If a user sends a message that is over the maximum transmission size gossipsub
will disconnect from the peer being sent the message.
This PR updates the logic to simply emit an error, not send the over-sized
message but maintain the long-lived streams for future messages.
Co-authored-by: Age Manning <Age@AgeManning.com>
* protocols/kad/query/peers/closest: Consider K_VALUE nodes at init
By considering `K_VALUE` at `ClosestPeersIter` initialization, the initial peer
set length is independent of `num_results` and thus of the `replication_factor`.
* protocols/kad/src/behaviour/test: Enable building single nodes
Introduces the `build_node` function to build a single not connected
node. Along the way replace the notion of a `port_base` with returning
the actual `Multiaddr` of the node.
* protocols/kad/behaviour/test: Fix bootstrap test initialization
When looking for the closest node to a key, Kademlia considers
ALPHA_VALUE nodes to query at initialization. If `num_groups` is larger
than ALPHA_VALUE the remaining locally known nodes will not be
considered. Given that no other node is aware of them other than node 1,
they would be lost entirely. To prevent the above restrict `num_groups`
to be equal or smaller than ALPHA_VALUE.
* protocols/kad/behaviour/test: Fix put_record and get_provider
In the past, when trying to find the closest nodes to a key, Kademlia
would consider `num_result` amount of nodes to query out of all the
nodes it is aware of.
Both the `put_record` and the `get_provider` tests initialized their
swarms in the same way. The tests took the replication factor to use as
an input. The number of results to get was equal to the replication
factor. The amount of swarms to start was twice the replication factor.
Nodes would be grouped in two groups a replication factor nodes. The
first node would be aware of all of the nodes in the first group. The
last node of the first group would be aware of all the nodes in the
second group.
By coincidence (I assume) these numbers played together very well. At
initialization the first node would consider `num_results` amount of
peers (see first paragraph). It would then contact each of them. As the
first node is aware of the last node of the first group which in turn is
aware of all nodes in the second group, the first node would eventually
discover all nodes.
Recently the amount of nodes Kademlia considers at initialization when
looking for the nodes closest to a key was changed to only consider
ALPHA nodes.
With this in mind playing through the test setup above again would
result in (1) `replication_factor - ALPHA` nodes being entirely lost as
the first node would never consider them and (2) the first node probably
never contacting the last node out of the first group and thus not
discovering any nodes of the second group.
To keep the multi hop discovery in place while not basing ones test
setup on the lucky assumption of Kademlia considering replication factor
amount of nodes at initialization, this patch alters the two tests:
Build a fully connected set of nodes and one addition node (the first
node). Connect the first node to a single node of the fully connected
set (simulating a boot node). Continue as done previously.
Co-authored-by: Roman Borschel <romanb@users.noreply.github.com>
When not making progress for `parallelism` time a `ClosestPeersIter`
becomes `State::Stalled`. When stalled an iterator is allowed to make
more parallel requests up to `num_results`. If `num_results` is smaller
than `parallelism` make sure to still allow up to `parallelism` requests
in-flight.
Co-Authored-By: Roman Borschel <romanb@users.noreply.github.com>
* feat: allow sent messages seen as subscribed
minor feature to allow mimicing the behaviour expected by ipfs api tests.
* refactor: rename per review comments
* refactor: rename Floodsub::options to config
* chore: update changelog
* Update CHANGELOG.md
Co-Authored-By: Max Inden <mail@max-inden.de>
Co-authored-by: Max Inden <mail@max-inden.de>
Co-authored-by: Pierre Krieger <pierre.krieger1708@gmail.com>
A node receiving a `GetRecord` request first checks whether it has the
given record. If it does have the record it does not return closer
nodes.
A node that knows the record for the given key is likely within a
neighborhood of nodes that know the record as well. In addition the node
likely knows its neighboorhood well.
When querying for a key with a quorum of 1 the above behavior of only
returning the record but not any close peers is fine. Once one queries
with a higher quorum having a node respond with the record as well as
close nodes is likely going to speed up the query, given that the
returned peers probably know the record as well.
* [libp2p-swarm] Make the multiple connections per peer first-class.
This commit makes the notion of multiple connections per peer
first-class in the API of libp2p-swarm, introducing the new
callbacks `inject_connection_established` and
`inject_connection_closed`. The `endpoint` parameter from
`inject_connected` and `inject_disconnected` is removed,
since the first connection to open may not be the last
connection to close, i.e. it cannot be guaranteed,
as was previously the case, that the endpoints passed
to these callbacks match up.
* Have identify track all addresses.
So that identify requests can be answered with the correct
observed address of the connection on which the request
arrives.
