Skip to content

Scope Discovery: Custom Kad-DHT + Connection Gating #4939

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: dev
Choose a base branch
from
Draft

Scope Discovery: Custom Kad-DHT + Connection Gating #4939

wants to merge 2 commits into from

Conversation

@sunwavesun
Copy link
Contributor

@sunwavesun sunwavesun commented Aug 13, 2025
edited
Loading

Problems

  1. Nodes discover unrelated ecosystems via broad/public discovery, leading to thousands of extra peers and off-namespace PubSub subscriptions.
  2. Resource pressure (FDs/CPU/memory) correlates with dial failures like failed to negotiate security protocol: EOF.

Rationale

A custom Kad-DHT protocol prefix isolates our routing table from the public DHT and keeps discovery Harmony-only.

Connection gating blocks or immediately tears down non-Harmony peers at the transport layer (pre-dial/accept and post-identify), preserving capacity for legitimate Harmony traffic.

Changes

  • Add config for a Harmony-scoped DHT prefix (default: /harmony/kad/1.0.0) and use only configured Harmony bootnodes.
  • Implement connection gating:
    • Pre-dial / inbound-accept policy to allow only vetted peers/addresses (e.g., Harmony bootnodes/validators).
    • Post-identify filter: require advertised Harmony protocol IDs / chain marker; close non-conforming peers and purge their addrs from the peerstore.
    • Basic metrics/logging for gated/closed peers to validate effectiveness.

Notes:
No changes to PubSub topics, scoring, or connmgr here (follow-ups if needed).

Rollout

  1. Bootnodes first: enable dual-prefix (old + new) to avoid partitions.
  2. Validators/regular nodes: switch to the new prefix; verify peer counts and dial success.
  3. Converge (a new PR required): remove the old prefix on bootnodes after majority adoption.
  4. Enable connection gating in “observe” or permissive mode (log only), then tighten to enforce close policies once metrics look healthy.

Success criteria

  • Peerstore and active connections drop to expected ranges; off-namespace subscriptions materially reduced.
  • Non-Harmony peers are rejected at connect or immediately post-identify (visible in gating metrics).
  • Dial success rate to Harmony peers improves; handshake EOFs materially reduced.

@sunwavesun sunwavesun self-assigned this Aug 13, 2025
@sunwavesun sunwavesun changed the title Constrain Discovery: Custom DHT Namespace + Rendezvous Scope Discovery: Custom Kad-DHT + Connection Gating Aug 13, 2025
@mur-me
Copy link
Collaborator

mur-me commented Aug 14, 2025
edited
Loading

Hey, tests are failing with

p2p/host.go:394:31: cannot use disc.GetRawDiscovery() (value of type []"github.com/libp2p/go-libp2p/core/discovery".Discovery) as "github.com/libp2p/go-libp2p/core/discovery".Discovery value in argument to libp2p_pubsub.WithDiscovery: []"github.com/libp2p/go-libp2p/core/discovery".Discovery does not implement "github.com/libp2p/go-libp2p/core/discovery".Discovery (missing method Advertise)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sunwavesun sunwavesun

Labels

discovery

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sunwavesun @mur-me