github.com/onflow/flow-go@v0.35.7-crescendo-preview.23-atree-inlining/network/p2p/config/gossipsub_rpc_inspectors.go (about) 1 package p2pconfig 2 3 // RpcInspectorParameters keys. 4 const ( 5 ValidationConfigKey = "validation" 6 MetricsConfigKey = "metrics" 7 NotificationCacheSizeKey = "notification-cache-size" 8 ) 9 10 // RpcInspectorParameters contains the "numerical values" for the gossipsub RPC control message inspectors parameters. 11 type RpcInspectorParameters struct { 12 // RpcValidationInspector control message validation inspector validation configuration and limits. 13 Validation RpcValidationInspector `mapstructure:"validation"` 14 // NotificationCacheSize size of the queue for notifications about invalid RPC messages. 15 NotificationCacheSize uint32 `mapstructure:"notification-cache-size"` 16 } 17 18 // RpcValidationInspectorParameters keys. 19 const ( 20 ProcessKey = "process" 21 ClusterPrefixedMessageConfigKey = "cluster-prefixed-messages" 22 IWantConfigKey = "iwant" 23 IHaveConfigKey = "ihave" 24 GraftPruneKey = "graft-and-prune" 25 PublishMessagesConfigKey = "publish-messages" 26 InspectionQueueConfigKey = "inspection-queue" 27 ) 28 29 // RpcValidationInspector rpc control message validation inspector configuration. 30 type RpcValidationInspector struct { 31 ClusterPrefixedMessage ClusterPrefixedMessageInspectionParameters `mapstructure:"cluster-prefixed-messages"` 32 IWant IWantRpcInspectionParameters `mapstructure:"iwant"` 33 IHave IHaveRpcInspectionParameters `mapstructure:"ihave"` 34 GraftPrune GraftPruneRpcInspectionParameters `mapstructure:"graft-and-prune"` 35 PublishMessages PublishMessageInspectionParameters `mapstructure:"publish-messages"` 36 InspectionQueue InspectionQueueParameters `mapstructure:"inspection-queue"` 37 // InspectionProcess configuration that controls which aspects of rpc inspection are enabled and disabled during inspect message request processing. 38 InspectionProcess InspectionProcess `mapstructure:"process"` 39 } 40 41 // InspectionProcess configuration that controls which aspects of rpc inspection are enabled and disabled during inspect message request processing. 42 type InspectionProcess struct { 43 Inspect Inspect `validate:"required" mapstructure:"inspection"` 44 Truncate Truncate `validate:"required" mapstructure:"truncation"` 45 } 46 47 const ( 48 InspectionKey = "inspection" 49 TruncationKey = "truncation" 50 EnableKey = "enable" 51 DisabledKey = "disabled" 52 MessageIDKey = "message-id" 53 RejectUnstakedPeers = "reject-unstaked-peers" 54 ) 55 56 // Inspect configuration to enable/disable RPC inspection for a particular control message type. 57 type Inspect struct { 58 // Disabled serves as a fail-safe mechanism to globally deactivate inspection logic. When this fail-safe is activated it disables all 59 // aspects of the inspection logic, irrespective of individual configurations like inspection.enable-graft, inspection.enable-prune, etc. 60 // Consequently, all metrics collection and logging related to the rpc and inspection will also be disabled. 61 // It is important to note that activating this fail-safe results in a comprehensive deactivation inspection features. 62 // Please use this setting judiciously, considering its broad impact on the behavior of control message handling. 63 Disabled bool `mapstructure:"disabled"` 64 // EnableGraft enable graft control message inspection. 65 EnableGraft bool `mapstructure:"enable-graft"` 66 // EnablePrune enable prune control message inspection. 67 EnablePrune bool `mapstructure:"enable-prune"` 68 // EnableIHave enable iHave control message inspection. 69 EnableIHave bool `mapstructure:"enable-ihave"` 70 // EnableIWant enable iWant control message inspection. 71 EnableIWant bool `mapstructure:"enable-iwant"` 72 // EnablePublish enable publish message inspection. 73 EnablePublish bool `mapstructure:"enable-publish"` 74 // RejectUnstakedPeers when set to true RPC's will be rejected from unstaked peers. 75 RejectUnstakedPeers bool `mapstructure:"reject-unstaked-peers"` 76 } 77 78 // Truncate configuration to enable/disable RPC truncation for a particular control message type. 79 type Truncate struct { 80 // Disabled serves as a fail-safe mechanism to globally deactivate truncation logic. When this fail-safe is activated it disables all 81 // aspects of the truncation logic, irrespective of individual configurations like truncation.enable-graft, truncation.enable-prune, etc. 82 // Consequently, all metrics collection and logging related to the rpc and inspection will also be disabled. 