SlideShare a Scribd company logo

Enter Gossipsub, A scalable, extensible & hardened P2P PubSub Router protocol

David Dias
David Dias

Talk delivered at the Matrix.org Virtual Meetup

Engineering
1 of 63
Download to read offline
Enter Gossipsub A scalable, extensible & hardened P2P PubSub Router protocol David Dias david@protocol.ai
• 1) Motivation for P2P PubSub • 2) Evolution of libp2p PubSub: FloodSub -> RandomSub -> GossipSub • 3) Hardening GossipSub • 4) What’s next (or left❕) Agenda
• 1) Motivation for P2P PubSub • 2) Evolution of libp2p PubSub: FloodSub -> RandomSub -> GossipSub • 3) 🌟 Hardening GossipSub • 4) 🌟 What’s next (or left❕) Agenda
Motivation for P2P PubSub
Enable Real-Time Applications on the IPFS/libp2p Network
To create the rich experience we got used with the Web 2.0
Without relying on any piece of centralised infrastructure
• Message oriented comms —> Simple to understand • Support for different Topologies —> Multiple types of interaction patterns • Loose coupling —> Separation of concerns • Scalable —> Adapts as your network grows PubSub key benefits
• Permission-less network —> can’t control who joins/leaves • Network topology is bottom up (e.g. broker-less) • Network churn • Optimizing for Latency, Bandwidth, Delivery Guarantees is about tradeoffs • Malicious Actors 😈 The challenges of building P2P PubSub System
Evolution of libp2p PubSub
• libp2p-pubsub is an interface • It enables libp2p to support multiple PubSub router implementations libp2p-pubsub Floodsub TCP Gossipsub Bring your own! QUIC WebRTC Bluetooth Websocket
The first router - Floodsub
• Simplest possible protocol • Ambient Peer Discovery (i.e. IPFS Main Network’s DHT) • Routing is achieved by Flooding Floodsub
Floodsub
Floodsub
Floodsub
Floodsub
Floodsub
• Pros ◦ Simple to implement ◦ Very robust (even with high network churn) ◦ Minimum latency • Cons ◦ (Really) Bandwidth inefficient ◦ Unbounded degree flooding (wastes a lot of resources) Floodsub
Floodsub • 100 peers • 5 msgs/s • Run for 2s • Time expansion 10x for viz
A stepping stone - Randomsub
• Experiment to see how the Network performed if we did message forwarding at random • Pros ◦ Still simple to implement ◦ Less bandwidth intensive • Cons ◦ Creates dark spots (nodes that don’t get the messages) • Note, this implementation wasn’t spec’ed, it was done as an experiment Randomsub
Current generation - Gossipsub 🌟
• Trades latency for bandwidth efficiency • Self-stabilising algorithm (nodes cooperate with each other) • Support for protocol extensions Gossipsub
• Nodes construct meshes for message propagation pseudo-randomly • Nodes spread metadata to let other peers know of what we have seen (gossip!) Gossipsub - Hybrid of 2 Networks
• Reciprocal peering agreements between nodes • A node mesh is the nodes that it has peering agreements with • Notes connect to D (degree, default 6) nodes Gossipsub - Full Message Network
• Dense network • Nodes inform others of their local observed state through Gossip • Nodes inform others of what they have received or what they are missing Gossipsub - Metadata Network
• Nodes keep a partial view of the network • Nodes announce their subscriptions on joining the network • Subscriptions are updated through the lifetime of the node Gossipsub - Subscribing & Unsubscribing When a node joins Overtime
• GRAFT’ing - “I want to me part of your reciprocal full message” • If the peer rejects, the other node still knows that I’m interested in that topic and therefore will send me metadata • PRUNE’ing - Dissolve a previous reciprocal full message agreement. Gossipsub - GRAFT’ing & PRUNE’ing
• Gossipsub has support for custom message validators • As messages are received, these can be validated before being forwarded Gossipsub - Message Validators
• Local state (Subscription changes, Activity and more) • IHAVE - Share what we have + what we have seen • IWANT - Used when peers request a message they learn about and that they haven’t received yet Gossipsub - Gossip Messages
• Regular the mesh degree (GRAFT/PRUNE peers to hit the desired degree) • Emit gossip for each topic • Slice the message caches • Heartbeat is done at every EPOCH and piggybacked on regular messages if possible Gossipsub - Heartbeat
Gossipsub • 100 peers • 5 msgs/s • Run for 2s • Time expansion 10x for viz
Floodsub vs. Gossipsub Generated using https://github.com/vyzo/gerbil-simsub/
• Real-Time updates • Resiliency to network churn • Adjustable tradeoffs (bandwidth vs. latency) • Scales to large networks Recap: What libp2p Pubsub with Gossipsub gives us
Hardening Gossipsub
Hardening Gossipsub v1.1
Class of attacks
Class of attack - Sybil Attack 😈 😈 😈 😈 • When nodes join with the intent of causing harm • Can squat areas of the network • Can degrade the quality of the service
Class of attack - Eclipse Attack • When a node controls what other nodes in the network see/get 😈 1 2 2 ⁉ 😕 🙄 3
Class of attack - Spam Attack 😈 😵 😈 😈 • Bombard a node with work until it chokes itself (~equivalent to the Denial of Service attacks)
Mitigation Strategies
The spec is a joy to read ✨
Mitigation - Peer Scoring • Each Peer maintains a score for each other peer • The score is the summation of each parameter P multiplied by their weight W to the topic weight T Score(p) = Σtᵢ*(w₁(tᵢ)*P₁(tᵢ) + w₂(tᵢ)*P₂(tᵢ) + w₃(tᵢ)*P₃(tᵢ) + w₃b(tᵢ)*P₃b(tᵢ) + w₄(tᵢ)*P₄(tᵢ)) + w₅*P₅ + w₆*P₆ • Thresholds (all negative thresholds) ◦ 0, the baseline threshold - peers with score below this threshold are pruned from mesh ◦ gossip threshold - peers below this threshold don’t receive gossip ◦ publish threshold - peers below this threshold don’t receive flood publishing (optional) ◦ graylist threshold - peers below this threshold get their RPCs ignored • Parameters ◦ P₁: Time in Mesh for a topic. ◦ P₂: First Message Deliveries for a topic. ◦ P₃: (Expected) Mesh Message Delivery Rate for a topic. ◦ P₄: Invalid Messages for a topic. ◦ P₅: Application Specific score. ◦ P₆: IP Colocation Factor.
Mitigation - Flood Publishing • Flood publish to peers that are a certain publish threshold score • This means that self publish messages are published to peers that beyond our mesh and instead, get sent to every peer we are connected and interested in topic and that are above the publish threshold score • The publish threshold is used to decide
Mitigation - Peer Exchange on Prune • When a node gets Prune’ed, it receives of other candidate peers • This is a way to rely less on Ambient Peer Discovery and use the Gossipsub network to do the PeerDiscovery itself
Mitigation - Spam Protections • GRAFT messages for unknown topics are ignored (vs. v1.0 would respond with PRUNE) • IWANT responses are rate limited • If spam is observed, it impacts the Score of the peer
Mitigation - Explicit Peering Agreements • Establish direct connection agreements to keep connections always open • Great between nodes that are federated or have any special reason to always be connected
We are not done just yet❕
• Test Plan - Benchmarking ◦ Test Case 0: Establishing the baseline of Gossipsub • Test Plan - Resilience in Adversarial environments ◦ Test Case 1: DoS & Quiet GRAFT Attack ◦ Test Case 2: Sybil Attack - Network Degradation & Squatting ◦ Test Case 3: Sybil Attack - Sybils are generated in a small pool of IPs ◦ Test Case 4: Eclipse Attack against a Target - Distributed GRAFT Attack ◦ Test Case 5: Eclipse Attack - Eclipse the entire Network ◦ Test Case 6: Cold Boot Attack ◦ Test Case 7: DoS (Denial of Service) Attack - Target a set of nodes and get them to halt operation by exhausting their resources ◦ Test Case 8: Covert flash Attack ◦ Test Case 9: Consensus & Timing Attack ◦ Test Case 10: SPAM Attack - IWANT Spam ◦ Test Case 11: SPAM Attack - GRAFT Spam ◦ Test Case 12: SPAM Attack - Invalid Message Spam GossipSub Evaluation Plan
Interested? Onboarding session coming soon, stay tuned
Jupyter Integration into Testground 1) Open Test Plan 2) Adjust the parameters 3) Run and visualise the results! We are producing a Gossipsub report to be available soon™
Wrapping up 🎁
You can try it today!
@vyzo @yusefnapora @dirkmc @yiannisbot @daviddias @agemanning @jbenet@whyrusleeping@stebalien @raulk@jamesray1@vasco-santos @lgierth And many others that have contributed by reviewing the spec, opening issues and testing the code ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤❤❤ ❤ ❤ ❤ ❤ ❤❤
Thank you! David Dias david@protocol.ai Join the discussion ◦ Chat at #libp2p in freenode (with a matrix.org bridge!) ◦ Forum at https://discuss.libp2p.io/

Recommended

2021 ZAP Automation in CI/CD
2021 ZAP Automation in CI/CD2021 ZAP Automation in CI/CD
2021 ZAP Automation in CI/CDSimon Bennetts
 
