Bannlist for monerod (spy nodes)

[nice42q]

https://gist.github.com/Rucknium/76edd249c363b9ecf2517db4fab42e88
https://github.com/Boog900/monero-ban-list/

It would be good if the ban list for spy nodes was added.

[shermand100]

Ok, I'll look into re-adding a ban list.

Historically we have in the past ( a couple of years ago there were malicious nodes falsely reporting higher than verified block heights).

I'll take a look tomorrow to add a method for users to opt-in to the ban list.
Last time it was applied to everyone.

[shermand100]

Ok, so as per a message I put in the telegram channel I've taken a bit more of an in-depth look at options.

So with reference to the links you posted above with Rucknium creating a tool to compare Monerod connected peers, White list and Gray List to a Ban-List I wasn't keen to add even more dependencies and add-ons to PiNodeXMR for this purpose. We already have Peer lists in the Web-UI so have manipulated those to do the same job. Below is the script:

https://github.com/shermand100/PiNodeXMR/blob/master/BanListCompare.sh

Which isn't pretty but amongst other things posts a summary of quantities of matches between peer lists and the suspected malicious nodes.

It can be run from it's URL by pasting into PiNodeXMR terminal:

wget -O - https://raw.githubusercontent.com/shermand100/PiNodeXMR/refs/heads/master/BanListCompare.sh | bash

But because of limitations of not getting connected peer info over unrestricted RPC it's best configured for the "Public Free Node" option on PiNodeXMR, using the internal unrestricted Port 18083.

Ok so, Step (2) :

Because of how Monero by default has had its peer selection methods upgraded over the years to prevent eclipse attacks, the random selection of peers from the white list seems to have minimised at least my exposure to these supposed 'spy nodes'. As shown in the image above.

So unless geographically a region has a different need I feel we have time to implement something long-term rathe than a quick fix to block some nodes at the user level.

My concerns are of centralisation, 'who am I to demand that a list of IPs (nodes) is banned from Monero?' And if some consensus is agreed on the banning, how to we implement it.

My current thinking is to have an empty Ban list enabled in all node modes, then allow this list to be filled/emptied by a user so it's their choice. This list can be appended to multiple lists can be incorporated into it, with some default lists selectable from a menu, but a free url box available so a user can specify a text file that can be pulled in?

Any thoughts?

[shermand100]

The relevent MRL meeting for context:
monero-project/meta#1119

[shermand100]

To follow MRL ban list recommendations monero-project/meta#1124

PiNodeXMR v6.24.12 has been released with the purpose to now include a user menu to add ban lists.

ca8d560

• Every Monerod mode now includes use of the the --ban-list flag. Default empty ban list.
• A user can, from the new terminal setup menu option (8)extra network tools, select from 4 options.
• 1. append the contents of boog900 ban list into their local ban list.
• 2. append the contents of the ban list at gui.xmr.pm into their local ban list.
• 3. append the contents of a suitably formatted text file (IP list, each line escaped) into the local ban list from a user specified URL or other local file path.
• 4. clear the current in use ban list on their device to 0. Because each option above simply appends entries, the ban list will grow and grow, a user should periodically clear their ban list and 'pull' in an updated/current set of nodes.

PiNodeXMR wiki entry created to the same effect:

https://github.com/shermand100/PiNodeXMR/wiki/Use-of-IP-Ban-Lists

A few more tweaks may be needed to this tool. It's not perfect, but functional and hope the community can decide/ MRL which direction they'd like this to go in next.