Just wondering if you covered any of this?
https://gist.github.com/ttiiggss/e8a1bc5dc326e66b202ae08955bfeb19
Ty!
This in particular...
For a public, permissionless mesh (anyone can join) — not yet. The four critical/high items (root hijacking, ancestry spoofing, bloom poisoning, discovery flooding) all assume a malicious node inside the mesh. In a permissionless network, that's guaranteed. The protocol needs:
Root election with cost — proof-of-work, minimum age, or stake
Per-entry ancestry signatures — already on their roadmap
Bloom filter validation — reject suspiciously dense filters
Per-source LookupRequest rate limiting — cap flood generation
For a public, permissionless mesh (anyone can join) — not yet. The four critical/high items (root hijacking, ancestry spoofing, bloom poisoning, discovery flooding) all assume a malicious node inside the mesh. In a permissionless network, that's guaranteed. The protocol needs:
Root election with cost — proof-of-work, minimum age, or stake
Per-entry ancestry signatures — already on their roadmap
Bloom filter validation — reject suspiciously dense filters
Per-source LookupRequest rate limiting — cap flood generation
2
