You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, the requirement for a consumer chain to launch is to have at least one eligible validator opted in. This includes inactive validators. Given the relative low cost of creating an inactive validator (see https://www.mintscan.io/cosmos/validators), an attacker could launch a large number of consumer chains. Currently, ICS is a "push" protocol, i.e., the provider sends validator updates to all the launched consumer chains. Since this happens in the EndBlock of the provider module, there is a risk of DOS attacks.
Problem Definition
No response
Proposed Feature
A long-term solution is to make ICS a "pull" protocol. Basically, consumer chains will need to query the provider validator updates using interchain queries. This will take time to implement.
In the meantime, a short-term solution is to require at least one active validator to opt-in on a consumer chain for that chain to launch.
Work Breakdown
The content you are editing has changed. Please copy your edits and refresh the page.
@insumity could you please also limit the number of consumer chains a validator could opt in? It should be a provider param and the default to something like 1000.
Summary
Currently, the requirement for a consumer chain to launch is to have at least one eligible validator opted in. This includes inactive validators. Given the relative low cost of creating an inactive validator (see https://www.mintscan.io/cosmos/validators), an attacker could launch a large number of consumer chains. Currently, ICS is a "push" protocol, i.e., the provider sends validator updates to all the launched consumer chains. Since this happens in the EndBlock of the provider module, there is a risk of DOS attacks.
Problem Definition
No response
Proposed Feature
A long-term solution is to make ICS a "pull" protocol. Basically, consumer chains will need to query the provider validator updates using interchain queries. This will take time to implement.
In the meantime, a short-term solution is to require at least one active validator to opt-in on a consumer chain for that chain to launch.
Work Breakdown
Must have
The text was updated successfully, but these errors were encountered: