FLIP 64 - Identifying and Ejecting Errant Access Nodes

kshitij.chaudhary · February 1, 2023, 4:34pm

Identifying and Ejecting Errant Access Nodes

Status	Proposed
FLIP #	64
Author(s)	James Lofgren ([email protected])
Sponsor	@kshitij.chaudhary @vishal
FLIP Document	https://github.com/onflow/flips/blob/main/governance/20230105-identify-errant-node.md

The launch of permissionless ANs is an important step in the continued decentralization of Flow, but also creates an opportunity for byzantine nodes to send malicious traffic to other staked nodes. The FLIP focuses on proposing a community-observed, community-driven and cost-effective plan for operators to communicate about errant behavior of Access Nodes, and lays out a plan for the service account administrators to eject such errant nodes once community consensus has been built.

b17z · February 14, 2023, 6:43pm

LGTM. Looking forward to seeing it implemented!

bluesign · February 15, 2023, 1:22pm

I really can’t understand this:

Individual node operators can protect network liveness through standard network monitoring and infrastructure best practices such as blocking messages, firewall rules, and rate-limiting, until the issue can be resolved.

This is great power to give to EN. We need to decide AN is inside network or not.

rickeey55 · March 30, 2023, 9:23am

How could it work?