/routing/v1/providers should deduplicate results

Question

/routing/v1/providers should deduplicate results

lidel opened this issue a year ago · comments

Filling issue in this repo as @ischasny suggested on Slack here

Problem

cid.contact returns 15 copies of the same /dns4/elastic.dag.house/.. provider in
https://cid.contact/routing/v1/providers/bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi

This looks like a bug.

The /routing/v1 API (IPIP-337) returns no information about ContextIDs, returning the same provider multiple times serves no purpose, only degrades lookup perf.

DoS attack vector

What happens when there is 100 of them, and client is unable to connect to this specific spammy provider, and unable to learn about others because it limited response to max 20 or 100 providers and all are copies of the same one?

Simple misconfiguration like this could make specific CIDs unreachable due to no useful providers.

Masih H. Derkani · Answer 1 · Thu May 18 2023 22:29:55 GMT+0800 (China Standard Time)

Thank you for pointing this out. The fix will be in indexstar