Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

11/WAKU2-RELAY: libp2p FloodSub & GossipSub: Security Analysis #61

Open
jimstir opened this issue Jun 13, 2024 · 0 comments
Open

11/WAKU2-RELAY: libp2p FloodSub & GossipSub: Security Analysis #61

jimstir opened this issue Jun 13, 2024 · 0 comments

Comments

@jimstir
Copy link
Collaborator

jimstir commented Jun 13, 2024

Reference Issue: vacp2p/rfc#245
Author: staheri14

Problem

To analyze the security of the libp2p FloodSub & GossipSub protocols based on vacp2p/rfc#244.
In this analysis, and for each security feature resulted from vacp2p/rfc#244 the following items should be investigated

  1. Attackers and their incentives
  2. Any security measures implemented by FloodSub & GossipSub protocols to address the attacks
  3. To list all the unaddressed threats
  4. To provide DOs and DONTs on how to use FloodSub and GossipSub in order to achieve a higher level of security. This can include any recommendation about activating/avoiding a certain feature/functionality of FloodSub & GossipSub protocols.

This issue is part of vacp2p/rfc#183

Acceptance Criteria

The result shall be a document describing the security guarantees featured by the FloodSub and GossibSub protocols, any instructions on how to activate/utilize those security features. Also, the document should explain the security properties that are out of the scope of these protocols or subject to attack.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant