On 10/27/2017 5:43 AM, James A. Donald wrote:
Purported peers that have only one connection are clients of the entity to which they are connected, and he is responsible for their good behavior, similarly those that have only two connections. Three good peer connections make you a peer of all the other peers, two good connections do not make you a peer - don't get equal treatment to the vertices by which you are connected, get graylist treatment.
What if you only have two good connections but each of your two connections have 3+ connections - how would good peers with only two connections be able to gain reputation in such a system? i.e. if the connections can be laterally traversed in order to reach any connected node, how would the other nodes be able to know if a peer is honest or if it has been spoofed? I believe this is actually how the recent ransomware spread in networks. They use systems that trust other systems. In order to prevent such attacks, the networking protocols need to be amended. An additional negotiation sublayer can be created which asks the other peer a question only they can know the answer to. This can be something such as encrypting all connections at the tcp/ip level, or applying something like proof of work to make it uneconomical for sybils (but this actually only solves the issue in a probabilistic way). ./gv