Security of the p2p-layer

First of all, my knowledge of the specifics of Dfinity is very brief, so please clarify anything that I got wrong. I have a solid understanding of Kademlia, even though I have not worked on any implementation so far. I suppose that Dfinity relies on libp2p libraries, which itself depends on Kademlia for node discovery. And many blockchains (Ehtereum, Eth2.0, Substrate) do.

The questions that circulate in my mind regarding p2p security concern most blockchain implementations, as potential attacks happen below the consensus layer. However, such security issues could have severe implications for the consensus layer (latency) or the view on the state, for example when reading the blockchain from a mobile device via a light client.

Have any sort of countermeasures been implemented to prevent spamming, Denial-of-Service, Sybil or Eclipse attacks?

3 Likes