diff --git a/CHANGELOG.md b/CHANGELOG.md index 38f547fca1..67368b33a3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +- ASB: Add limits to prevent denial-of-service via resource exhaustion. + ## [4.1.1] - 2026-03-26 - ASB: Optimize how we respond to network request diff --git a/Cargo.lock b/Cargo.lock index e44bea001f..b9ed505d06 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -169,9 +169,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.21" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43d5b281e737544384e969a5ccad3f1cdd24b48086a0fc1b2a5262a26b8f4f4a" +checksum = "824a212faf96e9acacdbd09febd34438f8f711fb84e09a8916013cd7815ca28d" dependencies = [ "anstyle", "anstyle-parse", @@ -184,15 +184,15 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.13" +version = "1.0.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5192cca8006f1fd4f7237516f40fa183bb07f8fbdfedaa0036de5ea9b0b45e78" +checksum = "940b3a0ca603d1eade50a4846a2afffd5ef57a9feac2c0e2ec2e14f9ead76000" [[package]] name = "anstyle-parse" -version = "0.2.7" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" +checksum = "52ce7f38b242319f7cabaa6813055467063ecdc9d355bbb4ce0c68908cd8130e" dependencies = [ "utf8parse", ] @@ -719,9 +719,9 @@ checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" [[package]] name = "aws-lc-rs" -version = "1.16.1" +version = "1.16.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94bffc006df10ac2a68c83692d734a465f8ee6c5b384d8545a636f81d858f4bf" +checksum = "a054912289d18629dc78375ba2c3726a3afe3ff71b4edba9dedfca0e3446d1fc" dependencies = [ "aws-lc-sys", "zeroize", @@ -729,9 +729,9 @@ dependencies = [ [[package]] name = "aws-lc-sys" -version = "0.38.0" +version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4321e568ed89bb5a7d291a7f37997c2c0df89809d7b6d12062c81ddb54aa782e" +checksum = "1fa7e52a4c5c547c741610a2c6f123f3881e409b714cd27e6798ef020c514f0a" dependencies = [ "cc", "cmake", @@ -913,9 +913,9 @@ dependencies = [ [[package]] name = "bdk_chain" -version = "0.23.2" +version = "0.23.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b5d691fd092aacec7e05046b7d04897d58d6d65ed3152cb6cf65dababcfabed" +checksum = "c290eff038799a8ac0c5a82b6160a9ca456baa299a6f22b262c771342d2846c0" dependencies = [ "bdk_core", "bitcoin 0.32.8", @@ -926,9 +926,9 @@ dependencies = [ [[package]] name = "bdk_core" -version = "0.6.2" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0dbbe4aad0c898bfeb5253c222be3ea3dccfb380a07e72c87e3e4ed6664a6753" +checksum = "cb3028782f6bf14a6df987244333d34e6b272b5a40a53e4879ec2dfd82275a3a" dependencies = [ "bitcoin 0.32.8", "hashbrown 0.14.5", @@ -1274,19 +1274,20 @@ dependencies = [ [[package]] name = "borsh" -version = "1.6.0" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1da5ab77c1437701eeff7c88d968729e7766172279eab0676857b3d63af7a6f" +checksum = "cfd1e3f8955a5d7de9fab72fc8373fade9fb8a703968cb200ae3dc6cf08e185a" dependencies = [ "borsh-derive", + "bytes", "cfg_aliases", ] [[package]] name = "borsh-derive" -version = "1.6.0" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0686c856aa6aac0c4498f936d7d6a02df690f614c03e4d906d1018062b5c5e2c" +checksum = "bfcfdc083699101d5a7965e49925975f2f55060f94f9a05e7187be95d530ca59" dependencies = [ "once_cell", "proc-macro-crate 3.5.0", @@ -1495,9 +1496,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.2.56" +version = "1.2.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aebf35691d1bfb0ac386a69bac2fde4dd276fb618cf8bf4f5318fe285e821bb2" +checksum = "e1e928d4b69e3077709075a938a05ffbedfa53a84c8f766efbf8220bb1ff60e1" dependencies = [ "find-msvc-tools", "jobserver", @@ -1637,9 +1638,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.60" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2797f34da339ce31042b27d23607e051786132987f595b02ba4f6a6dffb7030a" +checksum = "b193af5b67834b676abd72466a96c1024e6a6ad978a1f484bd90b85c94041351" dependencies = [ "clap_builder", "clap_derive", @@ -1647,9 +1648,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.60" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24a241312cea5059b13574bb9b3861cabf758b879c15190b37b6d6fd63ab6876" +checksum = "714a53001bf66416adb0e2ef5ac857140e7dc3a0c48fb28b2f10762fc4b5069f" dependencies = [ "anstream", "anstyle", @@ -1659,9 +1660,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.55" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a92793da1a46a5f2a02a6f4c46c6496b28c43638adea8306fcb0caa1634f24e5" +checksum = "1110bd8a634a1ab8cb04345d8d878267d57c3cf1b38d91b71af6686408bbca6a" dependencies = [ "heck 0.5.0", "proc-macro2", @@ -1671,9 +1672,9 @@ dependencies = [ [[package]] name = "clap_lex" -version = "1.0.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a822ea5bc7590f9d40f1ba12c0dc3c2760f3482c6984db1573ad11031420831" +checksum = "c8d4a3bb8b1e0c1050499d1815f5ab16d04f0959b233085fb31653fbfc9d98f9" [[package]] name = "clipboard-win" @@ -1686,9 +1687,9 @@ dependencies = [ [[package]] name = "cmake" -version = "0.1.57" +version = "0.1.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75443c44cd6b379beb8c5b45d85d0773baf31cce901fe7bb252f4eff3008ef7d" +checksum = "c0f78a02292a74a88ac736019ab962ece0bc380e3f977bf72e376c5d78ff0678" dependencies = [ "cc", ] @@ -1717,9 +1718,9 @@ dependencies = [ [[package]] name = "colorchoice" -version = "1.0.4" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" +checksum = "1d07550c9036bf2ae0c684c4297d503f838287c83c53686d05370d0e139ae570" [[package]] name = "colored" @@ -1830,13 +1831,12 @@ dependencies = [ [[package]] name = "console" -version = "0.16.2" +version = "0.16.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03e45a4a8926227e4197636ba97a9fc9b00477e9f4bd711395687c5f0734bec4" +checksum = "d64e8af5551369d19cf50138de61f1c42074ab970f74e99be916646777f8fc87" dependencies = [ "encode_unicode", "libc", - "once_cell", "unicode-width 0.2.2", "windows-sys 0.61.2", ] @@ -1994,7 +1994,7 @@ dependencies = [ "anes", "cast", "ciborium", - "clap 4.5.60", + "clap 4.6.0", "criterion-plot", "itertools 0.13.0", "num-traits", @@ -2197,7 +2197,7 @@ dependencies = [ [[package]] name = "cuprate-epee-encoding" version = "0.5.0" -source = "git+https://github.com/Cuprate/cuprate.git#adbded5ffa2cd472dea20e227466d6573588e6af" +source = "git+https://github.com/Cuprate/cuprate.git#3147170485c82baec4b5a5f10bdac67316c5923d" dependencies = [ "bytes", "cuprate-fixed-bytes", @@ -2210,7 +2210,7 @@ dependencies = [ [[package]] name = "cuprate-fixed-bytes" version = "0.1.0" -source = "git+https://github.com/Cuprate/cuprate.git#adbded5ffa2cd472dea20e227466d6573588e6af" +source = "git+https://github.com/Cuprate/cuprate.git#3147170485c82baec4b5a5f10bdac67316c5923d" dependencies = [ "bytes", "thiserror 2.0.18", @@ -2219,7 +2219,7 @@ dependencies = [ [[package]] name = "cuprate-hex" version = "0.0.0" -source = "git+https://github.com/Cuprate/cuprate.git#adbded5ffa2cd472dea20e227466d6573588e6af" +source = "git+https://github.com/Cuprate/cuprate.git#3147170485c82baec4b5a5f10bdac67316c5923d" dependencies = [ "hex", "serde", @@ -2304,7 +2304,7 @@ version = "1.0.194" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d0956799fa8678d4c50eed028f2de1c0552ae183c76e976cf7ca8c4e36a7c328" dependencies = [ - "clap 4.5.60", + "clap 4.6.0", "codespan-reporting", "indexmap 2.13.0", "proc-macro2", @@ -2370,6 +2370,16 @@ dependencies = [ "darling_macro 0.21.3", ] +[[package]] +name = "darling" +version = "0.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25ae13da2f202d56bd7f91c25fba009e7717a1e4a1cc98a76d844b65ae912e9d" +dependencies = [ + "darling_core 0.23.0", + "darling_macro 0.23.0", +] + [[package]] name = "darling_core" version = "0.13.4" @@ -2419,6 +2429,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1247195ecd7e3c85f83c8d2a366e4210d588e802133e1e355180a9870b517ea4" dependencies = [ "fnv", + "ident_case", + "proc-macro2", + "quote", + "syn 2.0.117", +] + +[[package]] +name = "darling_core" +version = "0.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9865a50f7c335f53564bb694ef660825eb8610e0a53d3e11bf1b0d3df31e03b0" +dependencies = [ "ident_case", "proc-macro2", "quote", @@ -2470,6 +2492,17 @@ dependencies = [ "syn 2.0.117", ] +[[package]] +name = "darling_macro" +version = "0.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3984ec7bd6cfa798e62b4a642426a5be0e68f9401cfc2a01e3fa9ea2fcdb8d" +dependencies = [ + "darling_core 0.23.0", + "quote", + "syn 2.0.117", +] + [[package]] name = "data-encoding" version = "2.10.0" @@ -2498,9 +2531,9 @@ dependencies = [ [[package]] name = "deflate64" -version = "0.1.11" +version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "807800ff3288b621186fe0a8f3392c4652068257302709c24efd918c3dffcdc2" +checksum = "ac6b926516df9c60bfa16e107b21086399f8285a44ca9711344b9e553c5146e2" [[package]] name = "der" @@ -2892,17 +2925,17 @@ dependencies = [ [[package]] name = "dom_query" -version = "0.25.1" +version = "0.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d9c2e7f1d22d0f2ce07626d259b8a55f4a47cb0938d4006dd8ae037f17d585e" +checksum = "521e380c0c8afb8d9a1e83a1822ee03556fc3e3e7dbc1fd30be14e37f9cb3f89" dependencies = [ "bit-set", "cssparser 0.36.0", "foldhash 0.2.0", - "html5ever 0.36.1", + "html5ever 0.38.0", "precomputed-hash", - "selectors 0.35.0", - "tendril", + "selectors 0.36.1", + "tendril 0.5.0", ] [[package]] @@ -3128,9 +3161,9 @@ dependencies = [ [[package]] name = "embed-resource" -version = "3.0.6" +version = "3.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55a075fc573c64510038d7ee9abc7990635863992f83ebc52c8b433b8411a02e" +checksum = "63a1d0de4f2249aa0ff5884d7080814f446bb241a559af6c170a41e878ed2d45" dependencies = [ "cc", "memchr", @@ -3254,9 +3287,9 @@ dependencies = [ [[package]] name = "env_filter" -version = "1.0.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a1c3cc8e57274ec99de65301228b537f1e4eedc1b8e0f9411c6caac8ae7308f" +checksum = "32e90c2accc4b07a8456ea0debdc2e7587bdd890680d71173a15d4ae604f6eef" dependencies = [ "log", "regex", @@ -3264,9 +3297,9 @@ dependencies = [ [[package]] name = "env_logger" -version = "0.11.9" +version = "0.11.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b2daee4ea451f429a58296525ddf28b45a3b64f1acf6587e2067437bb11e218d" +checksum = "0621c04f2196ac3f488dd583365b9c09be011a4ab8b9f37248ffcc8f6198b56a" dependencies = [ "env_filter", "log", @@ -4485,12 +4518,12 @@ dependencies = [ [[package]] name = "html5ever" -version = "0.36.1" +version = "0.38.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6452c4751a24e1b99c3260d505eaeee76a050573e61f30ac2c924ddc7236f01e" +checksum = "1054432bae2f14e0061e33d23402fbaa67a921d319d56adc6bcf887ddad1cbc2" dependencies = [ "log", - "markup5ever 0.36.1", + "markup5ever 0.38.0", ] [[package]] @@ -4975,14 +5008,15 @@ dependencies = [ [[package]] name = "ipconfig" -version = "0.3.2" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b58db92f96b720de98181bbbe63c831e87005ab460c1bf306eb2622b4707997f" +checksum = "4d40460c0ce33d6ce4b0630ad68ff63d6661961c48b6dba35e5a4d81cfb48222" dependencies = [ - "socket2 0.5.10", + "socket2 0.6.3", "widestring", - "windows-sys 0.48.0", - "winreg 0.50.0", + "windows-registry", + "windows-result 0.4.1", + "windows-sys 0.61.2", ] [[package]] @@ -4996,9 +5030,9 @@ dependencies = [ [[package]] name = "iri-string" -version = "0.7.10" +version = "0.7.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c91338f0783edbd6195decb37bae672fd3b165faffb89bf7b9e6942f8b1a731a" +checksum = "d8e7418f59cc01c88316161279a7f665217ae316b388e58a0d10e29f54f1e5eb" dependencies = [ "memchr", "serde", @@ -5049,9 +5083,9 @@ dependencies = [ [[package]] name = "itoa" -version = "1.0.17" +version = "1.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92ecc6618181def0457392ccd0ee51198e065e016d1d527a7ac1b6dc7c1f09d2" +checksum = "8f42a60cbdf9a97f5d2305f08a87dc4e09308d1276d28c869c684d7777685682" [[package]] name = "javascriptcore-rs" @@ -5085,7 +5119,7 @@ dependencies = [ "cesu8", "cfg-if", "combine", - "jni-sys", + "jni-sys 0.3.1", "log", "thiserror 1.0.69", "walkdir", @@ -5094,9 +5128,31 @@ dependencies = [ [[package]] name = "jni-sys" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8eaf4bc02d17cbdd7ff4c7438cafcdf7fb9a4613313ad11b4f8fefe7d3fa0130" +checksum = "41a652e1f9b6e0275df1f15b32661cf0d4b78d4d87ddec5e0c3c20f097433258" +dependencies = [ + "jni-sys 0.4.1", +] + +[[package]] +name = "jni-sys" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c6377a88cb3910bee9b0fa88d4f42e1d2da8e79915598f65fb0c7ee14c878af2" +dependencies = [ + "jni-sys-macros", +] + +[[package]] +name = "jni-sys-macros" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38c0b942f458fe50cdac086d2f946512305e5631e720728f2a61aabcd47a6264" +dependencies = [ + "quote", + "syn 2.0.117", +] [[package]] name = "jobserver" @@ -5982,9 +6038,9 @@ dependencies = [ [[package]] name = "libredox" -version = "0.1.14" +version = "0.1.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1744e39d1d6a9948f4f388969627434e31128196de472883b39f148769bfe30a" +checksum = "7ddbf48fd451246b1f8c2610bd3b4ac0cc6e149d89832867093ab69a17194f08" dependencies = [ "bitflags 2.11.0", "libc", @@ -6104,17 +6160,17 @@ dependencies = [ "phf_codegen 0.11.3", "string_cache 0.8.9", "string_cache_codegen 0.5.4", - "tendril", + "tendril 0.4.3", ] [[package]] name = "markup5ever" -version = "0.36.1" +version = "0.38.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c3294c4d74d0742910f8c7b466f44dda9eb2d5742c1e430138df290a1e8451c" +checksum = "8983d30f2915feeaaab2d6babdd6bc7e9ed1a00b66b5e6d74df19aa9c0e91862" dependencies = [ "log", - "tendril", + "tendril 0.5.0", "web_atoms", ] @@ -6268,9 +6324,9 @@ dependencies = [ [[package]] name = "mio" -version = "1.1.1" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a69bcab0ad47271a0234d9422b131806bf3968021e5dc9328caf2d4cd58557fc" +checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1" dependencies = [ "libc", "log", @@ -6305,9 +6361,9 @@ dependencies = [ [[package]] name = "moka" -version = "0.12.14" +version = "0.12.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85f8024e1c8e71c778968af91d43700ce1d11b219d127d79fb2934153b82b42b" +checksum = "957228ad12042ee839f93c8f257b62b4c0ab5eaae1d4fa60de53b27c9d7c5046" dependencies = [ "async-lock", "crossbeam-channel", @@ -6536,7 +6592,7 @@ dependencies = [ "arti-client", "axum", "chrono", - "clap 4.5.60", + "clap 4.6.0", "crossbeam", "cuprate-epee-encoding", "futures", @@ -6563,7 +6619,7 @@ dependencies = [ [[package]] name = "monero-seed" version = "0.1.0" -source = "git+https://github.com/monero-oxide/monero-wallet-util.git#a9ed050f16d0148582e94af503a5317733c452d2" +source = "git+https://github.com/monero-oxide/monero-wallet-util.git#420570cf6dfa9c1cd1c6c8230eb6dbe9b8569a0f" dependencies = [ "curve25519-dalek", "rand_core 0.6.4", @@ -6816,7 +6872,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c3f42e7bbe13d351b6bead8286a43aac9534b82bd3cc43e47037f012ebfd62d4" dependencies = [ "bitflags 2.11.0", - "jni-sys", + "jni-sys 0.3.1", "log", "ndk-sys", "num_enum", @@ -6836,7 +6892,7 @@ version = "0.6.0+11769913" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ee6cda3051665f1fb8d9e08fc35c96d5a244fb1be711a03b71118828afc9a873" dependencies = [ - "jni-sys", + "jni-sys 0.3.1", ] [[package]] @@ -7023,9 +7079,9 @@ dependencies = [ [[package]] name = "num-conv" -version = "0.2.0" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf97ec579c3c42f953ef76dbf8d55ac91fb219dde70e49aa4a6b7d74e9919050" +checksum = "c6673768db2d862beb9b39a78fdcb1a69439615d5794a1be50caa9bc92c81967" [[package]] name = "num-integer" @@ -7069,9 +7125,9 @@ dependencies = [ [[package]] name = "num_enum" -version = "0.7.5" +version = "0.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1207a7e20ad57b847bbddc6776b968420d38292bbfe2089accff5e19e82454c" +checksum = "5d0bca838442ec211fa11de3a8b0e0e8f3a4522575b5c4c06ed722e005036f26" dependencies = [ "num_enum_derive", "rustversion", @@ -7079,9 +7135,9 @@ dependencies = [ [[package]] name = "num_enum_derive" -version = "0.7.5" +version = "0.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ff32365de1b6743cb203b710788263c44a03de03802daf96092f2da4fe6ba4d7" +checksum = "680998035259dcfcafe653688bf2aa6d3e2dc05e98be6ab46afb089dc84f1df8" dependencies = [ "proc-macro-crate 3.5.0", "proc-macro2", @@ -8113,7 +8169,7 @@ version = "3.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e67ba7e9b2b56446f1d419b1d807906278ffa1a658a8a5d8a39dcb1f5a78614f" dependencies = [ - "toml_edit 0.25.4+spec-1.1.0", + "toml_edit 0.25.8+spec-1.1.0", ] [[package]] @@ -8202,9 +8258,9 @@ dependencies = [ [[package]] name = "proptest" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37566cb3fdacef14c0737f9546df7cfeadbfbc9fef10991038bf5015d0c80532" +checksum = "4b45fcc2344c680f5025fe57779faef368840d0bd1f42f216291f0dc4ace4744" dependencies = [ "bit-set", "bit-vec", @@ -9053,9 +9109,9 @@ dependencies = [ [[package]] name = "rust_decimal" -version = "1.40.0" +version = "1.41.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61f703d19852dbf87cbc513643fa81428361eb6940f1ac14fd58155d295a3eb0" +checksum = "2ce901f9a19d251159075a4c37af514c3b8ef99c22e02dd8c19161cf397ee94a" dependencies = [ "arrayvec", "borsh", @@ -9065,6 +9121,7 @@ dependencies = [ "rkyv", "serde", "serde_json", + "wasm-bindgen", ] [[package]] @@ -9152,7 +9209,7 @@ dependencies = [ "once_cell", "ring 0.17.14", "rustls-pki-types", - "rustls-webpki 0.103.9", + "rustls-webpki 0.103.10", "subtle", "zeroize", ] @@ -9214,7 +9271,7 @@ dependencies = [ "rustls 0.23.37", "rustls-native-certs 0.8.3", "rustls-platform-verifier-android", - "rustls-webpki 0.103.9", + "rustls-webpki 0.103.10", "security-framework 3.7.0", "security-framework-sys", "webpki-root-certs 0.26.11", @@ -9235,7 +9292,7 @@ dependencies = [ "rustls 0.23.37", "rustls-native-certs 0.8.3", "rustls-platform-verifier-android", - "rustls-webpki 0.103.9", + "rustls-webpki 0.103.10", "security-framework 3.7.0", "security-framework-sys", "webpki-root-certs 1.0.6", @@ -9260,9 +9317,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.103.9" +version = "0.103.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7df23109aa6c1567d1c575b9952556388da57401e4ace1d15f79eedad0d8f53" +checksum = "df33b2b81ac578cabaf06b89b0631153a3f416b0a886e8a7a1707fb51abbd1ef" dependencies = [ "aws-lc-rs", "ring 0.17.14", @@ -9631,9 +9688,9 @@ dependencies = [ [[package]] name = "selectors" -version = "0.35.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93fdfed56cd634f04fe8b9ddf947ae3dc493483e819593d2ba17df9ad05db8b2" +checksum = "c5d9c0c92a92d33f08817311cf3f2c29a3538a8240e94a6a3c622ce652d7e00c" dependencies = [ "bitflags 2.11.0", "cssparser 0.36.0", @@ -9797,9 +9854,9 @@ dependencies = [ [[package]] name = "serde_spanned" -version = "1.0.4" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8bbf91e5a4d6315eee45e704372590b30e260ee83af6639d64557f51b067776" +checksum = "876ac351060d4f882bb1032b6369eb0aef79ad9df1ea8bc404874d8cc3d0cd98" dependencies = [ "serde_core", ] @@ -9828,9 +9885,9 @@ dependencies = [ [[package]] name = "serde_with" -version = "3.17.0" +version = "3.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "381b283ce7bc6b476d903296fb59d0d36633652b633b27f64db4fb46dcbfc3b9" +checksum = "dd5414fad8e6907dbdd5bc441a50ae8d6e26151a03b1de04d89a5576de61d01f" dependencies = [ "base64 0.22.1", "chrono", @@ -9841,7 +9898,7 @@ dependencies = [ "schemars 1.2.1", "serde_core", "serde_json", - "serde_with_macros 3.17.0", + "serde_with_macros 3.18.0", "time", ] @@ -9859,11 +9916,11 @@ dependencies = [ [[package]] name = "serde_with_macros" -version = "3.17.0" +version = "3.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a6d4e30573c8cb306ed6ab1dca8423eec9a463ea0e155f45399455e0368b27e0" +checksum = "d3db8978e608f1fe7357e211969fd9abdcae80bac1ba7a3369bb7eb6b404eb65" dependencies = [ - "darling 0.21.3", + "darling 0.23.0", "proc-macro2", "quote", "syn 2.0.117", @@ -10036,9 +10093,9 @@ dependencies = [ [[package]] name = "simd-adler32" -version = "0.3.8" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e320a6c5ad31d271ad523dcf3ad13e2767ad8b1cb8f047f75a8aeaf8da139da2" +checksum = "703d5c7ef118737c72f1af64ad2f6f8c5e1921f818cdcb97b8fe6fc69bf66214" [[package]] name = "simdutf8" @@ -10810,7 +10867,7 @@ version = "4.1.1" dependencies = [ "anyhow", "bitcoin 0.32.8", - "clap 4.5.60", + "clap 4.6.0", "comfy-table", "jsonrpsee", "monero-oxide-ext", @@ -10883,7 +10940,7 @@ dependencies = [ "anyhow", "bitcoin 0.32.8", "config", - "console 0.16.2", + "console 0.16.3", "dialoguer", "libp2p", "monero-address", @@ -11184,9 +11241,9 @@ checksum = "7b2093cf4c8eb1e67749a6762251bc9cd836b6fc171623bd0a9d324d37af2417" [[package]] name = "tao" -version = "0.34.6" +version = "0.34.