Branch data Line data Source code
1 : : // Copyright (c) 2021 The Bitcoin Core developers
2 : : // Distributed under the MIT software license, see the accompanying
3 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 : :
5 : : #ifndef BITCOIN_NETGROUP_H
6 : : #define BITCOIN_NETGROUP_H
7 : :
8 : : #include <netaddress.h>
9 : : #include <uint256.h>
10 : :
11 : : #include <vector>
12 : :
13 : : /**
14 : : * Netgroup manager
15 : : */
16 : 7677 : class NetGroupManager {
17 : : public:
18 : 7677 : explicit NetGroupManager(std::vector<bool> asmap)
19 : 7677 : : m_asmap{std::move(asmap)}
20 : : {}
21 : :
22 : : /** Get a checksum identifying the asmap being used. */
23 : : uint256 GetAsmapChecksum() const;
24 : :
25 : : /**
26 : : * Get the canonical identifier of the network group for address.
27 : : *
28 : : * The groups are assigned in a way where it should be costly for an attacker to
29 : : * obtain addresses with many different group identifiers, even if it is cheap
30 : : * to obtain addresses with the same identifier.
31 : : *
32 : : * @note No two connections will be attempted to addresses with the same network
33 : : * group.
34 : : */
35 : : std::vector<unsigned char> GetGroup(const CNetAddr& address) const;
36 : :
37 : : /**
38 : : * Get the autonomous system on the BGP path to address.
39 : : *
40 : : * The ip->AS mapping depends on how asmap is constructed.
41 : : */
42 : : uint32_t GetMappedAS(const CNetAddr& address) const;
43 : :
44 : : /**
45 : : * Analyze and log current health of ASMap based buckets.
46 : : */
47 : : void ASMapHealthCheck(const std::vector<CNetAddr>& clearnet_addrs) const;
48 : :
49 : : /**
50 : : * Indicates whether ASMap is being used for clearnet bucketing.
51 : : */
52 : : bool UsingASMap() const;
53 : :
54 : : private:
55 : : /** Compressed IP->ASN mapping, loaded from a file when a node starts.
56 : : *
57 : : * This mapping is then used for bucketing nodes in Addrman and for
58 : : * ensuring we connect to a diverse set of peers in Connman. The map is
59 : : * empty if no file was provided.
60 : : *
61 : : * If asmap is provided, nodes will be bucketed by AS they belong to, in
62 : : * order to make impossible for a node to connect to several nodes hosted
63 : : * in a single AS. This is done in response to Erebus attack, but also to
64 : : * generally diversify the connections every node creates, especially
65 : : * useful when a large fraction of nodes operate under a couple of cloud
66 : : * providers.
67 : : *
68 : : * If a new asmap is provided, the existing addrman records are
69 : : * re-bucketed.
70 : : *
71 : : * This is initialized in the constructor, const, and therefore is
72 : : * thread-safe. */
73 : : const std::vector<bool> m_asmap;
74 : : };
75 : :
76 : : #endif // BITCOIN_NETGROUP_H
|