Skip to content

Latest commit

 

History

History
118 lines (88 loc) · 4.16 KB

README.md

File metadata and controls

118 lines (88 loc) · 4.16 KB

BT DDoS Shield

Overview

bt-ddos-shield is a Python package designed to address the critical issue of Distributed Denial-of-Service (DDoS) attacks in bittensor ecosystem. The project leverages encryption to protect communication between miners and validators, ensuring the IPs and ports of these nodes remain secure and hidden from malicious actors. This decentralized solution aims to eliminate the financial burden caused by traditional DDoS protection methods like WAF and Cloudflare, which are often costly and impractical for subnets handling large volumes of data.

Project Goals

The goal of this project is to implement a distributed and decentralized system that:

  • Protects miner and validator IP addresses from exposure, preventing potential DDoS attacks.
  • Removes the need for on-chain storage of unencrypted IP addresses and ports, eliminating an obvious attack surface.
  • Uses encrypted messages between miners and validators to securely exchange connection information (connection address).
  • Provides a scalable, decentralized alternative to traditional DDoS protection methods while maintaining performance and minimizing attack vectors.

Features

  1. Encryption-Based Communication:

    • Uses ECIES (Elliptic Curve Integrated Encryption Scheme) to encrypt communication between miners and validators.
    • The encrypted data includes connection details for validator (IP, IP version, and port).

  2. Decentralized DDoS Mitigation:

    • Removes the need for centralized DDoS protection services by distributing connection information securely across nodes.
    • Prevents IP address exposure by sharing encrypted connection data through a decentralized network of subtensors.

  3. Secure Message Exchange:

    • Validators can request the connection information of miners from the subtensor network. This information is validated and decrypted locally using the validator's private key.

Basic Communication Flow

Installation

pip install bt-ddos-shield

Contribution Guidelines

To contribute to the bt-ddos-shield package, the steps below:

1. Clone the Repository:

git clone https://github.com/bactensor/bt-ddos-shield.git
cd bt-ddos-shield

2. Install Dependencies:

Run setup-dev.sh script to install the required dependencies and set up the development environment.

3. Run Tests:

First create a .env.test file filling template file envs/.env.test.template. Stub should be made by setup-dev.sh script. Then activate venv with source .venv/bin/activate and run the following command to execute the tests:

pytest

4. Run Shield locally:

First create a .env file filling template file envs/.env.template. Stub should be made by setup-dev.sh script. Then activate venv with source .venv/bin/activate and run the following command to run the shield:

bin/run_shield.sh

Docker Usage

Creating Docker Image

To create a docker image, run the following command:

cd docker && ./build_image.sh

Running Docker Image

To run created docker image, first create a docker/.env file filling template file envs/.env.template. Then run the following command:

cd docker && ./run_image.sh

If one wants to clean objects created by shield run the following command:

cd docker && ./run_image.sh clean

License

See the LICENSE file for more details.