Othentic
  • Introduction
    • Introducing Othentic Stack
    • Use Cases
  • AVS Framework
    • Abstract
    • Quick Start
    • Othentic CLI
      • Key Management
      • Contracts Deployment
      • Operator Registration
      • AVS Logic Implementation
      • Operator Deposit
      • Node Operators
      • Rewards Distribution
      • Add-Ons
        • Metrics and Monitoring
        • Logging
        • Persistent storage
        • Custom P2P Messaging
    • Smart Contracts
      • AVS Governance
      • Attestation Center
      • Hooks
        • Task Logic
        • Operator Management
        • Payment Request
        • Rewards Fee Calculator
      • OBLS
      • Othentic Registry
      • Message Handlers
    • Othentic Consensus
      • Abstract
      • Task & Task Definitions
      • Proof of Task
      • Execution Service
      • Validation Service
      • Voting Power
      • Rewards and Penalties
      • Internal Tasks
    • FAQ
    • Supported Networks
    • CLI Command Reference
    • Explainers
      • Networking
      • Governance Multisig
  • External
    • Github
    • Oracle Example (JS)
    • Oracle Example (Go)
    • Oracle Example (Rust)
    • PRNG Example
Powered by GitBook
On this page
  • Overview
  • Implementation Details
  • Node Configuration
  • Validation Service Integration
  • Example Usage
  • Use cases
  • Concerns and Mitigation Strategies
  • Potential for Spam and DDoS Attacks
  • Unvalidated Raw Bytes
  1. AVS Framework
  2. Othentic CLI
  3. Add-Ons

Custom P2P Messaging

Empower your AVSs with flexible P2P messaging capabilities.

Overview

This enhancement introduces the ability to send custom P2P messages over the AVS network. It enables operators to publish arbitrary data as P2P messages and ensures seamless handling across all nodes in the network.

Implementation Details

New Topic: othentic.p2p.custom_message

  • The new P2P topic othentic.p2p.custom_message is introduced to handle custom messages.

  • All nodes subscribe to this topic by default.

New JSON-RPC Method: sendCustomMessage

Note: If the operator starts without the --json-rpc option, the custom messaging feature will not be available as the JSON-RPC Service will not be enabled.

  • Handler: Implemented in the JSON-RPC server.

  • Functionality:

    • Accepts raw data in bytes format.

    • Publishes the provided data to the othentic.p2p.custom_message topic.

Node Configuration

  • New Startup Option:

    • --json-rpc.custom-message-enabled

    • When enabled, it activates the sendCustomMessage RPC method.

Validation Service Integration

  • Endpoint: /p2p/message

  • Purpose: Receives and processes custom messages from the P2P network.

  • Behavior: Operator sends an HTTP POST request to this endpoint whenever a message is received on the othentic.p2p.custom_message topic.

Example Usage

1. Enabling Custom Message Support

To enable the custom P2P messaging feature, start the aggregator or attester node with the following option:

othentic-cli node aggregator \
    --json-rpc \
    --json-rpc.custom-message-enabled
othentic-cli node attester \
    /ip4/127.0.0.1/tcp/9876/p2p/<BOOTSTRAP_NODE_ID> \
    --json-rpc \
    --json-rpc.custom-message-enabled

2. Sending a Custom P2P Message

Use the new JSON-RPC method sendCustomMessage to send raw data messages to the P2P network. The data must be provided in bytes format.

{  
  "jsonrpc": "2.0",
  "method": "sendCustomMessage",
  "params": ["0x746573744d657373616765"], // Raw data in bytes
  "id": 1
}

The data will be published to the othentic.p2p.custom_message topic.

3. Handling Incoming Messages

Incoming messages on the othentic.p2p.custom_message topic are forwarded to the Validation Service via an HTTP POST request.

POST /p2p/message
Content-Type: application/json

{
  "data": "0x746573744d657373616765"
}

Use cases

Custom messaging can be used to run leader election algorithm when the task is triggered externally via an API. Here is how you can implement it.

  1. When an external API triggers the task, publish the task request to the P2P network using the sendCustomMessage JSON-RPC method. 

    async function publishTask(taskData) {  
  const rpcUrl = "http://127.0.0.1:8545"; // Replace with your RPC server URL
  const hexData = Buffer.from(taskData, "utf8").toString("hex");
  const payload = {
    jsonrpc: "2.0",
    method: "sendCustomMessage",
    params: [`0x${hexData}`],
    id: 1,
  };

  const response = await axios.post(rpcUrl, payload);
}

  2. When a custom message is received on the P2P network, it is forwarded to the /p2p/message endpoint of the Validation Service. At this point, the leader election logic is executed to determine which node will perform the task. The elected leader executes the task. 

    // Endpoint to process custom P2P messages
app.post('/p2p/message', (req, res) => {
  const { data } = req.body;
  const electedLeader = leaderElectionAlgorithm(nodes);
  if (electedLeader === nodeAccount.address) {
       //execute task
  }
});

Concerns and Mitigation Strategies

Potential for Spam and DDoS Attacks

Since this feature allows sending arbitrary custom messages, malicious actors could exploit it to spam the P2P network with excessive messages, potentially leading to a Distributed Denial-of-Service (DDoS) scenario.

Recommendations:

  • Rate Limiting: Introduce rate limits for the sendCustomMessage method to reduce the risk of abuse.

  • Monitoring and Alerts: Implement monitoring to detect unusual activity patterns and respond to potential threats.

Unvalidated Raw Bytes

The custom messages are published as raw bytes without any validation or schema enforcement. This lack of validation poses a risk if the messages contain malformed or malicious content.

Recommendations:

  • Validation Responsibility: The AVS developers must implement robust validation and sanitization logic in the Validation Service to handle incoming messages from the /p2p/message endpoint.

  • Error Handling: Ensure that the Validation Service handles invalid or unexpected message content gracefully without affecting its stability.

PreviousPersistent storageNextSmart Contracts

Last updated 1 month ago