@hive-p2p/server 1.0.52 → 1.0.54

package/core/arbiter.mjs

@@ -84,8 +84,8 @@ export class Arbiter {
 	/** Call from HiveP2P module only! @param {string} from @param {any} message @param {Uint8Array} serialized @param {number} [powCheckFactor] default: 0.01 (1%) */
 	async digestMessage(from, message, serialized, powCheckFactor = .01) {
 		const { senderId, pubkey, topic, expectedEnd } = message; // avoid powControl() on banished peers
-		this.#signatureControl(from, message, serialized);
-		if (!this.#lengthControl(topic ? 'gossip' : 'unicast', serialized, expectedEnd)) return;
+		if (!this.#signatureControl(from, message, serialized)) return;
+		if (!this.#lengthControl(from, topic ? 'gossip' : 'unicast', serialized, expectedEnd)) return;
 
 		if (topic) this.#hopsControl(from, message);
 		else this.#routeLengthControl(from, message);
@@ -93,19 +93,27 @@ export class Arbiter {
 		if (this.isBanished(from) || this.isBanished(senderId)) return;
 		if (this.trustBalances[senderId] > TRUST_VALUES.VALID_POW) return;
 		if (Math.random() < powCheckFactor) await this.#powControl(senderId, pubkey);
+		return true;
 	}
-	/** @param {'gossip' | 'unicast'} type */
-	#lengthControl(type, serialized, expectedEnd) {
+	/** @param {string} from @param {'gossip' | 'unicast'} type */
+	#lengthControl(from, type, serialized, expectedEnd) {
 		if (!expectedEnd || serialized.length === expectedEnd) return true;
 		this.adjustTrust(from, TRUST_VALUES.WRONG_LENGTH, `${type} message length mismatch`);
 	}
 	/** @param {string} from @param {import('./gossip.mjs').GossipMessage} message @param {Uint8Array} serialized */
 	#signatureControl(from, message, serialized) {
-		const { pubkey, signature, signatureStart } = message;
-		const signedData = serialized.subarray(0, signatureStart);
-		const signatureValid = this.cryptoCodex.verifySignature(pubkey, signature, signedData);
-		if (signatureValid) this.adjustTrust(from, TRUST_VALUES.VALID_SIGNATURE, 'Gossip signature valid');
-		else this.adjustTrust(from, TRUST_VALUES.WRONG_SIGNATURE, 'Gossip signature invalid');
+		try {
+			const { pubkey, signature, signatureStart } = message;
+			const signedData = serialized.subarray(0, signatureStart);
+			const signatureValid = this.cryptoCodex.verifySignature(pubkey, signature, signedData);
+			if (!signatureValid) throw new Error('Gossip signature invalid');
+			this.adjustTrust(from, TRUST_VALUES.VALID_SIGNATURE, 'Gossip signature valid');
+			return true;
+		} catch (error) {
+			if (this.verbose > 1) console.error(`%c(Arbiter: ${this.id}) Error during signature verification from ${from}: ${error.stack}`, LOG_CSS.ARBITER);
+			if (this.verbose > 2) console.log(`%c(Arbiter) signatureControl() error details: ${message}`, LOG_CSS.ARBITER);
+		}
+		this.adjustTrust(from, TRUST_VALUES.WRONG_SIGNATURE, 'Gossip signature invalid');
 	}
 	/** GOSSIP only @param {string} from @param {import('./gossip.mjs').GossipMessage} message */
 	#hopsControl(from, message) {

package/core/gossip.mjs

@@ -131,7 +131,8 @@ export class Gossip {
 
 		const message = this.cryptoCodex.readGossipMessage(serialized);
 		if (!message) return this.arbiter.countPeerAction(from, 'WRONG_SERIALIZATION');
-		await this.arbiter.digestMessage(from, message, serialized);
+		const isOk = await this.arbiter.digestMessage(from, message, serialized);
+		if (!isOk) return; // invalid message or from banished peer
 		if (this.arbiter.isBanished(from)) return; // ignore messages from banished peers
 		if (this.arbiter.isBanished(message.senderId)) return; // ignore messages from banished peers
 

package/core/node.mjs

@@ -211,4 +211,13 @@ export class Node {
 	/** Triggered when a new signal answer is received from another peer.
 	 * @param {function} callback can use arguments: (senderId:string, data:SignalData) */
 	onSignalAnswer(callback) { this.messager.on('signal_answer', callback); }
+
+	/** Kick a peer.  @param {string} peerId @param {string} [reason] */
+	kickPeer(peerId, reason = 'kicked_by_node') { this.peerStore.kickPeer(peerId, 0, reason); }
+
+	/** Ban a peer for a certain duration (ms).  @param {string} peerId @param {number} [duration] default: 60_000ms @param {string} [reason] */
+	banPeer(peerId, duration = 60_000, reason = 'banished_by_node') {
+		this.arbiter.trustBalances[peerId] = 0; // reset trust balance
+		this.arbiter.adjustTrust(peerId, -duration, reason);
+	}
 }

package/core/peer-store.mjs

@@ -219,8 +219,8 @@ export class PeerStore { // Manages all peers informations and connections (WebS
 		this.connecting[remoteId][direction] = new PeerConnection(remoteId, instance, direction);
 		return true;
 	}
-	/** @param {string} remoteId @param {{type: 'offer' | 'answer', sdp: Record<string, string>}} signal @param {string} [offerHash] answer only @param {number} timestamp Answer reception timestamp */
-	assignSignal(remoteId, signal, offerHash, timestamp) {
+	/** @param {string} remoteId @param {{type: 'offer' | 'answer', sdp: Record<string, string>}} signal @param {string} [offerHash] answer only @param {number} [timestamp] Answer reception timestamp */
+	assignSignal(remoteId, signal, offerHash, timestamp = CLOCK.time) {
 		const peerConn = this.connecting[remoteId]?.[signal.type === 'offer' ? 'in' : 'out'];
 		try {
 			if (peerConn?.isWebSocket) throw new Error(`Cannot assign signal for ID ${remoteId}. (WebSocket)`);

package/core/unicast.mjs

@@ -114,7 +114,8 @@ export class UnicastMessager {
 
 		const message = this.cryptoCodex.readUnicastMessage(serialized);
 		if (!message) return this.arbiter.countPeerAction(from, 'WRONG_SERIALIZATION');
-		await this.arbiter.digestMessage(from, message, serialized);
+		const isOk = await this.arbiter.digestMessage(from, message, serialized);
+		if (!isOk) return; // invalid message or from banished peer
 		if (this.arbiter.isBanished(from)) return; // ignore messages from banished peers
 		if (this.arbiter.isBanished(message.senderId)) return; // ignore messages from banished peers
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hive-p2p/server",
-  "version": "1.0.52",
+  "version": "1.0.54",
   "publishConfig": {
     "access": "public"
   },