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e06d52c379e63da659a483a958110bbde891695a0ecb53e48cc7786d5eda7bb" +checksum = "9103edf55f2da3c82aea4c7fab7c4241032bfeea0e71fa557d98e00e7ce7cc20" dependencies = [ "bitflags 2.11.0", "block2", @@ -11239,9 +11296,9 @@ checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" [[package]] name = "tar" -version = "0.4.44" +version = "0.4.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d863878d212c87a19c1a610eb53bb01fe12951c0501cf5a0d65f724914a667a" +checksum = "22692a6476a21fa75fdfc11d452fda482af402c008cdbaf3476414e122040973" dependencies = [ "filetime", "libc", @@ -11391,7 +11448,7 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "28e78fb2c09a81546bcd376d34db4bda5769270d00990daa9f0d6e7ac1107e25" dependencies = [ - "clap 4.5.60", + "clap 4.6.0", "log", "serde", "serde_json", @@ -11631,7 +11688,7 @@ dependencies = [ "serde", "serde-untagged", "serde_json", - "serde_with 3.17.0", + "serde_with 3.18.0", "swift-rs", "thiserror 2.0.18", "toml 0.9.12+spec-1.1.0", @@ -11676,6 +11733,16 @@ dependencies = [ "utf-8", ] +[[package]] +name = "tendril" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4790fc369d5a530f4b544b094e31388b9b3a37c0f4652ade4505945f5660d24" +dependencies = [ + "new_debug_unreachable", + "utf-8", +] + [[package]] name = "termcolor" version = "1.4.1" @@ -11837,9 +11904,9 @@ dependencies = [ [[package]] name = "tinyvec" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfa5fdc3bce6191a1dbc8c02d5c8bffcf557bafa17c124c5264a458f1b0613fa" +checksum = "3e61e67053d25a4e82c844e8424039d9745781b3fc4f32b8d55ed50f5f667ef3" dependencies = [ "tinyvec_macros", ] @@ -11984,7 +12051,7 @@ checksum = "cf92845e79fc2e2def6a5d828f0801e29a2f8acc037becc5ab08595c7d5e9863" dependencies = [ "indexmap 2.13.0", "serde_core", - "serde_spanned 1.0.4", + "serde_spanned 1.1.0", "toml_datetime 0.7.5+spec-1.1.0", "toml_parser", "toml_writer", @@ -12011,9 +12078,9 @@ dependencies = [ [[package]] name = "toml_datetime" -version = "1.0.0+spec-1.1.0" +version = "1.1.0+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32c2555c699578a4f59f0cc68e5116c8d7cabbd45e1409b989d4be085b53f13e" +checksum = "97251a7c317e03ad83774a8752a7e81fb6067740609f75ea2b585b569a59198f" dependencies = [ "serde_core", ] @@ -12044,30 +12111,30 @@ dependencies = [ [[package]] name = "toml_edit" -version = "0.25.4+spec-1.1.0" +version = "0.25.8+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7193cbd0ce53dc966037f54351dbbcf0d5a642c7f0038c382ef9e677ce8c13f2" +checksum = "16bff38f1d86c47f9ff0647e6838d7bb362522bdf44006c7068c2b1e606f1f3c" dependencies = [ "indexmap 2.13.0", - "toml_datetime 1.0.0+spec-1.1.0", + "toml_datetime 1.1.0+spec-1.1.0", "toml_parser", - "winnow 0.7.15", + "winnow 1.0.0", ] [[package]] name = "toml_parser" -version = "1.0.9+spec-1.1.0" +version = "1.1.0+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "702d4415e08923e7e1ef96cd5727c0dfed80b4d2fa25db9647fe5eb6f7c5a4c4" +checksum = "2334f11ee363607eb04df9b8fc8a13ca1715a72ba8662a26ac285c98aabb4011" dependencies = [ - "winnow 0.7.15", + "winnow 1.0.0", ] [[package]] name = "toml_writer" -version = "1.0.6+spec-1.1.0" +version = "1.1.0+spec-1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab16f14aed21ee8bfd8ec22513f7287cd4a91aa92e44edfe2c17ddd004e92607" +checksum = "d282ade6016312faf3e41e57ebbba0c073e4056dab1232ab1cb624199648f8ed" [[package]] name = "tor-async-utils" @@ -12593,7 +12660,7 @@ dependencies = [ "retry-error", "safelog", "serde", - "serde_with 3.17.0", + "serde_with 3.18.0", "strum 0.27.2", "thiserror 2.0.18", "tor-async-utils", @@ -12697,7 +12764,7 @@ dependencies = [ "itertools 0.14.0", "safelog", "serde", - "serde_with 3.17.0", + "serde_with 3.18.0", "strum 0.27.2", "thiserror 2.0.18", "tor-basic-utils", @@ -12843,7 +12910,7 @@ dependencies = [ "phf 0.13.1", "rand 0.9.2", "serde", - "serde_with 3.17.0", + "serde_with 3.18.0", "signature", "smallvec", "strum 0.27.2", @@ -12967,7 +13034,7 @@ source = "git+https://github.com/eigenwallet/arti?branch=downgraded_rusqlite_art dependencies = [ "caret", "paste", - "serde_with 3.17.0", + "serde_with 3.18.0", "thiserror 2.0.18", "tor-bytes", ] @@ -13021,7 +13088,7 @@ dependencies = [ "paste", "pin-project", "rustls-pki-types", - "rustls-webpki 0.103.9", + "rustls-webpki 0.103.10", "socket2 0.6.3", "thiserror 2.0.18", "tokio", @@ -13210,9 +13277,9 @@ dependencies = [ [[package]] name = "tracing-subscriber" -version = "0.3.22" +version = "0.3.