Merge pull request #6354

67ade8005 Add randomized delay when forwarding txes from i2p/tor -> ipv4/6 (Lee Clagett)
2025-08-01 18:36:10 -04:00 · 2020-08-09 06:42:48 -07:00 · 2020-08-09 06:42:48 -07:00 · c108c5e2f0
commit c108c5e2f0
parent 9414194b1e 67ade80055
9 changed files with 368 additions and 40 deletions
--- a/src/cryptonote_protocol/cryptonote_protocol_handler.inl
+++ b/src/cryptonote_protocol/cryptonote_protocol_handler.inl
@ -935,7 +935,19 @@ namespace cryptonote
      return 1;
    }

-    relay_method tx_relay;
+    /* If the txes were received over i2p/tor, the default is to "forward"
+       with a randomized delay to further enhance the "white noise" behavior,
+       potentially making it harder for ISP-level spies to determine which
+       inbound link sent the tx. If the sender disabled "white noise" over
+       i2p/tor, then the sender is "fluffing" (to only outbound) i2p/tor
+       connections with the `dandelionpp_fluff` flag set. The receiver (hidden
+       service) will immediately fluff in that scenario (i.e. this assumes that a
+       sybil spy will be unable to link an IP to an i2p/tor connection). */
+
+    const epee::net_utils::zone zone = context.m_remote_address.get_zone();
+    relay_method tx_relay = zone == epee::net_utils::zone::public_ ?
+      relay_method::stem : relay_method::forward;
+
    std::vector<blobdata> stem_txs{};
    std::vector<blobdata> fluff_txs{};
    if (arg.dandelionpp_fluff)
@ -944,10 +956,7 @@ namespace cryptonote
      fluff_txs.reserve(arg.txs.size());
    }
    else
-    {
-      tx_relay = relay_method::stem;
      stem_txs.reserve(arg.txs.size());
-    }

    for (auto& tx : arg.txs)
    {
@ -970,6 +979,7 @@ namespace cryptonote
          fluff_txs.push_back(std::move(tx));
          break;
        default:
+        case relay_method::forward: // not supposed to happen here
        case relay_method::none:
          break;
      }
--- a/src/cryptonote_protocol/enums.h
+++ b/src/cryptonote_protocol/enums.h
@ -37,6 +37,7 @@ namespace cryptonote
  {
    none = 0, //!< Received via RPC with `do_not_relay` set
    local,    //!< Received via RPC; trying to send over i2p/tor, etc.
+    forward,  //!< Received over i2p/tor; timer delayed before ipv4/6 public broadcast
    stem,     //!< Received/send over network using Dandelion++ stem
    fluff,    //!< Received/sent over network using Dandelion++ fluff
    block     //!< Received in block, takes precedence over others
--- a/src/cryptonote_protocol/levin_notify.cpp
+++ b/src/cryptonote_protocol/levin_notify.cpp
@ -357,11 +357,15 @@ namespace levin
          return true;
        });

-        // Always send txs in stem mode over i2p/tor, see comments in `send_txs` below.
+        /* Always send with `fluff` flag, even over i2p/tor. The hidden service
+	   will disable the forwarding delay and immediately fluff. The i2p/tor
+	   network is therefore replacing the sybil protection of Dandelion++.
+	   Dandelion++ stem phase over i2p/tor is also worth investigating
+	   (with/without "noise"?). */
        for (auto& connection : connections)
        {
          std::sort(connection.first.begin(), connection.first.end()); // don't leak receive order
-          make_payload_send_txs(*zone_->p2p, std::move(connection.first), connection.second, zone_->pad_txs, zone_->is_public);
+          make_payload_send_txs(*zone_->p2p, std::move(connection.first), connection.second, zone_->pad_txs, true);
        }

        if (next_flush != std::chrono::steady_clock::time_point::max())
@ -811,12 +815,11 @@ namespace levin
        case relay_method::block:
          return false;
        case relay_method::stem:
-	  tx_relay = relay_method::fluff; // don't set stempool embargo when skipping to fluff
-	  /* fallthrough */
+        case relay_method::forward:
        case relay_method::local:
          if (zone_->is_public)
          {
-	    // this will change a local tx to stem or fluff ...
+            // this will change a local/forward tx to stem or fluff ...
            zone_->strand.dispatch(
              dandelionpp_notify{zone_, std::addressof(core), std::move(txs), source}
            );
@ -824,6 +827,11 @@ namespace levin
          }
          /* fallthrough */
        case relay_method::fluff:
+          /* If sending stem/forward/local txes over non public networks,
+             continue to claim that relay mode even though it used the "fluff"
+             routine. A "fluff" over i2p/tor is not the same as a "fluff" over
+             ipv4/6. Marking it as "fluff" here will make the tx immediately
+             visible externally from this node, which is not desired. */
          core.on_transactions_relayed(epee::to_span(txs), tx_relay);
          zone_->strand.dispatch(fluff_notify{zone_, std::move(txs), source});
          break;