Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Discussion] DNS Seed Nodes Maintenance and Centralization #9695

Open
ohchase opened this issue Jan 11, 2025 · 0 comments
Open

[Discussion] DNS Seed Nodes Maintenance and Centralization #9695

ohchase opened this issue Jan 11, 2025 · 0 comments
Labels
discussion

Comments

@ohchase
Copy link

ohchase commented Jan 11, 2025
edited
Loading

Briefly, in order to run a Monerod daemon and successfully communicate with the network there is an initial effort to search for additional Monerod daemon p2p instances to communicate with.

The default behavior when running over Clearnet on the mainnet chain is to first consider the DNS Seed Nodes [0] .
When considering DNS Seed Nodes, if m_enable_dns_seed_nodes is set to false, the entire DNS Seed Node mechanism will be skipped in favor of the IP based seed node mechanism [1]. m_enable_dns_seed_nodes is set to true by default though [2].
There is 4 DNS seed nodes hard coded as of now found in [3].

    const std::vector<std::string> m_seed_nodes_list =
    { "seeds.moneroseeds.se"
    , "seeds.moneroseeds.ae.org"
    , "seeds.moneroseeds.ch"
    , "seeds.moneroseeds.li"
    };

From a historical stackexchange communication it seems that @fluffypony is in control of all of these seed nodes [4].

All of these seed nodes do not seem to be operational.

dig seeds.moneroseeds.se

; <<>> DiG 9.18.28 <<>> seeds.moneroseeds.se
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12086
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;seeds.moneroseeds.se.		IN	A

;; AUTHORITY SECTION:
moneroseeds.se.		10694	IN	SOA	a.dns.gandi.net. hostmaster.gandi.net. 1560022071 10800 3600 604800 10800

;; Query time: 27 msec
;; SERVER: 10.96.0.1#53(10.96.0.1) (UDP)
;; WHEN: Sat Jan 11 13:35:30 EST 2025
;; MSG SIZE  rcvd: 111

The community should consider either

  1. Removing DNS Seed Node Mechanism in Full
  2. Decentralizing the owners of seed nodes

My largest concern with this situation is, if someone was to squat one of the domains they could immediately begin feeding Monerod nodes with their own selection of curated possibly nefarious nodes.

citations/sources
[0]

monero/src/p2p/net_node.inl

Line 860 in 2e8a128

std::set<std::string> node_server<t_payload_net_handler>::get_seed_nodes(epee::net_utils::zone zone)

[1]

monero/src/p2p/net_node.inl

Line 759 in 2e8a128

if (!m_enable_dns_seed_nodes)

[2]

monero/src/p2p/net_node.h

Line 257 in 2e8a128

m_enable_dns_seed_nodes(true),

[3]

monero/src/p2p/net_node.h

Line 301 in 2e8a128

const std::vector<std::string> m_seed_nodes_list =

[4] https://monero.stackexchange.com/questions/11128/how-does-monero-use-dns-to-discover-seed-nodes
@ohchase ohchase changed the title DNS Seed Nodes Maintenance and Centralization [Discussion] DNS Seed Nodes Maintenance and Centralization Jan 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@selsta @ohchase