Add initial Eclipse attack simulation module with metrics collection #950
Conversation
|
@Fatumayattani : Thank you for opening the PR on eclipse attack simulation. Great effort indeed. CCing @acul71, @yashksaini-coder, @bomanaps for their thoughts and feedback. This PR will indeed impact the py-libp2p library. There is one CI/CD issue too, which is not related to your pull request. I investigated it and documented it at #949 . @yashksaini-coder , @sumanjeet0012 and @acul71 are fixing it. We will soon have all the CI/CD tests passing. @Fatumayattani : Will re-run CI/CD pipeline once the issue is fixed today or tomorrow. In the meantime, assigning you more projects and issues on py-libp2p. |
|
@Fatumayattani can I get the access for this ? |
|
Thank you @seetadev for the review and for coordinating on the CI/CD issue. I’ll re-run the checks once that’s resolved. @yashksaini-coder I’ve added you as a collaborator so you now have access to the feature/attack-simulation branch. Please let me know if you face any issues or need anything else to get started. Really appreciate everyone’s feedback and support in pushing this forward. |
|
@Fatumayattani @seetadev Hi, I've reviewed the PR, and executed the checks and all tests on my end. Everything is good, all test cases passed ✔️ and some new changes to fix the linting and minor errors. I will work on this for adding more attack simulation and review |
|
@Fatumayattani , @yashksaini-coder : Wonderful, great to hear. Appreciate your efforts. We will review this PR in detail. Re-ran the CI/CD pipeline. Since, it is an important module addition, wish to have feedback first from @acul71 , @lla-dane and @sumanjeet0012 . We will discuss with @pacrob and have his review after discussing in tomorrow's maintainer's call. |
There was a problem hiding this comment.
PR #950 Review: Eclipse Attack Simulation Module
Summary
This PR introduces a Network Attack Simulation module for py-libp2p with a well-designed dual-layer architecture for Eclipse attack testing.
Recommendation: ✅ APPROVE with mods
Implementation Analysis
✅ What's Working Well:
- Dual-layer architecture - Simulation + Real integration
- Real integration tests - 3/3 tests pass with actual libp2p hosts
- Comprehensive framework - Well-structured attack simulation foundation
- Test coverage - 9/9 tests pass (6 simulation + 3 real integration)
✅ Architecture Design:
- Simulation Layer: Fast framework validation with placeholder metrics (by design)
- Real Integration Layer: Comprehensive attack simulation with actual libp2p components
Current Assessment
- Test Coverage: 100% (9/9 tests pass)
- Code Quality: Excellent structure with real integration
- Documentation: Comprehensive README with clear usage examples
- Performance: Fast simulation (0.40s) + Real integration (2.06s)
- Functionality: ✅ COMPLETE - Both layers working as designed
Final Recommendation
✅ APPROVE but answer questions
and also wait is there a newsfragment?
(venv) luca@r17:~/PNL_Launchpad_Curriculum/Libp2p/py-libp2p$ l newsfragments/57
ls: cannot access 'newsfragments/57': No such file or directory
| 1. [Metrics and Analysis](#metrics-and-analysis) | ||
| 1. [Roadmap](#roadmap) | ||
| 1. [Eclipse Attack Flow](#eclipse-attack-flow) | ||
| 1. [Contributing](#contributing) |
There was a problem hiding this comment.
Why are all this 1s here not 1,2,3,....
There was a problem hiding this comment.
Just noticed the auto-tab completion
| "honest_nodes": 10, | ||
| "malicious_nodes": 3, | ||
| "attack_intensity": 0.5, | ||
| } |
There was a problem hiding this comment.
Did you try with different settings? are them handled ?
There was a problem hiding this comment.
Some logs with different settings?
You may want to open a discussion page, and only put a link here, to not over bloat the PR
There was a problem hiding this comment.
I will try with different settings and have the screenshot of the results in the Discussion page for this.
