.md index e370bc211..4170c3924 100644 --- a/waku.md +++ b/waku.md @@ -386,7 +386,7 @@ A mailserver has a direct TCP connection, which means they are trusted to send t **Devp2p TCP port blockable:** -By default Devp2p runs on an odd, high valued port. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port 80 or 443, but there are still outstanding issues. See libp2p and Tor's Pluggable Transport for how this can be improved. +By default Devp2p runs on port `30303`, which is not commonly used for any other service. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port `80` or `443`, but there are still outstanding issues. See libp2p and Tor's Pluggable Transport for how this can be improved. ## Appendix B: Implementation Notes From bc99aee1686f8079a6112f9a9a062f861e08821f Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 19:31:08 +0800 Subject: [PATCH 06/10] clarify bloom --- waku.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/waku.md b/waku.md index 4170c3924..ed2c942dc 100644 --- a/waku.md +++ b/waku.md @@ -358,7 +358,7 @@ The main privacy concern with light nodes is that directly connected peers will **Bloom filter privacy:** -By having a "tight" bloom filter you reveal which messages you are interested in. This is a fundamental tradeoff between bandwidth usage and privacy, though the tradeoff space is likely suboptimal in terms of the [Anonymity](https://eprint.iacr.org/2017/954.pdf) [trilemma](https://petsymposium.org/2019/files/hotpets/slides/coordination-helps-anonymity-slides.pdf). +By having a bloom filter where only the topics you are interested in are set, you reveal which messages you are interested in. This is a fundamental tradeoff between bandwidth usage and privacy, though the tradeoff space is likely suboptimal in terms of the [Anonymity](https://eprint.iacr.org/2017/954.pdf) [trilemma](https://petsymposium.org/2019/files/hotpets/slides/coordination-helps-anonymity-slides.pdf). **Mailserver client privacy:** From f1b7898f81985b08df7224dc565e6a8d84cdeac1 Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 20:03:44 +0800 Subject: [PATCH 07/10] update bw usage link to version controlled --- waku.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/waku.md b/waku.md index ed2c942dc..5294e1789 100644 --- a/waku.md +++ b/waku.md @@ -336,7 +336,7 @@ There are several security considerations to take into account when running Waku **Bandwidth usage:** -In version 0 of Waku, bandwidth usage is likely to be an issue. For more investigation into this, see the theoretical scaling model described [here](https://vac.dev/fixing-whisper-with-waku). +In version 0 of Waku, bandwidth usage is likely to be an issue. For more investigation into this, see the theoretical scaling model described [here](https://github.com/vacp2p/research/tree/dcc71f4779be832d3b5ece9c4e11f1f7ec24aac2/whisper_scalability). **Mailserver High Availability requirement:** From 903c1b16225c7b8ecc4d8a15212add0a2449cc5b Mon Sep 17 00:00:00 2001 From: Oskar Thoren Date: Tue, 3 Dec 2019 20:05:29 +0800 Subject: [PATCH 08/10] remove mvds refer --- waku.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/waku.md b/waku.md index 5294e1789..ee7cbe34d 100644 --- a/waku.md +++ b/waku.md @@ -340,7 +340,7 @@ In version 0 of Waku, bandwidth usage is likely to be an issue. For more investi **Mailserver High Availability requirement:** -A mailserver has to be online to receive messages for other nodes, this puts a high availability requirement on it. This can be somewhat mitigated by the use of something like [MVDS](https://specs.vac.dev/mvds.html) on top, thereby treating a mailserver as a form of cache. +A mailserver has to be online to receive messages for other nodes, this puts a high availability requirement on it. **Gossip-based routing:** From 3d98cdb02020b68d78ff4949a7c46bd3dc3a723a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Thor=C3=A9n?= Date: Wed, 4 Dec 2019 11:38:07 +0800 Subject: [PATCH 09/10] Update waku.md Co-Authored-By: Dean Eigenmann --- waku.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/waku.md b/waku.md index ee7cbe34d..a1517184a 100644 --- a/waku.md +++ b/waku.md @@ -376,7 +376,7 @@ Similar to bloom filter privacy, if you use a very specific topic you reveal mor **PoW bad for heterogenerous devices:** -Proof of work is a poor spam prevention mechanism. A mobile device can only have a very low PoW in order not to use too much CPU / burn up your phone battery. This means someone can spin up a powerful node and overwhelm the network. +Proof of work is a poor spam prevention mechanism. A mobile device can only have a very low PoW in order not to use too much CPU / burn up its phone battery. This means someone can spin up a powerful node and overwhelm the network. **Mailserver trusted connection:** From 5f1dd9578c8a2e68b5b608a75c74317ec580e016 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Thor=C3=A9n?= Date: Wed, 4 Dec 2019 11:38:20 +0800 Subject: [PATCH 10/10] Update waku.md Co-Authored-By: Dean Eigenmann --- waku.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/waku.md b/waku.md index a1517184a..9cf553dab 100644 --- a/waku.md +++ b/waku.md @@ -344,7 +344,7 @@ A mailserver has to be online to receive messages for other nodes, this puts a h **Gossip-based routing:** -Use of gossip-based routing doesn't necessarily scale. It means each node can see a message multiple times, and having too many light nodes can cause too low propagation probability. See [Whisper vs PSS](https://our.status.im/whisper-pss-comparison/) for more and a possible Kademlia based alternative. +Use of gossip-based routing doesn't necessarily scale. It means each node can see a message multiple times, and having too many light nodes can cause propagation probability that is too low. See [Whisper vs PSS](https://our.status.im/whisper-pss-comparison/) for more and a possible Kademlia based alternative. **Lack of incentives:**