Dear Isaac, the protections against Sybil attacks are mostly the friend-to-friend mode (sybil nodes cannot get connections without social engineering) and the mitigation against the pitch black attack.
https://www.hyphanet.org/freenet-build-1492-released-video-diagnostics-pitch-black-plugins.html On opennet, the seednodes give some limited protection, because they rate-limit new nodes. There are tests to spin up private Hyphanet networks on which you can safely test attacks. Check the tests in https://github.com/hyphanet/fred/tree/next/src/freenet/node/simulator If you want to expand this, you could check whether you can recover and complete the faster simulations project: https://github.com/hyphanet/fred/pull/576 This is mainly blocked by being too big to be reviewed effectively and not being completed because the new employer of its dev prohibited doing copyleft work. It should enable spinning up networks of hundreds to thousands of real nodes for testing. Best wishes, Arne Isaac W <[email protected]> writes: > Also, I do not know of any currently employed protections against Sybil > attacks on Hyphanet. If there are any, these may significantly increase > the cost of executing one. > > On Thu, Jun 20, 2024 at 10:31 AM Isaac W <[email protected]> wrote: > > To whom it may concern, > > It seems that the cost of launching a successful Sybil attack on Hyphanet is > alarmingly low. I am wondering if it would be helpful to launch > bug bounties and fixes to address this issue. > > Unfortunately, white hat hacking a P2P network is difficult as it is > practically impossible to obtain permission from the entire community. > However, I believe these efforts, along with bug fixes would benefit the > massive vulnerability Freenet appears to possess. > > Thank you. > > Sincerely, > Isaac Weingrad -- Unpolitisch sein heißt politisch sein, ohne es zu merken. draketo.de
signature.asc
Description: PGP signature
