Security concerns of Zcash network

bruges · December 22, 2020, 10:30am

There’s an ongoing attack on Monero network, for further details read the following article: https://sethsimmons.me/posts/moneros-ongoing-network-attack/
TL;DR Someone deployed ~130 monero nodes to try halt the network. However Monero has more than a thousand nodes so the attack has no success for now.

Now back to Zcash.
Based on blockchair explorer there are 140 nodes running the network: Zcash / Node explorer — Blockchair
Firstly, I wonder if this figure is correct?
If so, then a similar attack would halt zcash network.
Actually I’m surprised that zcash has so few nodes.

If all the above is correct and if I’m not missing something, then it’s crucial to start educate people to run zcash nodes. And deploy more trusted nodes from ZF, ECC and other trusted Zcash entities.

mdr0id · December 22, 2020, 2:40pm

FWIW, historically these tools only see the network from one node, and aren’t designed to distinguish peers (e.g tor nodes).

briansorahan · May 27, 2021, 1:12pm

This says there are only 5 nodes, which seems completely bogus Zchain Network - Zcash Network Visualization
e.g. I don’t see the node that I’m running at my house
Is there a tool that reliably shows the size of the zcash network?

amiller · May 27, 2021, 1:22pm

Yeah I don’t know how that is still up, it’s been completely wrong for years. I don’t know of an alternative yet. It shouldn’t be hard, could build one based on Provisioning Bitcoin Network Crawler · ayeowch/bitnodes Wiki · GitHub

briansorahan · May 27, 2021, 1:54pm

Looks like a fun weekend project!

Autotunafish · May 27, 2021, 3:19pm

Does ‘getaddr’ work? I’m unable to try rigjt now

briansorahan · May 28, 2021, 3:29pm

Is that a zcash-cli RPC?

Shawn · May 28, 2021, 3:46pm

Blockchair has a relatively accurate tool:

But even that one can’t see everything, for example nodes that are behind NAT, Tor or multiple nodes on the same IP may not show up correctly.

Autotunafish · May 28, 2021, 5:39pm

No its inherent in bitcoin and is the method that crawler uses but it doesn’t seem to be supported here idk, I wonder how blockchair does it
(Sounds silly maybe but what about getting peers, banning them and repeat until you stop getting peers?)
(That call does seem to kind of exceed the concept of ‘least privilege’)

Autotunafish · June 1, 2021, 5:32pm

It does seem to be the supported method but idk enough about the protocol to know where or when its used

amiller · June 2, 2021, 1:30pm

Nodes behind a NAT, and mobile apps for example, aren’t “reachable” as servers, so they’re typically not listed in these explorers. We could include Tor hidden services though

aiyadt · June 5, 2021, 9:51pm

Do you change the default 8 connections to allow unlimited incoming connections on your node?