83 // It is important to note that activating this fail-safe results in a comprehensive deactivation truncation features. 84 // Please use this setting judiciously, considering its broad impact on the behavior of control message handling. 85 Disabled bool `mapstructure:"disabled"` 86 // EnableGraft enable graft control message truncation. 87 EnableGraft bool `mapstructure:"enable-graft"` 88 // EnablePrune enable prune control message truncation. 89 EnablePrune bool `mapstructure:"enable-prune"` 90 // EnableIHave enable iHave control message truncation. 91 EnableIHave bool `mapstructure:"enable-ihave"` 92 // EnableIHaveMessageIds enable iHave message id truncation. 93 EnableIHaveMessageIds bool `mapstructure:"enable-ihave-message-id"` 94 // EnableIWant enable iWant control message truncation. 95 EnableIWant bool `mapstructure:"enable-iwant"` 96 // EnableIWantMessageIds enable iWant message id truncation. 97 EnableIWantMessageIds bool `mapstructure:"enable-iwant-message-id"` 98 } 99 100 const ( 101 QueueSizeKey = "queue-size" 102 ) 103 104 // InspectionQueueParameters contains the "numerical values" for the control message validation inspector. 105 // Incoming GossipSub RPCs are queued for async inspection by a worker pool. This worker pool is configured 106 // by the parameters in this struct. 107 // Each RPC has a number of "publish messages" accompanied by control messages. 108 type InspectionQueueParameters struct { 109 // NumberOfWorkers number of worker pool workers. 110 NumberOfWorkers int `validate:"gte=1" mapstructure:"workers"` 111 // Size size of the queue used by worker pool for the control message validation inspector. 112 Size uint32 `validate:"gte=100" mapstructure:"queue-size"` 113 } 114 115 const ( 116 MaxSampleSizeKey = "max-sample-size" 117 MessageErrorThresholdKey = "error-threshold" 118 ) 119 120 // PublishMessageInspectionParameters contains the "numerical values" for the publish control message inspection. 121 // Each RPC has a number of "publish messages" accompanied by control messages. This struct contains the limits 122 // for the inspection of these publish messages. 123 type PublishMessageInspectionParameters struct { 124 // MaxSampleSize is the maximum number of messages in a single RPC message that are randomly sampled for async inspection. 125 // When the size of a single RPC message exceeds this threshold, a random sample is taken for inspection, but the RPC message is not truncated. 126 MaxSampleSize int `validate:"gte=0" mapstructure:"max-sample-size"` 127 // ErrorThreshold the threshold at which an error will be returned if the number of invalid RPC messages exceeds this value. 128 ErrorThreshold int `validate:"gte=0" mapstructure:"error-threshold"` 129 } 130 131 // GraftPruneRpcInspectionParameters contains the "numerical values" for the graft and prune control message inspection. 132 // Each RPC has a number of "publish messages" accompanied by control messages. This struct contains the limits 133 // for the inspection of these graft and prune control messages. 134 type GraftPruneRpcInspectionParameters struct { 135 // MessageCountThreshold is the maximum number of GRAFT or PRUNE messages in a single RPC message. 136 // When the total number of GRAFT or PRUNE messages in a single RPC message exceeds this threshold, 137 // a random sample of GRAFT or PRUNE messages will be taken and the RPC message will be truncated to this sample size. 138 MessageCountThreshold int `validate:"gte=0" mapstructure:"message-count-threshold"` 139 140 // DuplicateTopicIdThreshold is the tolerance threshold for having duplicate topics in a single GRAFT or PRUNE message under inspection. 141 // Ideally, a GRAFT or PRUNE message should not have any duplicate topics, hence a topic ID is counted as a duplicate only if it is repeated more than once. 142 // When the total number of duplicate topic ids in a single GRAFT or PRUNE message exceeds this threshold, the inspection of message will fail. 143 DuplicateTopicIdThreshold int `validate:"gte=0" mapstructure:"duplicate-topic-id-threshold"` 144 145 // InvalidTopicIdThreshold Maximum number of total invalid topic ids in a single GRAFT or PRUNE message, ideally this should be 0 but we allow for some tolerance 146 // to avoid penalizing peers that are not malicious but are misbehaving due to bugs or other issues. 147 InvalidTopicIdThreshold int `validate:"gte=0" mapstructure:"invalid-topic-id-threshold"` 148 } 149 150 const ( 151 MessageCountThreshold = "message-count-threshold" 152 MessageIdCountThreshold = "message-id-count-threshold" 153 CacheMissThresholdKey = "cache-miss-threshold" 154 DuplicateMsgIDThresholdKey = "duplicate-message-id-threshold" 155 InvalidTopicIdThresholdKey = "invalid-topic-id-threshold" 156 ) 157 158 // IWantRpcInspectionParameters contains the "numerical values" for iwant rpc control inspection. 159 // Each RPC has a number of "publish messages" accompanied by control messages. This struct contains the limits 160 // for the inspection of the iwant control messages. 161 type IWantRpcInspectionParameters struct { 162 // MessageCountThreshold is the maximum allowed number of iWant messages in a single RPC message. 163 // Each iWant message represents the list of message ids. When the total number of iWant messages 164 // in a single RPC message exceeds this threshold, a random sample of iWant messages will be taken and the RPC message will be truncated to this sample size. 165 // The sample size is equal to the configured MessageCountThreshold. 166 MessageCountThreshold uint `validate:"gt=0" mapstructure:"message-count-threshold"` 167 // MessageIdCountThreshold is the maximum allowed number of message ids in a single iWant message. 168 // Each iWant message represents the list of message ids for a specific topic, and this parameter controls the maximum number of message ids 169 // that can be included in a single iWant message. When the total number of message ids in a single iWant message exceeds this threshold, 170 // a random sample of message ids will be taken and the iWant message will be truncated to this sample size. 171 // The sample size is equal to the configured MessageIdCountThreshold. 172 MessageIdCountThreshold int `validate:"gte=0" mapstructure:"message-id-count-threshold"` 173 // CacheMissThreshold is the threshold of tolerance for the total cache misses in all iWant messages in a single RPC message. 174 // When the total number of cache misses in all iWant messages in a single RPC message exceeds this threshold, the inspection of message will fail. 175 // An iWant message is considered a cache miss if it contains a message id that is not present in the local cache for iHave messages, i.e., the node 176 // does not have a record of an iHave message for this message id. 177 // When the total number of cache misses in all iWant messages in a single RPC message exceeds this threshold, the inspection of message will fail, and 178 // a single misbehavior notification will be reported. 179 CacheMissThreshold int `validate:"gt=0" mapstructure:"cache-miss-threshold"` 180 // DuplicateMsgIdThreshold is the maximum allowed number of duplicate message ids in a all iWant messages in a single RPC message. 181 // Each iWant message represents the list of message ids, and this parameter controls the maximum number of duplicate message ids 182 // that can be included in all iWant messages in a single RPC message. When the total number of duplicate message ids in a single iWant message exceeds this threshold, 183 // a single misbehavior notification will be reported, and the inspection of message will fail. 184 DuplicateMsgIdThreshold int `validate:"gt=0" mapstructure:"duplicate-message-id-threshold"` 185 } 186 187 const ( 188 DuplicateTopicIdThresholdKey = "duplicate-topic-id-threshold" 189 DuplicateMessageIdThresholdKey = "duplicate-message-id-threshold" 190 ) 191 192 // IHaveRpcInspectionParameters contains the "numerical values" for ihave rpc control inspection. 193 // Each RPC has a number of "publish messages" accompanied by control messages. This struct contains the limits 194 // for the inspection of the ihave control messages. 195 type IHaveRpcInspectionParameters struct { 196 // MessageCountThreshold is the maximum allowed number of iHave messages in a single RPC message. 197 // Each iHave message represents the list of message ids for a specific topic. When the total number of iHave messages 198 // in a single RPC message exceeds this threshold, a random sample of iHave messages will be taken and the RPC message will be truncated to this sample size. 199 // The sample size is equal to the configured MessageCountThreshold. 