Hi Elias, Thanks for sharing the links.
I have also started working on a simple chrome extension which connects to local bitcoin core and checks IP address of all peers for prefix length and other things. I would highlight peers with different colors based on certain things in this extension. https://github.com/1440000bytes/bitcoin-core-extension /dev/fd0 Sent with Proton Mail secure email. ------- Original Message ------- On Friday, June 10th, 2022 at 6:44 AM, Elias Rohrer <btcde...@tnull.de> wrote: > Hi alicexbt, > > Routing attacks have actually been studied quite a bit in literature. > > You may be interested in the research articles of Maria Apostolaki et > al.[1,2], Muoi Tran et al.[3], and related works. > > Best, > > Elias > > 1: https://arxiv.org/pdf/1605.07524.pdf > [2]: https://arxiv.org/pdf/1808.06254.pdf > [3]: https://allquantor.at/blockchainbib/pdf/tran2020stealthier.pdf > > On 9 Jun 2022, at 20:24, alicexbt via bitcoin-dev wrote: > > > Hi Bitcoin Developers, > > > > Based on this answer from 2014, bitcoin nodes are vulnerable to BGP > > hijacking. There was an incident in March 2022, twitter prefix was hijacked > > and details are shared in 2 blog posts: > > > > https://isc.sans.edu/diary/rss/28488 > > > > https://www.manrs.org/2022/03/lesson-learned-twitter-shored-up-its-routing-security/ > > > > 'nusenu' had written an article about Tor network being vulnerable to BGP > > hijacking attacks: > > https://nusenu.medium.com/how-vulnerable-is-the-tor-network-to-bgp-hijacking-attacks-56d3b2ebfd92 > > > > After doing some research I found that RPKI ROA and BGP prefix length can > > help against BGP hijacking attacks. I checked BGP prefix length and RPKI > > ROA for first 10 IP addresses returned in `getnodeaddresses` in bitcoin > > core and it had vulnerable results. > > > > https://i.stack.imgur.com/KD7jH.png > > > > Has anyone written a detailed blog post or research article like nusenu? If > > not I would be interested to write one in next couple of weeks? > > Looking for some "technical" feedback, links if this was already discussed > > in past with some solutions. > > > > /dev/fd0 > > > > Sent with Proton Mail secure email. > > > > _______________________________________________ > > bitcoin-dev mailing list > > bitcoin-dev@lists.linuxfoundation.org > > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
