Whitelist P2P Mode

[moshababo]

The default behavior is that a node will create/accept connection to any peer which is not on the black list. We previously discussed about having a strict mode, that unlike the permissive one, will block all peers by default, except these who are explicitly mentioned in a white list.

[kilrau]

Based on nodePubKey and let's stick with the whitelist terminology for now. Easier to understand. Blacklist is the default mode and functionality will exist as ban (#336) and I don't think we need a separate blacklist mode for that anymore.

Basics for whitelist mode:

• only allow to connect to whitelisted nodePubKeys,
• don't close P2P port, rather return defined error code hosts table (db) should include only valid entries #305

[kilrau]

Would you be ok taking this? @reliveyy Sth not clear?

[reliveyy]

@kilrau OK

[kilrau]

EDIT of my comment above:
Default mode and functionality will exist as ban (#336) and there is no need for a separate blacklist mode for that anymore.

Basics for whitelist mode:

• only allow to connect to whitelisted nodePubKeys
• these live in db and offer same functionality as "ban": whitelist <node_pub_key>, unwhitelist <node_pub_key> and additionally viewwhitelist.
• don't close P2P port, rather return WHITELIST_RESTRICTED packet after handshake reveals nodePubKey is not on whitelist.
• Receiving ``WHITELIST_RESTRICTED` should result in same behavior than ban packet (Implement behavior for #152 disconnect package "banned" #693) - stop connecting. Anyone not following this, will eventually be caught by Ban by IP address (fail2ban) #458.

[sangaman]

Is the plan to drop the configurable whitelist IP addresses?

I think those whitelist rpc calls make sense, then I imagine we'd have a configurable option as to whether to only allow node pub keys found on the whitelist.

I think we might want a different disconnection reason from "banned" for when a node is not on the white list.

[kilrau]

Is the plan to drop the configurable whitelist IP addresses?

IP addresses are not too permanent and were never planned to be whitelisted. xud NodePubKeys are.

then I imagine we'd have a configurable option as to whether to only allow node pub keys found on the whitelist.

Exactly.

I think we might want a different disconnection reason from "banned" for when a node is not on the white list.

Ok. Proposal? @sangaman

[sangaman]

Ok. Proposal?

Something like WHITELIST_RESTRICTED I guess - exactly what we call it isn't too important as long as there's a separate reason for it.

[kilrau]

WHITELIST_RESTRICTED sounds good to me. All clear? @reliveyy

[kilrau]

Did you already start with this? If not please move to post-1.0.0 @sangaman

It's not important enough to loose focus of the more pressing raiden and swap issues.

[sangaman]

I haven't, moving the milestone.