package trust import ( "fmt" "math" "sync" "time" ) const ( // Halflife defines the time (in seconds) by which the transient part // of the ban score decays to one half of it's original value. Halflife = 60 // lambda is the decaying constant. lambda = math.Ln2 / Halflife // Lifetime defines the maximum age of the transient part of the ban // score to be considered a non-zero score (in seconds). Lifetime = 1800 // precomputedLen defines the amount of decay factors (one per second) that // should be precomputed at initialization. precomputedLen = 64 ) // precomputedFactor stores precomputed exponential decay factors for the first // 'precomputedLen' seconds starting from t == 0. var precomputedFactor [precomputedLen]float64 // init precomputes decay factors. func Init() { for i := range precomputedFactor { precomputedFactor[i] = math.Exp(-1.0 * float64(i) * lambda) } } // decayFactor returns the decay factor at t seconds, using precalculated values // if available, or calculating the factor if needed. func decayFactor(t int64) float64 { if t < precomputedLen { return precomputedFactor[t] } return math.Exp(-1.0 * float64(t) * lambda) } // DynamicBanScore provides dynamic ban scores consisting of a persistent and a // decaying component. The persistent score could be utilized to create simple // additive banning policies similar to those found in other bitcoin node // implementations. // // The decaying score enables the creation of evasive logic which handles // misbehaving peers (especially application layer DoS attacks) gracefully // by disconnecting and banning peers attempting various kinds of flooding. // DynamicBanScore allows these two approaches to be used in tandem. // // Zero value: Values of type DynamicBanScore are immediately ready for use upon // declaration. type DynamicBanScore struct { lastUnix int64 transient float64 persistent uint32 mtx sync.Mutex } // String returns the ban score as a human-readable string. func (s *DynamicBanScore) String() string { s.mtx.Lock() r := fmt.Sprintf("persistent %v + transient %v at %v = %v as of now", s.persistent, s.transient, s.lastUnix, s.int(time.Now())) s.mtx.Unlock() return r } // Int returns the current ban score, the sum of the persistent and decaying // scores. // // This function is safe for concurrent access. func (s *DynamicBanScore) Int() uint32 { s.mtx.Lock() r := s.int(time.Now()) s.mtx.Unlock() return r } // Increase increases both the persistent and decaying scores by the values // passed as parameters. The resulting score is returned. // // This function is safe for concurrent access. func (s *DynamicBanScore) Increase(persistent, transient uint32) uint32 { s.mtx.Lock() r := s.increase(persistent, transient, time.Now()) s.mtx.Unlock() return r } // Reset set both persistent and decaying scores to zero. // // This function is safe for concurrent access. func (s *DynamicBanScore) Reset() { s.mtx.Lock() s.persistent = 0 s.transient = 0 s.lastUnix = 0 s.mtx.Unlock() } // int returns the ban score, the sum of the persistent and decaying scores at a // given point in time. // // This function is not safe for concurrent access. It is intended to be used // internally and during testing. func (s *DynamicBanScore) int(t time.Time) uint32 { dt := t.Unix() - s.lastUnix if s.transient < 1 || dt < 0 || Lifetime < dt { return s.persistent } return s.persistent + uint32(s.transient*decayFactor(dt)) } // increase increases the persistent, the decaying or both scores by the values // passed as parameters. The resulting score is calculated as if the action was // carried out at the point time represented by the third parameter. The // resulting score is returned. // // This function is not safe for concurrent access. func (s *DynamicBanScore) increase(persistent, transient uint32, t time.Time) uint32 { s.persistent += persistent tu := t.Unix() dt := tu - s.lastUnix if transient > 0 { if Lifetime < dt { s.transient = 0 } else if s.transient > 1 && dt > 0 { s.transient *= decayFactor(dt) } s.transient += float64(transient) s.lastUnix = tu } return s.persistent + uint32(s.transient) }