From e92780da484b969d3b94f1a18a1296360f9da9b9 Mon Sep 17 00:00:00 2001 From: Patrick Strateman Date: Thu, 20 Aug 2015 16:47:49 -0700 Subject: [PATCH] Add comments to AttemptToEvictConnection --- src/net.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/net.cpp b/src/net.cpp index 6466bae9bab43..0dd74ae04d658 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -950,13 +950,20 @@ static bool AttemptToEvictConnection(bool fPreferNewConnection) { } // Protect connections with certain characteristics + + // Deterministically select 4 peers to protect by netgroup. + // An attacker cannot predict which netgroups will be protected. static CompareNetGroupKeyed comparerNetGroupKeyed; std::sort(vEvictionCandidates.begin(), vEvictionCandidates.end(), comparerNetGroupKeyed); vEvictionCandidates.erase(vEvictionCandidates.end() - std::min(4, static_cast(vEvictionCandidates.size())), vEvictionCandidates.end()); + // Protect the 8 nodes with the best ping times. + // An attacker cannot manipulate this metric without physically moving nodes closer to the target. std::sort(vEvictionCandidates.begin(), vEvictionCandidates.end(), ReverseCompareNodeMinPingTime); vEvictionCandidates.erase(vEvictionCandidates.end() - std::min(8, static_cast(vEvictionCandidates.size())), vEvictionCandidates.end()); + // Protect the 64 nodes which have been connected the longest. + // This replicates the existing implicit behavior. std::sort(vEvictionCandidates.begin(), vEvictionCandidates.end(), ReverseCompareNodeTimeConnected); vEvictionCandidates.erase(vEvictionCandidates.end() - std::min(64, static_cast(vEvictionCandidates.size())), vEvictionCandidates.end());