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)Marco Balduzzi
 
R2서버정진욱
R2서버정진욱R2서버정진욱
R2서버정진욱jungjinwouk
 
Building Advanced XSS Vectors
Building Advanced XSS VectorsBuilding Advanced XSS Vectors
Building Advanced XSS VectorsRodolfo Assis (Brute)
 
OWASP API Security Top 10 Examples
OWASP API Security Top 10 ExamplesOWASP API Security Top 10 Examples
OWASP API Security Top 10 Examples42Crunch
 
Live Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigLive Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigFrans Rosén
 
Secure Session Management
Secure Session ManagementSecure Session Management
Secure Session ManagementGuidePoint Security, LLC
 
A Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakA Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakSoroush Dalili
 

Recommended

2021 ZAP Automation in CI/CD
2021 ZAP Automation in CI/CD2021 ZAP Automation in CI/CD
2021 ZAP Automation in CI/CDSimon Bennetts
 
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)Marco Balduzzi
 
R2서버정진욱
R2서버정진욱R2서버정진욱
R2서버정진욱jungjinwouk
 
Building Advanced XSS Vectors
Building Advanced XSS VectorsBuilding Advanced XSS Vectors
Building Advanced XSS VectorsRodolfo Assis (Brute)
 
OWASP API Security Top 10 Examples
OWASP API Security Top 10 ExamplesOWASP API Security Top 10 Examples
OWASP API Security Top 10 Examples42Crunch
 
Live Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigLive Hacking like a MVH – A walkthrough on methodology and strategies to win big
Live Hacking like a MVH – A walkthrough on methodology and strategies to win bigFrans Rosén
 
Secure Session Management
Secure Session ManagementSecure Session Management
Secure Session ManagementGuidePoint Security, LLC
 
A Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakA Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakSoroush Dalili
 
게임서버프로그래밍 #1 - IOCP
게임서버프로그래밍 #1 - IOCP게임서버프로그래밍 #1 - IOCP
게임서버프로그래밍 #1 - IOCPSeungmo Koo
 
SSO With APEX and ADFS the weblogic way
SSO With APEX and ADFS the weblogic waySSO With APEX and ADFS the weblogic way
SSO With APEX and ADFS the weblogic waymakker_nl
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerKHNOG
 
Time based CAPTCHA protected SQL injection through SOAP-webservice
Time based CAPTCHA protected SQL injection through SOAP-webserviceTime based CAPTCHA protected SQL injection through SOAP-webservice
Time based CAPTCHA protected SQL injection through SOAP-webserviceFrans Rosén
 
MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2Yaser Rahmati
 
Same origin policy
Same origin policySame origin policy
Same origin policyVivek Madurai
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryDaniel Miessler
 
Netflix: From Clouds to Roots
Netflix: From Clouds to RootsNetflix: From Clouds to Roots
Netflix: From Clouds to RootsBrendan Gregg
 
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" Peter Hlavaty
 
AllDayDevOps ZAP automation in CI
AllDayDevOps ZAP automation in CIAllDayDevOps ZAP automation in CI
AllDayDevOps ZAP automation in CISimon Bennetts
 
HTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsHTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsneexemil
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기NAVER D2
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikGLC Networks
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing TechniquesAvinash Thapa
 
Resumable File Upload API using GridFS and TUS
Resumable File Upload API using GridFS and TUSResumable File Upload API using GridFS and TUS
Resumable File Upload API using GridFS and TUSkhangtoh
 
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEX
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEXORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEX
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEXCesar Pineda
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikGLC Networks
 
Secure Code Warrior - CRLF injection
Secure Code Warrior - CRLF injectionSecure Code Warrior - CRLF injection
Secure Code Warrior - CRLF injectionSecure Code Warrior
 
Outrageous Performance: RageDB's Experience with the Seastar Framework
Outrageous Performance: RageDB's Experience with the Seastar FrameworkOutrageous Performance: RageDB's Experience with the Seastar Framework
Outrageous Performance: RageDB's Experience with the Seastar FrameworkScyllaDB
 
What should a hacker know about WebDav?
What should a hacker know about WebDav?What should a hacker know about WebDav?
What should a hacker know about WebDav?Mikhail Egorov
 
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama ElhamerBSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama ElhamerShellmates
 
IP Multicast Routing
IP Multicast RoutingIP Multicast Routing
IP Multicast RoutingPedro De Almeida
 

More Related Content

What's hot

게임서버프로그래밍 #1 - IOCP
게임서버프로그래밍 #1 - IOCP게임서버프로그래밍 #1 - IOCP
게임서버프로그래밍 #1 - IOCPSeungmo Koo
 
