commonware_p2p/authenticated/lookup/config.rs
1use commonware_cryptography::Signer;
2use commonware_utils::NZU32;
3use governor::Quota;
4use std::{net::SocketAddr, time::Duration};
5
6/// Configuration for the peer-to-peer instance.
7///
8/// # Warning
9/// It is recommended to synchronize this configuration across peers in the network (with the
10/// exception of `crypto`, `listen`, `allow_private_ips`, and `mailbox_size`).
11/// If this is not synchronized, connections could be unnecessarily dropped, messages could be parsed incorrectly,
12/// and/or peers will rate limit each other during normal operation.
13#[derive(Clone)]
14pub struct Config<C: Signer> {
15 /// Cryptographic primitives.
16 pub crypto: C,
17
18 /// Prefix for all signed messages to avoid replay attacks.
19 pub namespace: Vec<u8>,
20
21 /// Address to listen on.
22 pub listen: SocketAddr,
23
24 /// Dialable address of the peer.
25 pub dialable: SocketAddr,
26
27 /// Whether or not to allow connections with private IP addresses.
28 pub allow_private_ips: bool,
29
30 /// Maximum size allowed for messages over any connection.
31 ///
32 /// The actual size of the network message will be higher due to overhead from the protocol;
33 /// this may include additional metadata, data from the codec, and/or cryptographic signatures.
34 pub max_message_size: usize,
35
36 /// Message backlog allowed for internal actors.
37 ///
38 /// When there are more messages in the mailbox than this value, any actor
39 /// sending a message will be blocked until the mailbox is processed.
40 pub mailbox_size: usize,
41
42 /// Time into the future that a timestamp can be and still be considered valid.
43 pub synchrony_bound: Duration,
44
45 /// Duration after which a handshake message is considered stale.
46 pub max_handshake_age: Duration,
47
48 /// Timeout for the handshake process.
49 ///
50 /// This is often set to some value less than the connection read timeout to prevent
51 /// unauthenticated peers from holding open connection.
52 pub handshake_timeout: Duration,
53
54 /// Quota for connection attempts per peer (incoming or outgoing).
55 pub allowed_connection_rate_per_peer: Quota,
56
57 /// Quota for incoming connections across all peers.
58 pub allowed_incoming_connection_rate: Quota,
59
60 /// Frequency at which we send ping messages to peers.
61 pub ping_frequency: Duration,
62
63 /// Quota for ping messages received from a peer.
64 pub allowed_ping_rate: Quota,
65
66 /// Average frequency at which we make a single dial attempt across all peers.
67 pub dial_frequency: Duration,
68
69 /// Average frequency at which we will fetch a new list of dialable peers.
70 ///
71 /// This value also limits the rate at which we attempt to re-dial any single peer.
72 pub query_frequency: Duration,
73
74 /// Number of peer sets to track.
75 ///
76 /// We will attempt to maintain connections to peers stored
77 /// across all peer sets, not just the most recent. This allows
78 /// us to continue serving requests to peers that have recently
79 /// been evicted and/or to communicate with peers in a future
80 /// set (if we, for example, are trying to do a reshare of a threshold
81 /// key).
82 pub tracked_peer_sets: usize,
83}
84
85impl<C: Signer> Config<C> {
86 /// Generates a configuration with reasonable defaults for usage in production.
87 pub fn recommended(
88 crypto: C,
89 namespace: &[u8],
90 listen: SocketAddr,
91 dialable: SocketAddr,
92 max_message_size: usize,
93 ) -> Self {
94 Self {
95 crypto,
96 namespace: namespace.to_vec(),
97 listen,
98 dialable,
99
100 allow_private_ips: false,
101 max_message_size,
102 mailbox_size: 1_000,
103 synchrony_bound: Duration::from_secs(5),
104 max_handshake_age: Duration::from_secs(10),
105 handshake_timeout: Duration::from_secs(5),
106 allowed_connection_rate_per_peer: Quota::per_minute(NZU32!(1)),
107 allowed_incoming_connection_rate: Quota::per_second(NZU32!(256)),
108 ping_frequency: Duration::from_secs(50),
109 allowed_ping_rate: Quota::per_minute(NZU32!(2)),
110 dial_frequency: Duration::from_millis(1_000),
111 query_frequency: Duration::from_secs(60),
112 tracked_peer_sets: 4,
113 }
114 }
115
116 /// Generates a configuration that minimizes peer discovery latency. This
117 /// can be useful when running local demos.
118 ///
119 /// # Warning
120 /// It is not recommended to use this configuration in production.
121 pub fn aggressive(
122 crypto: C,
123 namespace: &[u8],
124 listen: SocketAddr,
125 dialable: SocketAddr,
126 max_message_size: usize,
127 ) -> Self {
128 Self {
129 crypto,
130 namespace: namespace.to_vec(),
131 listen,
132 dialable,
133
134 allow_private_ips: true,
135 max_message_size,
136 mailbox_size: 1_000,
137 synchrony_bound: Duration::from_secs(5),
138 max_handshake_age: Duration::from_secs(10),
139 handshake_timeout: Duration::from_secs(5),
140 allowed_connection_rate_per_peer: Quota::per_second(NZU32!(1)),
141 allowed_incoming_connection_rate: Quota::per_second(NZU32!(256)),
142 ping_frequency: Duration::from_secs(5),
143 allowed_ping_rate: Quota::per_second(NZU32!(2)),
144 dial_frequency: Duration::from_millis(500),
145 query_frequency: Duration::from_secs(30),
146 tracked_peer_sets: 4,
147 }
148 }
149
150 #[cfg(test)]
151 pub fn test(crypto: C, listen: SocketAddr, max_message_size: usize) -> Self {
152 Self {
153 crypto,
154 namespace: b"test_namespace".to_vec(),
155 listen,
156 dialable: listen,
157
158 allow_private_ips: true,
159 max_message_size,
160 mailbox_size: 1_000,
161 synchrony_bound: Duration::from_secs(5),
162 max_handshake_age: Duration::from_secs(10),
163 handshake_timeout: Duration::from_secs(5),
164 allowed_connection_rate_per_peer: Quota::per_second(NZU32!(4)),
165 allowed_incoming_connection_rate: Quota::per_second(NZU32!(1_024)),
166 ping_frequency: Duration::from_secs(1),
167 allowed_ping_rate: Quota::per_second(NZU32!(5)),
168 dial_frequency: Duration::from_millis(200),
169 query_frequency: Duration::from_millis(5_000),
170 tracked_peer_sets: 4,
171 }
172 }
173}