* Cleanup
* Cleanup
* Improve the `Peer` state API.
* Remove connection ID from `SwarmEvent::Dialing`.
* Mark `DialPeerCondition` non-exhaustive.
* Re-encapsulate `NetworkConfig`.
To retain the possibility of not re-exposing all
network configuration choices, thereby providing
a more convenient API on the \`SwarmBuilder\`.
* Rework Swarm::dial API.
* Update CHANGELOG.
* Doc formatting tweaks.
Given that the order of `PeerId`s within the `GetProvidersOk.providers`
set is irrelevant but duplication is at best confusing this commit makes
use of a `HashSet` instead of a `Vec` to return unique `PeerId`s only.
* protocols/kad: Do not attempt to store expired record in record store
`Kademlia::record_received` calculates the expiration time of a record
before inserting it into the record store. Instead of inserting the
record into the record store in any case, with this patch the record is
only inserted if it is not expired. If the record is expired a
`KademliaHandlerIn::Reset` for the given (sub) stream is triggered.
This would serve as a tiny defense mechanism against an attacker trying
to fill a node's record store with expired records before the record
store's clean up procedure removes the records.
* protocols/kad: Send regular ack when record discarded due to expiration
With this commit the remote receives a
[`KademliaHandlerIn::PutRecordRes`] even in the case where the record is
discarded due to being expired. Given that the remote sent the local
node a [`KademliaHandlerEvent::PutRecord`] request, the remote perceives
the local node as one node among the k closest nodes to the target.
Returning a [`KademliaHandlerIn::Reset`] instead of an
[`KademliaHandlerIn::PutRecordRes`] to have the remote try another node
would only result in the remote node to contact an even more distant
node. In addition returning [`KademliaHandlerIn::PutRecordRes`] does not
reveal any internal information to a possibly malicious remote node.
* protocols/kad/src/behaviour: Use `now` and reword expiration comment
Co-authored-by: Roman Borschel <romanb@users.noreply.github.com>
* protocols/kad: Add test to reproduce right shift overflow panic
* protocols/kad: Fix right shift overflow panic in record_received
Within `Behaviour::record_received` the exponentially decreasing
expiration based on the distance to the target for a record is
calculated as following:
1. Calculate the amount of nodes between us and the record key beyond
the k replication constant as `n`.
2. Shift the configured record time-to-live `n` times to the right to
calculate an exponentially decreasing expiration.
The configured record time-to-live is a u64. If `n` is larger or equal
to 64 the right shift will lead to an overflow which panics in debug
mode.
This patch uses a checked right shift instead, defaulting to 0 (`now +
0`) for the expiration on overflow.
* protocols/kad: Put attribute below comment
* protocols/kad: Extract shifting logic and rework test
Extract right shift into isolated function and replace complex
regression test with small isolated one.
* protocols/kad/src/behaviour: Refactor exp_decr_expiration
Co-authored-by: Roman Borschel <romanb@users.noreply.github.com>
* Allow multiple connections per peer in libp2p-core.
Instead of trying to enforce a single connection per peer,
which involves quite a bit of additional complexity e.g.
to prioritise simultaneously opened connections and can
have other undesirable consequences [1], we now
make multiple connections per peer a feature.
The gist of these changes is as follows:
The concept of a "node" with an implicit 1-1 correspondence
to a connection has been replaced with the "first-class"
concept of a "connection". The code from `src/nodes` has moved
(with varying degrees of modification) to `src/connection`.
A `HandledNode` has become a `Connection`, a `NodeHandler` a
`ConnectionHandler`, the `CollectionStream` was the basis for
the new `connection::Pool`, and so forth.
Conceptually, a `Network` contains a `connection::Pool` which
in turn internally employs the `connection::Manager` for
handling the background `connection::manager::Task`s, one
per connection, as before. These are all considered implementation
details. On the public API, `Peer`s are managed as before through
the `Network`, except now the API has changed with the shift of focus
to (potentially multiple) connections per peer. The `NetworkEvent`s have
accordingly also undergone changes.
The Swarm APIs remain largely unchanged, except for the fact that
`inject_replaced` is no longer called. It may now practically happen
that multiple `ProtocolsHandler`s are associated with a single
`NetworkBehaviour`, one per connection. If implementations of
`NetworkBehaviour` rely somehow on communicating with exactly
one `ProtocolsHandler`, this may cause issues, but it is unlikely.
[1]: https://github.com/paritytech/substrate/issues/4272
* Fix intra-rustdoc links.
* Update core/src/connection/pool.rs
Co-Authored-By: Max Inden <mail@max-inden.de>
* Address some review feedback and fix doc links.
