eyedeekay
That was hard
eyedeekay
i2p.i2p.2.2.1-nested-netdb has partial isolation now
eyedeekay
All stores are isolated, and all publishes are isolated, but lookups cascade from clients->router netDb still for now which breaks isolation
eyedeekay
But I'm on the last leg of it
eyedeekay
Then I *think* we knock out basically this whole class of netDb attack
eyedeekay
Which is pretty exciting
eyedeekay
There's some fine-tuning to do, it costs memory to have a dozen netDbs, but the client ones are smaller and right now the ones I'm using are bigger than they need to be
obscuratus
eyedeekay: Good to see a light at the end of the tunnel on this one.
eyedeekay
Tell me about it. The extant netDb defenses are impressive in some ways, they're very flexible, but they're extremely difficult to understand and follow on
eyedeekay
I actually will still need to fix one thing about the old defenses after I'm done with this
obscuratus
You said it major. :)
RN
heh
eyedeekay
blinded leaseSets confirmed broken on nested-netDb, I'll fix them and encrypted at the same time before merging it
RN
exciting!