fix(comms/dht)!: limit number of peer claims and addresses for all so…

…urces

applications/minotari_app_grpc/proto/network.proto

@@ -31,7 +31,7 @@ message NodeIdentity {
     bytes node_id = 3;
 }
 
-message Peer{
+message Peer {
     /// Public key of the peer
     bytes public_key =1;
     /// NodeId of the peer
@@ -46,7 +46,7 @@ message Peer{
     string banned_reason= 7;
     google.protobuf.Timestamp offline_at = 8;
     /// Features supported by the peer
-    uint64 features = 9;
+    uint32 features = 9;
     /// used as information for more efficient protocol negotiation.
     repeated bytes supported_protocols = 11;
     /// User agent advertised by the peer

applications/minotari_app_grpc/src/conversions/peer.rs

@@ -63,12 +63,12 @@ impl From<Peer> for grpc::Peer {
 impl From<MultiaddrWithStats> for grpc::Address {
     fn from(address_with_stats: MultiaddrWithStats) -> Self {
         let address = address_with_stats.address().to_vec();
-        let last_seen = match address_with_stats.last_seen {
+        let last_seen = match address_with_stats.last_seen() {
             Some(v) => v.to_string(),
             None => String::new(),
         };
-        let connection_attempts = address_with_stats.connection_attempts;
-        let avg_latency = address_with_stats.avg_latency.as_secs();
+        let connection_attempts = address_with_stats.connection_attempts();
+        let avg_latency = address_with_stats.avg_latency().as_secs();
         Self {
             address,
             last_seen,

applications/minotari_node/src/commands/command/get_peer.rs

@@ -90,14 +90,14 @@ impl CommandContext {
                 println!(
                     "- {} Score: {}  - Source: {} Latency: {:?} - Last Seen: {} - Last Failure:{}",
                     a.address(),
-                    a.quality_score,
-                    a.source,
-                    a.avg_latency,
-                    a.last_seen
+                    a.quality_score(),
+                    a.source(),
+                    a.avg_latency(),
+                    a.last_seen()
                         .as_ref()
                         .map(|t| t.to_string())
                         .unwrap_or_else(|| "Never".to_string()),
-                    a.last_failed_reason.as_ref().unwrap_or(&"None".to_string())
+                    a.last_failed_reason().unwrap_or("None")
                 );
             });
             println!("User agent: {}", peer.user_agent);

base_layer/p2p/src/initialization.rs

@@ -555,11 +555,11 @@ impl ServiceInitializer for P2pInitializer {
             })
             .set_liveness_check(config.listener_liveness_check_interval);
 
-        if config.allow_test_addresses || config.dht.allow_test_addresses {
+        if config.allow_test_addresses || config.dht.peer_validator_config.allow_test_addresses {
             // The default is false, so ensure that both settings are true in this case
             config.allow_test_addresses = true;
-            config.dht.allow_test_addresses = true;
             builder = builder.allow_test_addresses();
+            config.dht.peer_validator_config = builder.peer_validator_config().clone();
         }
 
         let (comms, dht) = configure_comms_and_dht(builder, &config, connector).await?;

base_layer/p2p/src/services/liveness/service.rs

@@ -575,7 +575,7 @@ mod test {
         let msg = create_dummy_message(PingPongMessage::pong_with_metadata(123, metadata.clone()));
 
         state.add_inflight_ping(
-            msg.inner.as_ref().map(|i| i.nonce.clone()).unwrap(),
+            msg.inner.as_ref().map(|i| i.nonce).unwrap(),
             msg.source_peer.node_id.clone(),
         );
 

base_layer/wallet/src/storage/sqlite_db/wallet.rs

@@ -303,7 +303,7 @@ impl WalletSqliteDatabase {
 
     fn get_comms_features(&self, conn: &mut SqliteConnection) -> Result<Option<PeerFeatures>, WalletStorageError> {
         if let Some(key_str) = WalletSettingSql::get(&DbKey::CommsFeatures, conn)? {
-            let features = u64::from_str(&key_str).map_err(|e| WalletStorageError::ConversionError(e.to_string()))?;
+            let features = u32::from_str(&key_str).map_err(|e| WalletStorageError::ConversionError(e.to_string()))?;
             let peer_features = PeerFeatures::from_bits(features);
             Ok(peer_features)
         } else {

comms/core/src/bans.rs

@@ -0,0 +1,27 @@
+// // Copyright 2023. The Tari Project
+// //
+// // Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
+// // following conditions are met:
+// //
+// // 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the
+// following // disclaimer.
+// //
+// // 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
+// // following disclaimer in the documentation and/or other materials provided with the distribution.
+// //
+// // 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote
+// // products derived from this software without specific prior written permission.
+// //
+// // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+// // INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+// // DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+// // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+// // USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+use std::time::Duration;
+
+// TODO: consolidate ban durations
+pub const BAN_DURATION_LONG: Duration = Duration::from_secs(2 * 60 * 60);
+pub const BAN_DURATION_SHORT: Duration = Duration::from_secs(2 * 60);

comms/core/src/builder/mod.rs

@@ -46,6 +46,7 @@ use crate::{
     connectivity::{ConnectivityConfig, ConnectivityRequester},
     multiaddr::Multiaddr,
     peer_manager::{NodeIdentity, PeerManager},
+    peer_validator::PeerValidatorConfig,
     protocol::{NodeNetworkInfo, ProtocolExtensions},
     tor,
     types::CommsDatabase,
@@ -195,10 +196,31 @@ impl CommsBuilder {
             target: "comms::builder",
             "Test addresses are enabled! This is invalid and potentially insecure when running a production node."
         );
-        self.connection_manager_config.allow_test_addresses = true;
+        self.connection_manager_config
+            .peer_validation_config
+            .allow_test_addresses = true;
         self
     }
 
+    /// Sets the PeerValidatorConfig - this will override previous calls to allow_test_addresses() with the value in
+    /// peer_validator_config.allow_test_addresses
+    pub fn with_peer_validator_config(mut self, config: PeerValidatorConfig) -> Self {
+        #[cfg(not(debug_assertions))]
+        if config.allow_test_addresses {
+            log::warn!(
+                target: "comms::builder",
+                "Test addresses are enabled! This is invalid and potentially insecure when running a production node."
+            );
+        }
+        self.connection_manager_config.peer_validation_config = config;
+        self
+    }
+
+    /// Returns the PeerValidatorConfig set in this builder
+    pub fn peer_validator_config(&self) -> &PeerValidatorConfig {
+        &self.connection_manager_config.peer_validation_config
+    }
+
     /// Sets the address that the transport will listen on. The address must be compatible with the transport.
     pub fn with_listener_address(mut self, listener_address: Multiaddr) -> Self {
         self.connection_manager_config.listener_address = listener_address;