Browse Source
Remembering all time samples makes nTimeOffset slow to respond to system clock corrections. For instance, I start my node with a system clock that's 30 minutes slow and run it for a few days. During that time, I accumulate 10,000 offset samples with a median of 1800 seconds. Now I correct my system clock. Without this change, my node must collect another 10,000 samples before nTimeOffset is correct again. With this change, I must only accumulate 100 samples to correct the offset. Storing unlimited time samples also allows an attacker with many IP addresses (ex, a large botnet) to perform a memory exhaustion attack against Bitcoin nodes. The attacker sends a version message from each IP to his target, consuming more of the target's memory each time. Time samples are small, so this attack might be impractical under the old code, but it's impossible with the new code.0.8
Michael Hendricks
13 years ago
2 changed files with 17 additions and 10 deletions
Loading…
Reference in new issue