…lation' into feature/attack-simulation
for improved clarity and maintainability
…store result as json
|
Thanks everyone for the feedback and contributions. I’ve added the missing newsfragment. Kudos to @yashksaini-coder for running additional tests, and Discussion #960 contains the comprehensive Eclipse attack simulation results. Special thanks to @acul71 for the detailed review and @seetadev for coordinating the CI/CD workflow. Really appreciate everyone’s collaboration and support on this. |
|
@seetadev @Fatumayattani @Fatumayattani @yashksaini-coder |
- Add new attack strategies and analysis - chore(attack_simulation): Update README
Phase 2 implementationFollowing the code review feedback from @acul71 I've implemented more attack simulation improvements and also ensured proper type safety and code quality: Testing Improvements
Documentation
Requesting a code review and feedback from @seetadev @acul71 Updated.Attack.simulation.Test.runs.mp4 |
Thanks @yashksaini-coder for your enthusiasms. |
|
@Fatumayattani and @yashksaini-coder : Fantastic efforts and coordination. Appreciate it. The roadmap looks neat. Appreciate the efforts and contribution. Keep up the good progress. +1, completely agree with @acul71. Both you and @Fatumayattani can spearhead this very important PR towards phase 2 and towards a good conclusion. Looking forward to improving the security of py-libp2p with the collaborative efforts of our team. |
|
Thanks again everyone for the great effort and collaboration so far. The progress on this module has been amazing to see. I think it would be good for us to come up with a brief plan for what’s next so we can divide tasks clearly and keep communication open. That way we avoid overlapping work and make sure we’re all aligned as we move forward with the next phase. Really appreciate all the energy and support from you @seetadev @acul71 @yashksaini-coder and I’m looking forward to continuing to build on this together. |
| honest_nodes: int = 3, # Start smaller for testing | ||
| malicious_nodes: int = 1, |
There was a problem hiding this comment.
These args are never used. The function just returns one of each.
There was a problem hiding this comment.
Updated the function to actually use honest_nodes and malicious_nodes parameters in loops
| # Save summary report | ||
| summary_file = ( | ||
| Path(__file__).parent.parent / "results" / "attack_summary_report.json" | ||
| ) |
There was a problem hiding this comment.
Consider writing report files to either a temporary location outside the repo or to a location that is added to .gitignore. Running the tests as they are now leaves the repo dirty.
There was a problem hiding this comment.
Add results directory location into .gitignore
docs/tls-support.rst
Outdated
| from libp2p.security.tls.transport import TLSTransport | ||
| async def main(): | ||
| host = await new_host(security_transports=[TLSTransport()]) |
There was a problem hiding this comment.
new_host is not an async function. Please verify all your examples work as expected.
There was a problem hiding this comment.
Remove the await keywords from the example code blocks.
… hosts based on parameters
|
I’ve opened a new discussion to coordinate the next phase of the Network Attack Simulation module as we move into the extended attacks and libp2p/interop integration. You can find it here: [Phase 2 Plan — Extended Attack Simulation Suite & Interop Integration] It outlines the upcoming steps, responsibilities, and testing goals so we can stay aligned as we continue building this out together. Thanks @seetadev @acul71 and @yashksaini-coder for the continued support and collaboration on this. |
|
@Fatumayattani There is a failing CI/CD let me work and fix it, before final review. There are no failing test cases 
|
|
@seetadev @Fatumayattani @acul71 requesting a review now, please run the CI/CD pipeline |
|
@yashksaini-coder, @Fatumayattani : Re-ran the CI/Cd pipeline. All tests are passing. Had a discussion with @acul71. We will be sharing detailed feedback soon. Appreciate your great efforts. |
|
@Fatumayattani @yashksaini-coder |
What was wrong?
This PR implements the initial setup for the Network Attack Simulation module in py-libp2p, as discussed in [[Discussion #929]] and tracked under Issue #57. The primary focus is on Eclipse attack simulation, building the test network, simulating malicious peers, and establishing the framework for network attack testing.
How was it fixed?
Added
tests/security/attack_simulation/submodule containing:Eclipse attack:
malicious_peer.py– Simulates malicious peer behaviornetwork_builder.py– Builds test networks with honest and malicious nodesmetrics_collector.py– Collects attack metrics during simulationattack_scenarios.py– Defines different Eclipse attack scenariostest_eclipse_simulation.py– Test suite validating network setup and malicious behaviorUtilities:
attack_metrics.py)network_monitor.py)peer_behavior_simulator.py)Configuration:
attack_configs.py– Attack configuration optionsnetwork_topologies.py– Predefined network topologiesAdded README.md documenting module overview, structure, setup, usage, testing, metrics, roadmap, and Eclipse attack flow (Mermaid diagram)
All tests pass locally (6/6) confirming:
To-Do
Cute Animal Picture