200 MessageCountThreshold int `validate:"gte=0" mapstructure:"message-count-threshold"` 201 // MessageIdCountThreshold is the maximum allowed number of message ids in a single iHave message. 202 // Each iHave message represents the list of message ids for a specific topic, and this parameter controls the maximum number of message ids 203 // that can be included in a single iHave message. When the total number of message ids in a single iHave message exceeds this threshold, 204 // a random sample of message ids will be taken and the iHave message will be truncated to this sample size. 205 // The sample size is equal to the configured MessageIdCountThreshold. 206 MessageIdCountThreshold int `validate:"gte=0" mapstructure:"message-id-count-threshold"` 207 208 // DuplicateTopicIdThreshold is the tolerance threshold for having duplicate topics in an iHave message under inspection. 209 // When the total number of duplicate topic ids in a single iHave message exceeds this threshold, the inspection of message will fail. 210 // Note that a topic ID is counted as a duplicate only if it is repeated more than DuplicateTopicIdThreshold times. 211 DuplicateTopicIdThreshold int `validate:"gte=0" mapstructure:"duplicate-topic-id-threshold"` 212 213 // DuplicateMessageIdThreshold is the threshold of tolerance for having duplicate message IDs in a single iHave message under inspection. 214 // When the total number of duplicate message ids in a single iHave message exceeds this threshold, the inspection of message will fail. 215 // Ideally, an iHave message should not have any duplicate message IDs, hence a message id is considered duplicate when it is repeated more than once 216 // within the same iHave message. When the total number of duplicate message ids in a single iHave message exceeds this threshold, the inspection of message will fail. 217 DuplicateMessageIdThreshold int `validate:"gte=0" mapstructure:"duplicate-message-id-threshold"` 218 219 // InvalidTopicIdThreshold Maximum number of total invalid topic ids in a single IHAVE message, ideally this should be 0 but we allow for some tolerance 220 // to avoid penalizing peers that are not malicious but are misbehaving due to bugs or other issues. 221 InvalidTopicIdThreshold int `validate:"gte=0" mapstructure:"invalid-topic-id-threshold"` 222 } 223 224 const ( 225 HardThresholdKey = "hard-threshold" 226 TrackerCacheSizeKey = "tracker-cache-size" 227 TrackerCacheDecayKey = "tracker-cache-decay" 228 ) 229 230 // ClusterPrefixedMessageInspectionParameters contains the "numerical values" for cluster prefixed control message inspection. 231 // Each RPC has a number of "publish messages" accompanied by control messages. This struct contains the limits for the inspection 232 // of messages (publish messages and control messages) that belongs to cluster prefixed topics. 233 // Cluster-prefixed topics are topics that are prefixed with the cluster ID of the node that published the message. 234 type ClusterPrefixedMessageInspectionParameters struct { 235 // HardThreshold the upper bound on the amount of cluster prefixed control messages that will be processed 236 // before a node starts to get penalized. This allows LN nodes to process some cluster prefixed control messages during startup 237 // when the cluster ID's provider is set asynchronously. It also allows processing of some stale messages that may be sent by nodes 238 // that fall behind in the protocol. After the amount of cluster prefixed control messages processed exceeds this threshold the node 239 // will be pushed to the edge of the network mesh. 240 HardThreshold float64 `validate:"gte=0" mapstructure:"hard-threshold"` 241 // ControlMsgsReceivedCacheSize size of the cache used to track the amount of cluster prefixed topics received by peers. 242 ControlMsgsReceivedCacheSize uint32 `validate:"gt=0" mapstructure:"tracker-cache-size"` 243 // ControlMsgsReceivedCacheDecay decay val used for the geometric decay of cache counters used to keep track of cluster prefixed topics received by peers. 244 ControlMsgsReceivedCacheDecay float64 `validate:"gt=0" mapstructure:"tracker-cache-decay"` 245 } 246 247 const ( 248 NumberOfWorkersKey = "workers" 249 )