SSO With APEX and ADFS the weblogic way
SSO With APEX and ADFS the weblogic waySSO With APEX and ADFS the weblogic way
SSO With APEX and ADFS the weblogic waymakker_nl
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerKHNOG
 
Time based CAPTCHA protected SQL injection through SOAP-webservice
Time based CAPTCHA protected SQL injection through SOAP-webserviceTime based CAPTCHA protected SQL injection through SOAP-webservice
Time based CAPTCHA protected SQL injection through SOAP-webserviceFrans Rosén
 
MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2Yaser Rahmati
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryDaniel Miessler
 
Netflix: From Clouds to Roots
Netflix: From Clouds to RootsNetflix: From Clouds to Roots
Netflix: From Clouds to RootsBrendan Gregg
 
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" Peter Hlavaty
 
AllDayDevOps ZAP automation in CI
AllDayDevOps ZAP automation in CIAllDayDevOps ZAP automation in CI
AllDayDevOps ZAP automation in CISimon Bennetts
 
HTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsHTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsneexemil
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기NAVER D2
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikGLC Networks
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing TechniquesAvinash Thapa
 
Resumable File Upload API using GridFS and TUS
Resumable File Upload API using GridFS and TUSResumable File Upload API using GridFS and TUS
Resumable File Upload API using GridFS and TUSkhangtoh
 
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEX
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEXORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEX
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEXCesar Pineda
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikGLC Networks
 
Secure Code Warrior - CRLF injection
Secure Code Warrior - CRLF injectionSecure Code Warrior - CRLF injection
Secure Code Warrior - CRLF injectionSecure Code Warrior
 
Outrageous Performance: RageDB's Experience with the Seastar Framework
Outrageous Performance: RageDB's Experience with the Seastar FrameworkOutrageous Performance: RageDB's Experience with the Seastar Framework
Outrageous Performance: RageDB's Experience with the Seastar FrameworkScyllaDB
 
What should a hacker know about WebDav?
What should a hacker know about WebDav?What should a hacker know about WebDav?
What should a hacker know about WebDav?Mikhail Egorov
 

What's hot (20)

게임서버프로그래밍 #1 - IOCP
게임서버프로그래밍 #1 - IOCP게임서버프로그래밍 #1 - IOCP
게임서버프로그래밍 #1 - IOCP
 
SSO With APEX and ADFS the weblogic way
SSO With APEX and ADFS the weblogic waySSO With APEX and ADFS the weblogic way
SSO With APEX and ADFS the weblogic way
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User Manager
 
Time based CAPTCHA protected SQL injection through SOAP-webservice
Time based CAPTCHA protected SQL injection through SOAP-webserviceTime based CAPTCHA protected SQL injection through SOAP-webservice
Time based CAPTCHA protected SQL injection through SOAP-webservice
 
MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2
 
Same origin policy
Same origin policySame origin policy
Same origin policy
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
 
Netflix: From Clouds to Roots
Netflix: From Clouds to RootsNetflix: From Clouds to Roots
Netflix: From Clouds to Roots
 
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
 
AllDayDevOps ZAP automation in CI
AllDayDevOps ZAP automation in CIAllDayDevOps ZAP automation in CI
AllDayDevOps ZAP automation in CI
 
HTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsHTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versions
 
[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기[245] presto 내부구조 파헤치기
[245] presto 내부구조 파헤치기
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with Mikrotik
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing Techniques
 
Resumable File Upload API using GridFS and TUS
Resumable File Upload API using GridFS and TUSResumable File Upload API using GridFS and TUS
Resumable File Upload API using GridFS and TUS
 
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEX
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEXORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEX
ORACLE LINUX 7 + DB 12C + WEBLOGIC + FORMS AND REPORTS 12C + WEBUTIL + APEX
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on Mikrotik
 
Secure Code Warrior - CRLF injection
Secure Code Warrior - CRLF injectionSecure Code Warrior - CRLF injection
Secure Code Warrior - CRLF injection
 
Outrageous Performance: RageDB's Experience with the Seastar Framework
Outrageous Performance: RageDB's Experience with the Seastar FrameworkOutrageous Performance: RageDB's Experience with the Seastar Framework
Outrageous Performance: RageDB's Experience with the Seastar Framework
 
What should a hacker know about WebDav?
What should a hacker know about WebDav?What should a hacker know about WebDav?
What should a hacker know about WebDav?
 

