📅 Original date posted:2017-02-13
📝 Original message:For the reasons Pieter listed, an explicit part of our version handshake and protocol negotiation is the exchange of otherwise-ignored messages to set up optional features.
Peers that do not support this ignore such messages, just as if they had indicated they wouldn't support it, see, eg BIP 152's handshake. Not sure why you consider this backwards incompatible, as I would say it's pretty clearly allowing old nodes to communicate just fine.
On February 13, 2017 10:36:21 AM GMT+01:00, Eric Voskuil via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
>On 02/13/2017 12:47 AM, Pieter Wuille wrote:
>> On Feb 12, 2017 23:58, "Eric Voskuil via bitcoin-dev"
>> <bitcoin-dev at lists.linuxfoundation.org wrote:
>>
>> The BIP151 proposal states:
>>
>> > This proposal is backward compatible. Non-supporting peers will
>ignore
>> the encinit messages.
>>
>> This statement is incorrect. Sending content that existing nodes
>do not
>> expect is clearly an incompatibility. An implementation that
>ignores
>> invalid content leaves itself wide open to DOS attacks. The
>version
>> handshake must be complete before the protocol level can be
>determined.
>> While it may be desirable for this change to precede the version
>> handshake it cannot be described as backward compatible.
>>
>> The worst possible effect of ignoring unknown messages is a waste of
>> downstream bandwidth. The same is already possible by being sent addr
>> messages.
>>
>> Using the protocol level requires a strict linear progression of
>> (allowed) network protocol features, which I expect to become harder
>and
>> harder to maintain.
>>
>> Using otherwise ignored messages for determining optional features is
>> elegant, simple and opens no new attack vectors. I think it's very
>much
>> preferable over continued increments of the protocol version.
>
>As I said, it *may* be desirable, but it is *not* backward compatible,
>and you do not actually dispute that above.
>
>There are other control messages that qualify as "optional messages"
>but
>these are only sent if the peer is at a version to expect them -
>explicit in their BIPs. All adopted BIPs to date have followed this
>pattern. This is not the same and it is not helpful to imply that it is
>just following that pattern.
>
>As for DOS, waste of bandwidth is not something to be ignored. If a
>peer
>is flooding a node with addr message the node can manage it because it
>understands the semantics of addr messages. If a node is required to
>allow any message that it cannot understand it has no recourse. It
>cannot determine whether it is under attack or if the behavior is
>correct and for proper continued operation must be ignored.
>
>This approach breaks any implementation that validates traffic, which
>is
>clearly correct behavior given the existence of the version handshake.
>Your comments make it clear that this is a *change* in network behavior
>- essentially abandoning the version handshake. Whether is is harder to
>maintain is irrelevant to the question of whether it is a break with
>existing protocol.
>
>If you intend for the network to abandon the version handshake and/or
>promote changes that break it I propose that you write up this new
>behavior as a BIP and solicit community feedback. There are a lot of
>devices connected to the network and it would be irresponsible to break
>something as fundamental as the P2P protocol handshake because you have
>a feeling it's going to be hard to maintain.
>
>e
Matt Corallo [ARCHIVE] /
npub1e4…jxmcu
2023-06-07 17:56:19
in reply to nevent1q…0wdj
Author Public Key
npub1e46n428mcyfwznl7nlsf6d3s7rhlwm9x3cmkuqzt3emmdpadmkaqqjxmcuPublished at
2023-06-07 17:56:19Event JSON
{
"id": "34a9bdd1b36bdec40be5cdb34c2122253bc1de52dd98851f71393143411f2f19",
"pubkey": "cd753aa8fbc112e14ffe9fe09d3630f0eff76ca68e376e004b8e77b687adddba",
"created_at": 1686160579,
"kind": 1,
"tags": [
[
"e",
"cbff203753ce17642721fa45f7480bf103aa00675e3916c38f06838d6b0d2661",
"",
"root"
],
[
"e",
"257aed6d3370df5adde53ba8ab74f7044727abe8f22542945b90297383001907",
"",
"reply"
],
[
"p",
"82205f272f995d9be742779a3c19a2ae08522ca14824c3a3b01525fb5459161e"
]
],
"content": "📅 Original date posted:2017-02-13\n📝 Original message:For the reasons Pieter listed, an explicit part of our version handshake and protocol negotiation is the exchange of otherwise-ignored messages to set up optional features.\n\nPeers that do not support this ignore such messages, just as if they had indicated they wouldn't support it, see, eg BIP 152's handshake. Not sure why you consider this backwards incompatible, as I would say it's pretty clearly allowing old nodes to communicate just fine.\n\nOn February 13, 2017 10:36:21 AM GMT+01:00, Eric Voskuil via bitcoin-dev \u003cbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\u003eOn 02/13/2017 12:47 AM, Pieter Wuille wrote:\n\u003e\u003e On Feb 12, 2017 23:58, \"Eric Voskuil via bitcoin-dev\"\n\u003e\u003e \u003cbitcoin-dev at lists.linuxfoundation.org wrote:\n\u003e\u003e \n\u003e\u003e The BIP151 proposal states:\n\u003e\u003e \n\u003e\u003e \u003e This proposal is backward compatible. Non-supporting peers will\n\u003eignore\n\u003e\u003e the encinit messages.\n\u003e\u003e \n\u003e\u003e This statement is incorrect. Sending content that existing nodes\n\u003edo not\n\u003e\u003e expect is clearly an incompatibility. An implementation that\n\u003eignores\n\u003e\u003e invalid content leaves itself wide open to DOS attacks. The\n\u003eversion\n\u003e\u003e handshake must be complete before the protocol level can be\n\u003edetermined.\n\u003e\u003e While it may be desirable for this change to precede the version\n\u003e\u003e handshake it cannot be described as backward compatible.\n\u003e\u003e \n\u003e\u003e The worst possible effect of ignoring unknown messages is a waste of\n\u003e\u003e downstream bandwidth. The same is already possible by being sent addr\n\u003e\u003e messages.\n\u003e\u003e \n\u003e\u003e Using the protocol level requires a strict linear progression of\n\u003e\u003e (allowed) network protocol features, which I expect to become harder\n\u003eand\n\u003e\u003e harder to maintain.\n\u003e\u003e \n\u003e\u003e Using otherwise ignored messages for determining optional features is\n\u003e\u003e elegant, simple and opens no new attack vectors. I think it's very\n\u003emuch\n\u003e\u003e preferable over continued increments of the protocol version.\n\u003e\n\u003eAs I said, it *may* be desirable, but it is *not* backward compatible,\n\u003eand you do not actually dispute that above.\n\u003e\n\u003eThere are other control messages that qualify as \"optional messages\"\n\u003ebut\n\u003ethese are only sent if the peer is at a version to expect them -\n\u003eexplicit in their BIPs. All adopted BIPs to date have followed this\n\u003epattern. This is not the same and it is not helpful to imply that it is\n\u003ejust following that pattern.\n\u003e\n\u003eAs for DOS, waste of bandwidth is not something to be ignored. If a\n\u003epeer\n\u003eis flooding a node with addr message the node can manage it because it\n\u003eunderstands the semantics of addr messages. If a node is required to\n\u003eallow any message that it cannot understand it has no recourse. It\n\u003ecannot determine whether it is under attack or if the behavior is\n\u003ecorrect and for proper continued operation must be ignored.\n\u003e\n\u003eThis approach breaks any implementation that validates traffic, which\n\u003eis\n\u003eclearly correct behavior given the existence of the version handshake.\n\u003eYour comments make it clear that this is a *change* in network behavior\n\u003e- essentially abandoning the version handshake. Whether is is harder to\n\u003emaintain is irrelevant to the question of whether it is a break with\n\u003eexisting protocol.\n\u003e\n\u003eIf you intend for the network to abandon the version handshake and/or\n\u003epromote changes that break it I propose that you write up this new\n\u003ebehavior as a BIP and solicit community feedback. There are a lot of\n\u003edevices connected to the network and it would be irresponsible to break\n\u003esomething as fundamental as the P2P protocol handshake because you have\n\u003ea feeling it's going to be hard to maintain.\n\u003e\n\u003ee",
"sig": "94d13209d1b21630a9b989b55bb33d3ed83caafe80b13a111709181882cf146b83c85d392b29ef72e11ecc485096726255c1837f17681d2022f12cfcd9f4e3ad"
}