* Allow responses to be sent on the same connection.
* Remove unnecessary remainders of inject_replaced.
* Update swarm/src/behaviour.rs
Co-Authored-By: Pierre Krieger <pierre.krieger1708@gmail.com>
* Update swarm/src/lib.rs
Co-Authored-By: Pierre Krieger <pierre.krieger1708@gmail.com>
* Update core/src/connection/manager.rs
Co-Authored-By: Pierre Krieger <pierre.krieger1708@gmail.com>
* Update core/src/connection/manager.rs
Co-Authored-By: Pierre Krieger <pierre.krieger1708@gmail.com>
* Update core/src/connection/pool.rs
Co-Authored-By: Pierre Krieger <pierre.krieger1708@gmail.com>
* Incorporate more review feedback.
* Move module declaration below imports.
* Update core/src/connection/manager.rs
Co-Authored-By: Toralf Wittner <tw@dtex.org>
* Update core/src/connection/manager.rs
Co-Authored-By: Toralf Wittner <tw@dtex.org>
* Simplify as per review.
* Fix rustoc link.
* Add try_notify_handler and simplify.
* Relocate DialingConnection and DialingAttempt.
For better visibility constraints.
* Small cleanup.
* Small cleanup. More robust EstablishedConnectionIter.
* Clarify semantics of `DialingPeer::connect`.
* Don't call inject_disconnected on InvalidPeerId.
To preserve the previous behavior and ensure calls to
`inject_disconnected` are always paired with calls to
`inject_connected`.
* Provide public ConnectionId constructor.
Mainly needed for testing purposes, e.g. in substrate.
* Move the established connection limit check to the right place.
* Clean up connection error handling.
Separate connection errors into those occuring during
connection setup or upon rejecting a newly established
connection (the `PendingConnectionError`) and those
errors occurring on previously established connections,
i.e. for which a `ConnectionEstablished` event has
been emitted by the connection pool earlier.
* Revert change in log level and clarify an invariant.
* Remove inject_replaced entirely.
* Allow notifying all connection handlers.
Thereby simplify by introducing a new enum `NotifyHandler`,
used with a single constructor `NetworkBehaviourAction::NotifyHandler`.
* Finishing touches.
Small API simplifications and code deduplication.
Some more useful debug logging.
Co-authored-by: Max Inden <mail@max-inden.de>
Co-authored-by: Pierre Krieger <pierre.krieger1708@gmail.com>
Co-authored-by: Toralf Wittner <tw@dtex.org>
The `QueryId` type should be exported as it is used in the
`NetworkBehaviour::ProtocolsHandler` type of `Kademlia`.
`Kademlia::protocol_name` is added for convenience.
* Replace some remaining `AsRef` constraints for DHT keys with `Borrow`.
* Add a bit of debug/trace logging.
* Tiny refactoring and a debug assertion for the `bucket` module.
Secio's handshake reports unexpected EOF errors in two places.
Presumably because `std::io::ErrorKind::UnexpectedEof` did not exist
when secio was first implemented, `ErrorKind::BrokenPipe` is used
for this error. Since we nowadays have `UnexpectedEof` at our disposal,
secio should use this more appropriate error kind.
* Grow noise buffers dynamically.
Currently we allocate a buffer of 176 KiB for each noise state, i.e.
each connection. For connections which see only small data frames
this is wasteful. At the same time we limit the max. write buffer size
to 16 KiB to keep the total buffer size relatively small, which
results in smaller encrypted messages and also makes it less likely to
ever encounter the max. noise package size of 64 KiB in practice when
communicating with other nodes using the same implementation.
This PR repaces the static buffer allocation with a dynamic one. We
only reserve a small space for the authentication tag plus some extra
reserve and are able to buffer larger data frames before encrypting.
* Grow write buffer from offset.
As suggested by @mxinden, this prevents increasing the write buffer up
to MAX_WRITE_BUF_LEN.
Co-authored-by: Pierre Krieger <pierre.krieger1708@gmail.com>
* hmm...
* Switch snow resolver to default
* Fix documentation
* Use the sha2 crate for sha512 hashing
* Use ring on native
* Use different features on different targets
Co-authored-by: Pierre Krieger <pierre.krieger1708@gmail.com>
* Add gossipsub and ping
* Implement swarm key parsing from environment
* WIP remove stuff
* WIP remove more stuff
* Use gossipsub instead of floodsub
* Make ipfs example work with or without swarm key
* Add support for /ipfs/Qm1234 multiaddrs
* Add documentation for ipfs example
* Rename example to ipfs-private
* Fix comments
* Move EitherTransport into either.rs
And prettify imports of ipfs-private example
* Sanitize multiaddr before parsing
...and remove the "ipfs" protocol from multiaddr
* Remove TSubstream type parameter
...so that it works with current master
* PR feedback
use source instead of cause
* Fix broken links in rustdoc
This fixes all of the rustdoc warnings on nightly.
* Check documentation intra-link
* Fix config
* Fix bad indent
* Make nightly explicit
* More links fixes
* Fix link broken after master merge
Co-authored-by: Demi Obenour <48690212+DemiMarie-parity@users.noreply.github.com>
* Simplify trait bounds requirements
* More work
* Moar
* Finish
* Fix final tests
* More simplification
* Use separate traits for Inbound/Outbound
* Update gossipsub and remove warnings
* Add documentation to swarm
* Remove BoxSubstream
* Fix tests not compiling
* Fix stack overflow
* Address concerns
* For some reason my IDE ignored libp2p-kad
Instead of closing the connection on an error on the inbound substream
(both on `poll_next` as well as `poll_close`), one can set it to None
and depend on the remote to open an new one in case they have more data
to send.
Co-authored-by: Pierre Krieger <pierre.krieger1708@gmail.com>
* Add pnet protocol
copied from plaintext protocol, since that seems to be the closest match
* Minimalize the pnet protocol
* WIP private swarms with fixed key
* Different nonces for write and read
* Use per stream write buffer to avoid allocations
* Add parsing and formating of PSKs
* Directly call handshake
Also remove unneeded InboundUpgrade and OutboundUpgrade
* Add HandshakeError
* Add dedicated pnet example
* Add tests for PSK parsing and formatting
* Some more tests for the parsing, fail case
* Add fingerprint
To be able to check if a go-ipfs and rust-libp2p use the same key without
having to dump the actual key. Not sure if there is a spec for this anywhere,
but it is basically just copied from go-ipfs.
* Minimize dependencies and remove dead code
* Rename PSK to PreSharedKey and use pin_project
* Add crypt_writer
Basically a stripped down and modified version of async_std BufWriter that
also encrypts using the given cipher.
* cargo fmt
* Actually get rid of the Unpin requirement
* Rewrite flushing and remove written count from state
* Add docs for pnet/lib.rs
* Increase library version
* Remove pnet example
There will be a more elaborate and useful example in a different PR
* Return pending on pending...
also make doc text less ambiguous
* Add debug assertions to check invariants of poll_flush_buf
Also, clarify the invariants in the comments of that method
* Addressing #473 ... if I understood the ticket right, we want to pass through whatever the application provides as a topic identifier, leaving hashing (or not hashing) up to the application.
* Remove TopicDescriptor and use Topic newtype everywhere
* PR feedback
Use From<Topic> instead of Into<String>
Use impl Into<Topic> instead of Topic in public API
Co-authored-by: Peat Bakke <peat@peat.org>
* Create gossipsub crate - Basic template, borrowed from floodsub
* Add a GossipsubConfig struct and set up basic structures in the Gossipsub struct
* Begin implementation of join. Adds get_random_peers helper function and adds tests
* Implements gossipsub leave()
* Update publishMany to incorporate gossipsub mesh and fanout logic
* Use the gossipsub mesh for determining peer subscription
* Remove subscribed_topics field from the Gossipsub struct
* Rename gossipsubconfig to ProtocolConfig
* Implement the gossipsub control messages into the Codec's Encode/Decode and modifies GossipsubRpc
* Modify GossipsubActions to enums for succinctness.
* Modify the memcache to store Gossipsub messages
* Implement control message handling.
* Update control message handling to handle multiple messages.
* Handle received gossipsub messages using pre-built handlers.
* Remove excess connected peer hashmap
* Add extra peer mapping and consistent topic naming.
* Implement heartbeat, emit_gossip and send_graft_prune.
* Group logic in forwarding messages. Add messages to memcache.
* Add heartbeat timer and move location of helper function.
* Add gossipsub the libp2p workspace, makes layer structs public
* Add logging to gossipsub
- Adds the log crate and implements logging macros
- Specifies versions for external crates
* Add example chat for debugging purposes
* Implement #868 for gossipsub.
* Add rust documentation to gossipsub crate.
- Adds basic documentation, overview and examples to the gossipsub
crate.
* Re-introduce the initial heartbeat time config.
This commit also adds the inject_connected test.
* Add subscribe tests.
- Modifies `handle_received_subscriptions` to take a reference of
subscriptions
- Adds `test_subscribe`
- Adds `test_handle_received_subscriptions`
- Adds tests for the filter in `get_random_peers`
* Add Bug fixes and further testing for gossipsub.