Similar to Enter Gossipsub, A scalable, extensible & hardened P2P PubSub Router protocol

BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama ElhamerBSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama ElhamerShellmates
 
Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013
Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013
Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013Amazon Web Services
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slideschintaan
 
A New Form of Dos attack in Cloud
A New Form of Dos attack in CloudA New Form of Dos attack in Cloud
A New Form of Dos attack in CloudSanoj Kumar
 
Running a distributed system across kubernetes clusters - Kubecon North Ameri...
Running a distributed system across kubernetes clusters - Kubecon North Ameri...Running a distributed system across kubernetes clusters - Kubecon North Ameri...
Running a distributed system across kubernetes clusters - Kubecon North Ameri...Alex Robinson
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22SensePost
 
Hadoop Ecosystem and Low Latency Streaming Architecture
Hadoop Ecosystem and Low Latency Streaming ArchitectureHadoop Ecosystem and Low Latency Streaming Architecture
Hadoop Ecosystem and Low Latency Streaming ArchitectureInSemble
 
Commonly Used Peer to Peer Methods & Applications
Commonly Used Peer to Peer Methods & ApplicationsCommonly Used Peer to Peer Methods & Applications
Commonly Used Peer to Peer Methods & Applications905426
 
Module: Mutable Content in IPFS
Module: Mutable Content in IPFSModule: Mutable Content in IPFS
Module: Mutable Content in IPFSIoannis Psaras
 
Lessons From Sharding Solr At Etsy: Presented by Gregg Donovan, Etsy
Lessons From Sharding Solr At Etsy: Presented by Gregg Donovan, EtsyLessons From Sharding Solr At Etsy: Presented by Gregg Donovan, Etsy
Lessons From Sharding Solr At Etsy: Presented by Gregg Donovan, EtsyLucidworks
 
Lessons from Sharding Solr
Lessons from Sharding SolrLessons from Sharding Solr
Lessons from Sharding SolrGregg Donovan
 
More Efficient Object Replication in OpenStack Summit Juno
More Efficient Object Replication in OpenStack Summit JunoMore Efficient Object Replication in OpenStack Summit Juno
More Efficient Object Replication in OpenStack Summit JunoKota Tsuyuzaki
 
IP Multicasting - An Overview
IP Multicasting - An OverviewIP Multicasting - An Overview
IP Multicasting - An Overviewh_marvin
 
11 group communication
11 group communication11 group communication
11 group communicationneel888
 
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?Rob Gillen
 
fgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdffgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdfFernandoGont
 

Similar to Enter Gossipsub, A scalable, extensible & hardened P2P PubSub Router protocol (20)

BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama ElhamerBSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
 
IP Multicast Routing
IP Multicast RoutingIP Multicast Routing
IP Multicast Routing
 
Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013
Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013
Cloud Connected Devices on a Global Scale (CPN303) | AWS re:Invent 2013
 
Anon p2p slides
Anon p2p slidesAnon p2p slides
Anon p2p slides
 
Kafka at scale facebook israel
Kafka at scale facebook israelKafka at scale facebook israel
Kafka at scale facebook israel
 
A New Form of Dos attack in Cloud
A New Form of Dos attack in CloudA New Form of Dos attack in Cloud
A New Form of Dos attack in Cloud
 
Running a distributed system across kubernetes clusters - Kubecon North Ameri...
Running a distributed system across kubernetes clusters - Kubecon North Ameri...Running a distributed system across kubernetes clusters - Kubecon North Ameri...
Running a distributed system across kubernetes clusters - Kubecon North Ameri...
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22
 
Addios!
Addios!Addios!
Addios!
 
Hadoop Ecosystem and Low Latency Streaming Architecture
Hadoop Ecosystem and Low Latency Streaming ArchitectureHadoop Ecosystem and Low Latency Streaming Architecture
Hadoop Ecosystem and Low Latency Streaming Architecture
 
Commonly Used Peer to Peer Methods & Applications
Commonly Used Peer to Peer Methods & ApplicationsCommonly Used Peer to Peer Methods & Applications
Commonly Used Peer to Peer Methods & Applications
 
Module: Mutable Content in IPFS
Module: Mutable Content in IPFSModule: Mutable Content in IPFS
Module: Mutable Content in IPFS
 
Lessons From Sharding Solr At Etsy: Presented by Gregg Donovan, Etsy
Lessons From Sharding Solr At Etsy: Presented by Gregg Donovan, EtsyLessons From Sharding Solr At Etsy: Presented by Gregg Donovan, Etsy
Lessons From Sharding Solr At Etsy: Presented by Gregg Donovan, Etsy
 
Lessons from Sharding Solr
Lessons from Sharding SolrLessons from Sharding Solr
Lessons from Sharding Solr
 
More Efficient Object Replication in OpenStack Summit Juno
More Efficient Object Replication in OpenStack Summit JunoMore Efficient Object Replication in OpenStack Summit Juno
More Efficient Object Replication in OpenStack Summit Juno
 
