Security concerns of Zcash network

There’s an ongoing attack on Monero network, for further details read the following article: https://sethsimmons.me/posts/moneros-ongoing-network-attack/
TL;DR Someone deployed ~130 monero nodes to try halt the network. However Monero has more than a thousand nodes so the attack has no success for now.

Now back to Zcash.
Based on blockchair explorer there are 140 nodes running the network: https://blockchair.com/zcash/nodes
Firstly, I wonder if this figure is correct?
If so, then a similar attack would halt zcash network.
Actually I’m surprised that zcash has so few nodes.

If all the above is correct and if I’m not missing something, then it’s crucial to start educate people to run zcash nodes. And deploy more trusted nodes from ZF, ECC and other trusted Zcash entities.

3 Likes

FWIW, historically these tools only see the network from one node, and aren’t designed to distinguish peers (e.g tor nodes).

3 Likes

This says there are only 5 nodes, which seems completely bogus Zchain Network - Zcash Network Visualization
e.g. I don’t see the node that I’m running at my house :wink:
Is there a tool that reliably shows the size of the zcash network?

2 Likes

Yeah I don’t know how that is still up, it’s been completely wrong for years. I don’t know of an alternative yet. It shouldn’t be hard, could build one based on Provisioning Bitcoin Network Crawler · ayeowch/bitnodes Wiki · GitHub

2 Likes

Looks like a fun weekend project!

Does ‘getaddr’ work? I’m unable to try rigjt now

Is that a zcash-cli RPC?

Blockchair has a relatively accurate tool:

But even that one can’t see everything, for example nodes that are behind NAT, Tor or multiple nodes on the same IP may not show up correctly.

1 Like

No its inherent in bitcoin and is the method that crawler uses but it doesn’t seem to be supported here idk, I wonder how blockchair does it
(Sounds silly maybe but what about getting peers, banning them and repeat until you stop getting peers?)
(That call does seem to kind of exceed the concept of ‘least privilege’)

It does seem to be the supported method but idk enough about the protocol to know where or when its used

Nodes behind a NAT, and mobile apps for example, aren’t “reachable” as servers, so they’re typically not listed in these explorers. We could include Tor hidden services though

2 Likes

Do you change the default 8 connections to allow unlimited incoming connections on your node?