- Corrects the tuple use of topic_hashes
- Corrects JOIN logic around fanout and adding peers to the mesh
- Adds test_unsubscribe
- Adds test_join
* Rename GossipsubMessage::msg_id -> id
* Add bug fix for handling disconnected peers.
* Implements (partially) #889 for Gossipsub.
* handle_iwant event count tests
* handle_ihave event count tests
* Move layer.rs tests into separate file.
* Implement clippy suggestions for gossipsub.
* Modify control message tests for specific types.
* Implement builder pattern for GossipsubConfig.
As suggested by @twittner - The builder pattern for building
GossipsubConfig struct is implemented.
* Package version updates as suggested by @twittner.
* Correct line lengths in gossipsub.
* Correct braces in found by @twittner.
* Implement @twittner's suggestions.
- Uses `HashSet` where applicable
- Update `FnvHashMap` to standard `HashMap`
- Uses `min` function in code simplification.
* Add NodeList struct to clarify topic_peers.
* Cleaner handling of messagelist
Co-Authored-By: AgeManning <Age@AgeManning.com>
* Cleaner handling of added peers.
Co-Authored-By: AgeManning <Age@AgeManning.com>
* handle_prune peer removed test
* basic grafting tests
* multiple topic grafting test
* Convert &vec to slice.
Co-Authored-By: AgeManning <Age@AgeManning.com>
* Convert to lazy insert.
Co-Authored-By: AgeManning <Age@AgeManning.com>
* Cleaner topic handling.
Co-Authored-By: AgeManning <Age@AgeManning.com>
* control pool piggybacking
using HashMap.drain() in control_pool_flush
going to squash this
* Add Debug derives to gossipsub and correct tests.
* changes from PR
squash this
all tests passing, but still some that need to be reconsidered
test reform
* Implements Arc for GossipsubRpc events
* Remove support for floodsub nodes
* Reconnected to disconnected peers, to mitigate timeout
* Use ReadOne WriteOne with configurable max gossip sizes
* Remove length delimination from RPC encoding
* Prevent peer duplication in mesh
* Allow oneshot handler's inactivity_timeout to be configurable
* Correct peer duplication in mesh bug
* Remove auto-reconnect to allow for user-level disconnects
* Single long-lived inbound/outbound streams to match go implementation
* Allow gossipsub topics to be optionally hashable
* Improves gossipsub stream handling
- Corrects the handler's keep alive.
- Correct the chat example.
- Instantly add peers to the mesh on subscription if the mesh is low.
* Allows message validation in gossipsub
* Replaces Cuckoofilter with LRUCache
The false positive rate was unacceptable for rejecting messages.
* Renames configuration parameter and corrects logic
* Removes peer from fanout on disconnection
* Add publish and fanout tests
* Apply @mxinden suggestions
* Resend message if outbound stream negotiated
- Downgrades log warnings
* Implement further reviewer suggestions
- Created associated functions to avoid unnecessary cloning
- Messages are rejected if their sequence numbers are not u64
- `GossipsbuConfigBuilder` has the same defaults as `GossipsubConfig`
- Miscellaneous typos
* Add MessageId type and remove unnecessary comments
* Add a return value to propagate_message function
* Adds user-customised gossipsub message ids
* Adds the message id to GossipsubEvent
* Implement Debug for GossipsubConfig
* protocols/gossipsub: Add basic smoke test
Implement a basic smoke test that:
1. Builds a fully connected graph of size N.
2. Subscribes each node to the same topic.
3. Publishes a single message.
4. Waits for all nodes to receive the above message.
N and the structure of the graph are reproducibly randomized via
Quickcheck.
* Corrections pointed out by @mxinden
* Add option to remove source id publishing
* protocols/gossipsub/tests/smoke: Remove unused variable
* Merge latest master
* protocols/gossipsub: Move to stable futures
* examples/gossipsub-chat.rs: Move to stable futures
* protocols/gossipsub/src/behaviour/tests: Update to stable futures
* protocols/gossipsub/tests: Update to stable futures
* protocols/gossipsub: Log substream errors
* protocols/gossipsub: Log outbound substream errors
* Remove rust-fmt formatting
* Shift to prost for protobuf compiling
* Use wasm_timer for wasm compatibility
Co-authored-by: Grant Wuerker <gwuerker@gmail.com>
Co-authored-by: Toralf Wittner <tw@dtex.org>
Co-authored-by: Pawan Dhananjay <pawandhananjay@gmail.com>
Co-authored-by: Max Inden <mail@max-inden.de>
Co-authored-by: Pierre Krieger <pierre.krieger1708@gmail.com>