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f30143827ddab0d256fd843b7a66d164e9f271cfa0dde49142c5ca0ca291f1e" +checksum = "cb7f578e5945fb242538965c2d0b04418d38ec25c79d160cd279bf0731c8d319" dependencies = [ "chrono", "matchers", @@ -13365,9 +13432,9 @@ checksum = "2896d95c02a80c6d6a5d6e953d479f5ddf2dfdb6a244441010e373ac0fb88971" [[package]] name = "uds_windows" -version = "1.2.0" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51b70b87d15e91f553711b40df3048faf27a7a04e01e0ddc0cf9309f0af7c2ca" +checksum = "f2f6fb2847f6742cd76af783a2a2c49e9375d0a111c7bef6f71cd9e738c72d6e" dependencies = [ "memoffset", "tempfile", @@ -13477,9 +13544,9 @@ checksum = "7df058c713841ad818f1dc5d3fd88063241cc61f49f5fbea4b951e8cf5a8d71d" [[package]] name = "unicode-segmentation" -version = "1.12.0" +version = "1.13.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6ccf251212114b54433ec949fd6a7841275f9ada20dddd2f29e9ceea4501493" +checksum = "9629274872b2bfaf8d66f5f15725007f635594914870f65218920345aa11aa8c" [[package]] name = "unicode-width" @@ -13631,9 +13698,9 @@ checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" [[package]] name = "uuid" -version = "1.22.0" +version = "1.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a68d3c8f01c0cfa54a75291d83601161799e4a89a39e0929f4b0354d88757a37" +checksum = "5ac8b6f42ead25368cf5b098aeb3dc8a1a2c05a3eee8a9a1a68c640edbfc79d9" dependencies = [ "getrandom 0.4.2", "js-sys", @@ -13859,6 +13926,7 @@ dependencies = [ "cfg-if", "once_cell", "rustversion", + "serde", "wasm-bindgen-macro", "wasm-bindgen-shared", ] @@ -14821,6 +14889,15 @@ dependencies = [ "memchr", ] +[[package]] +name = "winnow" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a90e88e4667264a994d34e6d1ab2d26d398dcdca8b7f52bec8668957517fc7d8" +dependencies = [ + "memchr", +] + [[package]] name = "winreg" version = "0.50.0" @@ -14955,9 +15032,9 @@ checksum = "9edde0db4769d2dc68579893f2306b26c6ecfbe0ef499b013d731b7b9247e0b9" [[package]] name = "wry" -version = "0.54.3" +version = "0.54.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a24eda84b5d488f99344e54b807138896cee8df0b2d16c793f1f6b80e6d8df1f" +checksum = "e5a8135d8676225e5744de000d4dff5a082501bf7db6a1c1495034f8c314edbc" dependencies = [ "base64 0.22.1", "block2", @@ -15247,18 +15324,18 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.8.42" +version = "0.8.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2578b716f8a7a858b7f02d5bd870c14bf4ddbbcf3a4c05414ba6503640505e3" +checksum = "efbb2a062be311f2ba113ce66f697a4dc589f85e78a4aea276200804cea0ed87" dependencies = [ "zerocopy-derive", ] [[package]] name = "zerocopy-derive" -version = "0.8.42" +version = "0.8.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e6cc098ea4d3bd6246687de65af3f920c430e236bee1e3bf2e441463f08a02f" +checksum = "0e8bc7269b54418e7aeeef514aa68f8690b8c0489a06b0136e5f57c4c5ccab89" dependencies = [ "proc-macro2", "quote", @@ -15427,9 +15504,9 @@ checksum = "cb8a0807f7c01457d0379ba880ba6322660448ddebc890ce29bb64da71fb40f9" [[package]] name = "zune-jpeg" -version = "0.5.13" +version = "0.5.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec5f41c76397b7da451efd19915684f727d7e1d516384ca6bd0ec43ec94de23c" +checksum = "27bc9d5b815bc103f142aa054f561d9187d191692ec7c2d1e2b4737f8dbd7296" dependencies = [ "zune-core", ] diff --git a/docs/content/becoming_a_maker/overview.mdx b/docs/content/becoming_a_maker/overview.mdx index 1cccebba8d..fc9aa0d741 100644 --- a/docs/content/becoming_a_maker/overview.mdx +++ b/docs/content/becoming_a_maker/overview.mdx @@ -210,6 +210,7 @@ hidden_service_num_intro_points = 5 | --- | --- | | `register_hidden_service` | Whether the asb should register an onion service. | | `hidden_service_num_intro_points` | If the asb registers an onion service, this specifies the number of introduction points the asb will use. | +| `max_concurrent_rend_requests` | Maximum number of concurrent rendezvous circuit constructions. Controls how fast the Tor PoW priority queue is drained. Lower values create more backpressure, causing the PoW effort requirement to increase faster under load. Default: `16`. | ### Network Section diff --git a/libp2p-rendezvous-node/src/swarm.rs b/libp2p-rendezvous-node/src/swarm.rs index 159ea81434..40ac8194c8 100644 --- a/libp2p-rendezvous-node/src/swarm.rs +++ b/libp2p-rendezvous-node/src/swarm.rs @@ -157,7 +157,7 @@ async fn create_transport_with_onion( .unwrap(); // Add onion service and get the address - let onion_address = tor_transport.add_onion_service(onion_service_config, onion_port)?; + let onion_address = tor_transport.add_onion_service(onion_service_config, onion_port, 16)?; // Combine transports let combined_transport = tcp_with_dns diff --git a/libp2p-tor/examples/ping-onion.rs b/libp2p-tor/examples/ping-onion.rs index 9c38e62765..61e50162f9 100644 --- a/libp2p-tor/examples/ping-onion.rs +++ b/libp2p-tor/examples/ping-onion.rs @@ -87,7 +87,7 @@ async fn onion_transport( .build() .unwrap(); - let onion_listen_address = transport.add_onion_service(svg_cfg, 999).unwrap(); + let onion_listen_address = transport.add_onion_service(svg_cfg, 999, 16).unwrap(); let auth_upgrade = noise::Config::new(&keypair)?; let multiplex_upgrade = yamux::Config::default(); diff --git a/libp2p-tor/src/lib.rs b/libp2p-tor/src/lib.rs index 87eb4e720e..bb0a58d818 100644 --- a/libp2p-tor/src/lib.rs +++ b/libp2p-tor/src/lib.rs @@ -52,7 +52,7 @@ //! ``` use arti_client::{TorClient, TorClientBuilder}; -use futures::future::BoxFuture; +use futures::{FutureExt as _, StreamExt as _, future::{BoxFuture, Either}}; use libp2p::{ Multiaddr, Transport, TransportError, core::transport::{ListenerId, TransportEvent}, @@ -74,7 +74,7 @@ use std::str::FromStr; use tor_cell::relaycell::msg::{Connected, End, EndReason}; #[cfg(feature = "listen-onion-service")] use tor_hsservice::{ - HsId, OnionServiceConfig, RunningOnionService, StreamRequest, handle_rend_requests, + HsId, OnionServiceConfig, RunningOnionService, StreamRequest, status::OnionServiceStatus, }; #[cfg(feature = "listen-onion-service")] @@ -233,12 +233,33 @@ impl TorTransport { &mut self, svc_cfg: OnionServiceConfig, port: u16, + max_concurrent_rend_requests: usize, ) -> anyhow::Result { let (service, request_stream) = self .client .launch_onion_service(svc_cfg)? .ok_or_else(|| anyhow::anyhow!("Onion service is disabled in config"))?; - let request_stream = Box::pin(handle_rend_requests(request_stream)); + // Accept rendezvous requests with bounded concurrency. + // `handle_rend_requests` uses `flat_map_unordered(None, ...)` which drains the + // PoW priority queue instantly, preventing it from ever filling up. That defeats + // the effort auto-tuning: the queue is always empty, so arti thinks there's no + // load and never increases the suggested effort. + // By limiting concurrency, we create backpressure that keeps the queue full under + // load, which causes low-effort requests to be evicted and the suggested effort + // to ramp up. + let request_stream = Box::pin( + request_stream.flat_map_unordered(Some(max_concurrent_rend_requests), |rend_request| { + Box::pin(rend_request.accept()) + .map(|outcome| match outcome { + Ok(stream_requests) => Either::Left(stream_requests), + Err(e) => { + tracing::warn!("Problem while accepting rendezvous request: {e:#}"); + Either::Right(futures::stream::empty()) + } + }) + .flatten_stream() + }), + ); let multiaddr = service .onion_address() diff --git a/swap-asb/Dockerfile b/swap-asb/Dockerfile index 4f999f79d3..3d7b3cd61b 100644 --- a/swap-asb/Dockerfile +++ b/swap-asb/Dockerfile @@ -67,6 +67,11 @@ RUN cargo chef prepare --recipe-path recipe.json # Now we build the application FROM toolchain AS builder +# Enable debug info in release builds for stack traces and perf. +# Must be set before cargo chef cook so the profile fingerprint matches +# the later cargo build, otherwise cook's cache is invalidated. +ENV CARGO_PROFILE_RELEASE_DEBUG=1 + # Build just the external dependencies first COPY --from=planner /recipe.json recipe.json diff --git a/swap-asb/src/main.rs b/swap-asb/src/main.rs index 1c6cef959f..ba3e967877 100644 --- a/swap-asb/src/main.rs +++ b/swap-asb/src/main.rs @@ -240,6 +240,7 @@ pub async fn main() -> Result<()> { tor_client, config.tor.register_hidden_service, config.tor.hidden_service_num_intro_points, + config.tor.max_concurrent_rend_requests, )?; for listen in config.network.listen.clone() { diff --git a/swap-env/src/config.rs b/swap-env/src/config.rs index 539b2abe1e..c54674ba7a 100644 --- a/swap-env/src/config.rs +++ b/swap-env/src/config.rs @@ -82,6 +82,15 @@ pub struct Monero { pub struct TorConf { pub register_hidden_service: bool, pub hidden_service_num_intro_points: u8, + /// Maximum number of concurrent rendezvous circuit constructions. + /// Limits how fast the PoW priority queue is drained, creating backpressure + /// that allows the suggested PoW effort to ramp up under load. + #[serde(default = "default_max_concurrent_rend_requests")] + pub max_concurrent_rend_requests: usize, +} + +fn default_max_concurrent_rend_requests() -> usize { + 16 } impl Default for TorConf { @@ -89,6 +98,7 @@ impl Default for TorConf { Self { register_hidden_service: true, hidden_service_num_intro_points: 5, + max_concurrent_rend_requests: default_max_concurrent_rend_requests(), } } } diff --git a/swap-orchestrator/src/compose.rs b/swap-orchestrator/src/compose.rs index 8267af82e4..9c4ce371d3 100644 --- a/swap-orchestrator/src/compose.rs +++ b/swap-orchestrator/src/compose.rs @@ -335,6 +335,8 @@ services: container_name: asb {image_asb} restart: unless-stopped + cap_add: + - SYS_PTRACE depends_on: - electrs volumes: diff --git a/swap-p2p/src/out_event/alice.rs b/swap-p2p/src/out_event/alice.rs index 51642300a9..1675408d33 100644 --- a/swap-p2p/src/out_event/alice.rs +++ b/swap-p2p/src/out_event/alice.rs @@ -91,6 +91,12 @@ impl OutEvent { } // Some other behaviours which are not worth their own module +impl From for OutEvent { + fn from(event: void::Void) -> Self { + void::unreachable(event) + } +} + impl From for OutEvent { fn from(_: ping::Event) -> Self { OutEvent::Other diff --git a/swap/src/asb/event_loop.rs b/swap/src/asb/event_loop.rs index ba867e52ba..cdbeeaeaa1 100644 --- a/swap/src/asb/event_loop.rs +++ b/swap/src/asb/event_loop.rs @@ -459,7 +459,15 @@ where } } SwarmEvent::IncomingConnectionError { send_back_addr: address, error, .. } => { - tracing::trace!