IP Multicasting - An Overview
IP Multicasting - An OverviewIP Multicasting - An Overview
IP Multicasting - An Overview
 
P2P Lecture.ppt
P2P Lecture.pptP2P Lecture.ppt
P2P Lecture.ppt
 
11 group communication
11 group communication11 group communication
11 group communication
 
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
 
fgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdffgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdf
 

More from David Dias

browserCloud.js - David Dias M.Sc Thesis Defense Deck
browserCloud.js - David Dias M.Sc Thesis Defense Deck browserCloud.js - David Dias M.Sc Thesis Defense Deck
browserCloud.js - David Dias M.Sc Thesis Defense Deck David Dias
 
IPWB and IPFS at WAC2017
IPWB and IPFS at WAC2017IPWB and IPFS at WAC2017
IPWB and IPFS at WAC2017David Dias
 
RDM#2- The Distributed Web
RDM#2- The Distributed WebRDM#2- The Distributed Web
RDM#2- The Distributed WebDavid Dias
 
Node.js Interactive
Node.js InteractiveNode.js Interactive
Node.js InteractiveDavid Dias
 
Understanding The Community Lifecycle
Understanding The Community LifecycleUnderstanding The Community Lifecycle
Understanding The Community LifecycleDavid Dias
 
P2P Resource Discovery for the Browser
P2P Resource Discovery for the BrowserP2P Resource Discovery for the Browser
P2P Resource Discovery for the BrowserDavid Dias
 
Lisboa WebRTC - May 21, 2015 - Intro to WebRTC
Lisboa WebRTC - May 21, 2015 - Intro to WebRTCLisboa WebRTC - May 21, 2015 - Intro to WebRTC
Lisboa WebRTC - May 21, 2015 - Intro to WebRTCDavid Dias
 
Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...
Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...
Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...David Dias
 
TriConf 2014 - LXJS, the Lisbon Javascript Conference
TriConf 2014 - LXJS, the Lisbon Javascript ConferenceTriConf 2014 - LXJS, the Lisbon Javascript Conference
TriConf 2014 - LXJS, the Lisbon Javascript ConferenceDavid Dias
 
JSConfBR - Securing Node.js App, by the community and for the community
JSConfBR - Securing Node.js App, by the community and for the community JSConfBR - Securing Node.js App, by the community and for the community
JSConfBR - Securing Node.js App, by the community and for the community David Dias
 

More from David Dias (10)

browserCloud.js - David Dias M.Sc Thesis Defense Deck
browserCloud.js - David Dias M.Sc Thesis Defense Deck browserCloud.js - David Dias M.Sc Thesis Defense Deck
browserCloud.js - David Dias M.Sc Thesis Defense Deck
 
IPWB and IPFS at WAC2017
IPWB and IPFS at WAC2017IPWB and IPFS at WAC2017
IPWB and IPFS at WAC2017
 
RDM#2- The Distributed Web
RDM#2- The Distributed WebRDM#2- The Distributed Web
RDM#2- The Distributed Web
 
Node.js Interactive
Node.js InteractiveNode.js Interactive
Node.js Interactive
 
Understanding The Community Lifecycle
Understanding The Community LifecycleUnderstanding The Community Lifecycle
Understanding The Community Lifecycle
 
P2P Resource Discovery for the Browser
P2P Resource Discovery for the BrowserP2P Resource Discovery for the Browser
P2P Resource Discovery for the Browser
 
Lisboa WebRTC - May 21, 2015 - Intro to WebRTC
Lisboa WebRTC - May 21, 2015 - Intro to WebRTCLisboa WebRTC - May 21, 2015 - Intro to WebRTC
Lisboa WebRTC - May 21, 2015 - Intro to WebRTC
 
Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...
Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...
Resource Discovery for the Web Platform using a P2P Overlay Network with WebR...
 
TriConf 2014 - LXJS, the Lisbon Javascript Conference
TriConf 2014 - LXJS, the Lisbon Javascript ConferenceTriConf 2014 - LXJS, the Lisbon Javascript Conference
TriConf 2014 - LXJS, the Lisbon Javascript Conference
 
JSConfBR - Securing Node.js App, by the community and for the community
JSConfBR - Securing Node.js App, by the community and for the community JSConfBR - Securing Node.js App, by the community and for the community
JSConfBR - Securing Node.js App, by the community and for the community
 

Recently uploaded

main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Satyam Kumar
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage examplePragyanshuParadkar1
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfme23b1001
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
EduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AIEduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AIkoyaldeepu123
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 

Recently uploaded (20)

main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage example
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdf
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
EduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AIEduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AI
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 

Enter Gossipsub, A scalable, extensible & hardened P2P PubSub Router protocol

  • 1. Enter Gossipsub A scalable, extensible & hardened P2P PubSub Router protocol David Dias david@protocol.ai
  • 2. • 1) Motivation for P2P PubSub • 2) Evolution of libp2p PubSub: FloodSub -> RandomSub -> GossipSub • 3) Hardening GossipSub • 4) What’s next (or left❕) Agenda
  • 3. • 1) Motivation for P2P PubSub • 2) Evolution of libp2p PubSub: FloodSub -> RandomSub -> GossipSub • 3) 🌟 Hardening GossipSub • 4) 🌟 What’s next (or left❕) Agenda
  • 5. Enable Real-Time Applications on the IPFS/libp2p Network
  • 6. To create the rich experience we got used with the Web 2.0
  • 7. Without relying on any piece of centralised infrastructure
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15. • Message oriented comms —> Simple to understand • Support for different Topologies —> Multiple types of interaction patterns • Loose coupling —> Separation of concerns • Scalable —> Adapts as your network grows PubSub key benefits
  • 16. • Permission-less network —> can’t control who joins/leaves • Network topology is bottom up (e.g. broker-less) • Network churn • Optimizing for Latency, Bandwidth, Delivery Guarantees is about tradeoffs • Malicious Actors 😈 The challenges of building P2P PubSub System
  • 18. • libp2p-pubsub is an interface • It enables libp2p to support multiple PubSub router implementations libp2p-pubsub Floodsub TCP Gossipsub Bring your own! QUIC WebRTC Bluetooth Websocket
  • 19. The first router - Floodsub
  • 20. • Simplest possible protocol • Ambient Peer Discovery (i.e. IPFS Main Network’s DHT) • Routing is achieved by Flooding Floodsub
  • 26. • Pros ◦ Simple to implement ◦ Very robust (even with high network churn) ◦ Minimum latency • Cons ◦ (Really) Bandwidth inefficient ◦ Unbounded degree flooding (wastes a lot of resources) Floodsub
  • 27. Floodsub • 100 peers • 5 msgs/s • Run for 2s • Time expansion 10x for viz
  • 28. A stepping stone - Randomsub
  • 29. • Experiment to see how the Network performed if we did message forwarding at random • Pros ◦ Still simple to implement ◦ Less bandwidth intensive • Cons ◦ Creates dark spots (nodes that don’t get the messages) • Note, this implementation wasn’t spec’ed, it was done as an experiment Randomsub
  • 30. Current generation - Gossipsub 🌟
  • 31. • Trades latency for bandwidth efficiency • Self-stabilising algorithm (nodes cooperate with each other) • Support for protocol extensions Gossipsub
  • 32. • Nodes construct meshes for message propagation pseudo-randomly • Nodes spread metadata to let other peers know of what we have seen (gossip!) Gossipsub - Hybrid of 2 Networks
  • 33. • Reciprocal peering agreements between nodes • A node mesh is the nodes that it has peering agreements with • Notes connect to D (degree, default 6) nodes Gossipsub - Full Message Network
  • 34. • Dense network • Nodes inform others of their local observed state through Gossip • Nodes inform others of what they have received or what they are missing Gossipsub - Metadata Network
  • 35. • Nodes keep a partial view of the network • Nodes announce their subscriptions on joining the network • Subscriptions are updated through the lifetime of the node Gossipsub - Subscribing & Unsubscribing When a node joins Overtime
  • 36. • GRAFT’ing - “I want to me part of your reciprocal full message” • If the peer rejects, the other node still knows that I’m interested in that topic and therefore will send me metadata • PRUNE’ing - Dissolve a previous reciprocal full message agreement. Gossipsub - GRAFT’ing & PRUNE’ing
  • 37. • Gossipsub has support for custom message validators • As messages are received, these can be validated before being forwarded Gossipsub - Message Validators
  • 38. • Local state (Subscription changes, Activity and more) • IHAVE - Share what we have + what we have seen • IWANT - Used when peers request a message they learn about and that they haven’t received yet Gossipsub - Gossip Messages
  • 39. • Regular the mesh degree (GRAFT/PRUNE peers to hit the desired degree) • Emit gossip for each topic • Slice the message caches • Heartbeat is done at every EPOCH and piggybacked on regular messages if possible Gossipsub - Heartbeat
  • 40. Gossipsub • 100 peers • 5 msgs/s • Run for 2s • Time expansion 10x for viz
  • 41. Floodsub vs. Gossipsub Generated using https://github.com/vyzo/gerbil-simsub/
  • 42. • Real-Time updates • Resiliency to network churn • Adjustable tradeoffs (bandwidth vs. latency) • Scales to large networks Recap: What libp2p Pubsub with Gossipsub gives us
  • 46. Class of attack - Sybil Attack 😈 😈 😈 😈 • When nodes join with the intent of causing harm • Can squat areas of the network • Can degrade the quality of the service
  • 47. Class of attack - Eclipse Attack • When a node controls what other nodes in the network see/get 😈 1 2 2 ⁉ 😕 🙄 3
  • 48. Class of attack - Spam Attack 😈 😵 😈 😈 • Bombard a node with work until it chokes itself (~equivalent to the Denial of Service attacks)
  • 50. The spec is a joy to read ✨
  • 51. Mitigation - Peer Scoring • Each Peer maintains a score for each other peer • The score is the summation of each parameter P multiplied by their weight W to the topic weight T Score(p) = Σtᵢ*(w₁(tᵢ)*P₁(tᵢ) + w₂(tᵢ)*P₂(tᵢ) + w₃(tᵢ)*P₃(tᵢ) + w₃b(tᵢ)*P₃b(tᵢ) + w₄(tᵢ)*P₄(tᵢ)) + w₅*P₅ + w₆*P₆ • Thresholds (all negative thresholds) ◦ 0, the baseline threshold - peers with score below this threshold are pruned from mesh ◦ gossip threshold - peers below this threshold don’t receive gossip ◦ publish threshold - peers below this threshold don’t receive flood publishing (optional) ◦ graylist threshold - peers below this threshold get their RPCs ignored • Parameters ◦ P₁: Time in Mesh for a topic. ◦ P₂: First Message Deliveries for a topic. ◦ P₃: (Expected) Mesh Message Delivery Rate for a topic. ◦ P₄: Invalid Messages for a topic. ◦ P₅: Application Specific score. ◦ P₆: IP Colocation Factor.
  • 52. Mitigation - Flood Publishing • Flood publish to peers that are a certain publish threshold score • This means that self publish messages are published to peers that beyond our mesh and instead, get sent to every peer we are connected and interested in topic and that are above the publish threshold score • The publish threshold is used to decide
  • 53. Mitigation - Peer Exchange on Prune • When a node gets Prune’ed, it receives of other candidate peers • This is a way to rely less on Ambient Peer Discovery and use the Gossipsub network to do the PeerDiscovery itself
  • 54. Mitigation - Spam Protections • GRAFT messages for unknown topics are ignored (vs. v1.0 would respond with PRUNE) • IWANT responses are rate limited • If spam is observed, it impacts the Score of the peer
  • 55. Mitigation - Explicit Peering Agreements • Establish direct connection agreements to keep connections always open • Great between nodes that are federated or have any special reason to always be connected
  • 56. We are not done just yet❕
  • 57. • Test Plan - Benchmarking ◦ Test Case 0: Establishing the baseline of Gossipsub • Test Plan - Resilience in Adversarial environments ◦ Test Case 1: DoS & Quiet GRAFT Attack ◦ Test Case 2: Sybil Attack - Network Degradation & Squatting ◦ Test Case 3: Sybil Attack - Sybils are generated in a small pool of IPs ◦ Test Case 4: Eclipse Attack against a Target - Distributed GRAFT Attack ◦ Test Case 5: Eclipse Attack - Eclipse the entire Network ◦ Test Case 6: Cold Boot Attack ◦ Test Case 7: DoS (Denial of Service) Attack - Target a set of nodes and get them to halt operation by exhausting their resources ◦ Test Case 8: Covert flash Attack ◦ Test Case 9: Consensus & Timing Attack ◦ Test Case 10: SPAM Attack - IWANT Spam ◦ Test Case 11: SPAM Attack - GRAFT Spam ◦ Test Case 12: SPAM Attack - Invalid Message Spam GossipSub Evaluation Plan
  • 58. Interested? Onboarding session coming soon, stay tuned
  • 59. Jupyter Integration into Testground 1) Open Test Plan 2) Adjust the parameters 3) Run and visualise the results! We are producing a Gossipsub report to be available soon™
  • 61. You can try it today!
  • 62. @vyzo @yusefnapora @dirkmc @yiannisbot @daviddias @agemanning @jbenet@whyrusleeping@stebalien @raulk@jamesray1@vasco-santos @lgierth And many others that have contributed by reviewing the spec, opening issues and testing the code ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤ ❤❤❤ ❤ ❤ ❤ ❤ ❤❤
  • 63. Thank you! David Dias david@protocol.ai Join the discussion ◦ Chat at #libp2p in freenode (with a matrix.org bridge!) ◦ Forum at https://discuss.libp2p.io/