Aarsh Shah
Aarsh Shah
@raulk @yusefnapora Can we solve this by making the AutoNAT server send the dial response as a _signed peer record_ where the public key is the one from which the...
The above solution isn't a solution to this problem. The problem we want to solve is: "We want to be absolutely sure that the AutoNAT server did indeed dial us...
Note: Even after we finish this, an AutoNAT server can still falsely tell a client that it's NAT status is private.
> Can't an attacker just tell us the wrong addresses? It can but it would also require the attacker to do some POW in the form of signing the nonce...
@Stebalien Also, note that there are ways to solve the races that you mention. > It's a little tricker than that. > > We may learn about the dial completing...
ping @raulk to address @Stebalien's concerns.
@petar Please can you elaborate on the approach @Stebalien is talking about ? Are we talking of using the DHT to "discover" peers that provide the AutoNAT service ?
Hey @magik6k Is this still required/good to have ?
@marten-seemann Would you be able to create the PR for this or do you want me to create one ?
@marten-seemann I am not sure it would be easy to source the local and remote multi-addresses for the connection that we require for calling `InterceptSecured` in `go-libp2p-tls`. _However_, I do...