Sybil attack?

[D4nte]

Considering https://github.com/vacp2p/specs/blob/fb198dc0e46c9ada1d4ddc8a73f431dd3ab978fa/specs/waku/v2/waku-relay.md#L57

Which means that only attackers that follow the protocol are considered.
If I understand correctly, it means that we do not take in account attackers that are performing a Sybil attack by not relaying messages to other peers.

If Bob, creates enough nodes for Alice to only be connected to Bob nodes then Bob could simply censor Alice by not relaying any of the messages (which is not as per the protocol).

Is there any reason why this scenario is excluded? Am I missing something?

[staheri14]

Thanks, @D4nte for opening the discussion!

If Bob, creates enough nodes for Alice to only be connected to Bob nodes then Bob could simply censor Alice by not relaying any of the messages (which is not as per the protocol).

Your attack scenario is valid, but it is not discussed in the security analysis section since the adversarial model targets passive adversaries i.e., those who follow the protocol. If everyone follows the instructions then such an attack would never happen.

Is there any reason why this scenario is excluded?

The Sybil attack is not excluded, it is just not considered an attack under the defined adversarial model.
Sybil / Eclipse attacks fit the active/malicious adversarial model which is going to be covered in the next step.

Feel free to share such attack scenarios in this discussion, will cover them in the next round of security analysis that is for active adversaries.

Some general thoughts about Sybil/Eclipse attack:

• One general solution is to make peers pay some fee to join the relay protocol (something similar to rln-relay)