(%address, "Failed to set up connection with peer: {:?}", error); + if let libp2p::swarm::ListenError::Denied { cause } = &error { + if let Some(exceeded) = cause.downcast_ref::() { + tracing::warn!(%address, error = %exceeded, "Rejected inbound connection to prevent against denial-of-service"); + } else { + tracing::trace!(%address, "Failed to set up connection with peer: {:?}", error); + } + } else { + tracing::trace!(%address, "Failed to set up connection with peer: {:?}", error); + } } SwarmEvent::ConnectionClosed { peer_id: peer, num_established: 0, endpoint, cause: Some(error), connection_id } => { tracing::trace!(%peer, address = %endpoint.get_remote_address(), %connection_id, "Lost connection to peer: {:?}", error); diff --git a/swap/src/asb/network.rs b/swap/src/asb/network.rs index 5425fbc773..d2ab43acd2 100644 --- a/swap/src/asb/network.rs +++ b/swap/src/asb/network.rs @@ -42,11 +42,15 @@ pub mod transport { maybe_tor_client: Option>>, register_hidden_service: bool, num_intro_points: u8, + max_concurrent_rend_requests: usize, ) -> Result { - // Streams are multiplexed via yamux, we don't need more than one. - const MAX_STREAMS_PER_CIRCUIT: u32 = 2; - // Default value - const POW_QUEUE_DEPTH: usize = 8192; + // Streams are multiplexed via yamux, we don't really need more than one. + const MAX_STREAMS_PER_CIRCUIT: u32 = 4; + // This does not affect the PoW directly (only very slightly) but only serves as a protection + // against memory exhaustion attacks when the queue of intro request fills up + // We therefore set it to a fairly high value because there is barely any harm in doing so. + // `MAX_CONCURRENT_REND_REQUESTS` is much more important in terms of DOS protection. + const POW_QUEUE_DEPTH: usize = 2048; let (maybe_tor_transport, onion_addresses) = if let Some(tor_client) = maybe_tor_client { let mut tor_transport = @@ -67,7 +71,7 @@ pub mod transport { .build() .expect("We specified a valid nickname"); - match tor_transport.add_onion_service(onion_service_config, ASB_ONION_SERVICE_PORT) + match tor_transport.add_onion_service(onion_service_config, ASB_ONION_SERVICE_PORT, max_concurrent_rend_requests) { Ok(addr) => { tracing::debug!( @@ -102,7 +106,7 @@ pub mod transport { } pub mod behaviour { - use libp2p::{identify, identity, ping, swarm::behaviour::toggle::Toggle}; + use libp2p::{connection_limits, identify, identity, ping, swarm::behaviour::toggle::Toggle}; use swap_p2p::{out_event::alice::OutEvent, patches}; use super::*; @@ -115,6 +119,7 @@ pub mod behaviour { where LR: LatestRate + Send + 'static, { + connection_limits: connection_limits::Behaviour, pub rendezvous: Toggle, pub quote: quote::Behaviour, pub swap_setup: alice::Behaviour, @@ -141,6 +146,7 @@ pub mod behaviour { env_config: env::Config, identify_params: (identity::Keypair, XmrBtcNamespace), rendezvous_nodes: Vec, + connection_limits: connection_limits::ConnectionLimits, ) -> Self { let (identity, namespace) = identify_params; let agent_version = format!("asb/{} ({})", env!("CARGO_PKG_VERSION"), namespace); @@ -162,6 +168,7 @@ pub mod behaviour { }; Self { + connection_limits: connection_limits::Behaviour::new(connection_limits), rendezvous: Toggle::from(behaviour), quote: quote::alice(), swap_setup: alice::Behaviour::new( diff --git a/swap/src/network/swarm.rs b/swap/src/network/swarm.rs index f1ec9bf626..bcb076b3c3 100644 --- a/swap/src/network/swarm.rs +++ b/swap/src/network/swarm.rs @@ -4,6 +4,7 @@ use crate::seed::Seed; use crate::{asb, cli}; use anyhow::Result; use arti_client::TorClient; +use libp2p::connection_limits::ConnectionLimits; use libp2p::swarm::NetworkBehaviour; use libp2p::{Multiaddr, Swarm, identity}; use libp2p::{PeerId, SwarmBuilder}; @@ -31,6 +32,7 @@ pub fn asb( maybe_tor_client: Option>>, register_hidden_service: bool, num_intro_points: u8, + max_concurrent_rend_requests: usize, ) -> Result<(Swarm>, Vec)> where LR: LatestRate + Send + 'static + Debug + Clone, @@ -45,6 +47,14 @@ where }) .collect(); + // TODO: Prioritize honest peers in this queue + let connection_limits = ConnectionLimits::default() + // Limit peers stuck in the handshake phase + .with_max_pending_incoming(Some(64 * 4)) + .with_max_established_incoming(Some(128 * 4)) + // A single peer only needs one connection; allow 4 for brief overlap during reconnects + .with_max_established_per_peer(Some(4)); + let behaviour = asb::Behaviour::new( min_buy, max_buy, @@ -53,6 +63,7 @@ where env_config, (identity.clone(), namespace), rendezvous_nodes, + connection_limits, ); let (transport, onion_addresses) = asb::transport::new( @@ -60,6 +71,7 @@ where maybe_tor_client, register_hidden_service, num_intro_points, + max_concurrent_rend_requests, )?; let mut swarm = SwarmBuilder::with_existing_identity(identity) diff --git a/swap/tests/harness/mod.rs b/swap/tests/harness/mod.rs index 8dd5b94fde..e12d8965ca 100644 --- a/swap/tests/harness/mod.rs +++ b/swap/tests/harness/mod.rs @@ -353,6 +353,7 @@ async fn start_alice( None, false, 1, + 16, ) .unwrap(); swarm.listen_on(listen_address).unwrap();