CVE-2020-12821 – Gossipsub 1.0 does not properly resist invalid message spam, such as an e

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12821

Reference (s):

• https://gateway.ipfs.io/ipfs/QmPWuNBs8h6a8KamRvGqhTq5UDYJRQsEEy37zDKjujQQQm/Gossipsub%20Evaluation%20Report.pdf
• https://github.com/ipfs/blog/pull/450
• https://bitcoin.stackexchange.com/questions/61151/eclipse-attack-vs-sybil-attack
• https://github.com/libp2p/specs/blob/master/pubsub/gossipsub/gossipsub-v1.1.md
• https://github.com/libp2p/specs/tree/master/pubsub/gossipsub