ethersphere
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎go.mod‎
Lines changed: 1 addition & 1 deletion b/‎go.mod‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎go.sum‎
Lines changed: 2 additions & 2 deletions b/‎go.sum‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎pkg/hive/hive.go‎
Lines changed: 16 additions & 2 deletions b/‎pkg/hive/hive.go‎
Lines changed: 16 additions & 2 deletions
diff --git a/‎pkg/hive/hive_test.go‎
Lines changed: 227 additions & 6 deletions b/‎pkg/hive/hive_test.go‎
Lines changed: 227 additions & 6 deletions
diff --git a/‎pkg/node/bootstrap.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/node/bootstrap.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/node/node.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/node/node.go‎
Lines changed: 1 addition & 1 deletion
@@ -2,6 +2,7 @@
 /.idea
 /.vscode
 /tmp
+/vendor
 
 # Compiled Object files, Static and Dynamic libs (Shared Objects)
 *.o
 
@@ -13,7 +13,7 @@ require (
 	github.com/ethereum/go-ethereum v1.15.11
 	github.com/ethersphere/batch-archive v0.0.4
 	github.com/ethersphere/go-price-oracle-abi v0.6.9
-	github.com/ethersphere/go-storage-incentives-abi v0.9.4
+	github.com/ethersphere/go-storage-incentives-abi v0.9.3-rc4
 	github.com/ethersphere/go-sw3-abi v0.6.9
 	github.com/ethersphere/langos v1.0.0
 	github.com/go-playground/validator/v10 v10.19.0
 
@@ -240,8 +240,8 @@ github.com/ethersphere/batch-archive v0.0.4 h1:PHmwQfmUEyDJgoX2IqI/R0alQ63+aLPXf
 github.com/ethersphere/batch-archive v0.0.4/go.mod h1:41BPb192NoK9CYjNB8BAE1J2MtiI/5aq0Wtas5O7A7Q=
 github.com/ethersphere/go-price-oracle-abi v0.6.9 h1:bseen6he3PZv5GHOm+KD6s4awaFmVSD9LFx+HpB6rCU=
 github.com/ethersphere/go-price-oracle-abi v0.6.9/go.mod h1:sI/Qj4/zJ23/b1enzwMMv0/hLTpPNVNacEwCWjo6yBk=
-github.com/ethersphere/go-storage-incentives-abi v0.9.4 h1:mSIWXQXg5OQmH10QvXMV5w0vbSibFMaRlBL37gPLTM0=
-github.com/ethersphere/go-storage-incentives-abi v0.9.4/go.mod h1:SXvJVtM4sEsaSKD0jc1ClpDLw8ErPoROZDme4Wrc/Nc=
+github.com/ethersphere/go-storage-incentives-abi v0.9.3-rc4 h1:YK9FpiQz29ctU5V46CuwMt+4X5Xn8FTBwy6E2v/ix8s=
+github.com/ethersphere/go-storage-incentives-abi v0.9.3-rc4/go.mod h1:SXvJVtM4sEsaSKD0jc1ClpDLw8ErPoROZDme4Wrc/Nc=
 github.com/ethersphere/go-sw3-abi v0.6.9 h1:TnWLnYkWE5UvC17mQBdUmdkzhPhO8GcqvWy4wvd1QJQ=
 github.com/ethersphere/go-sw3-abi v0.6.9/go.mod h1:BmpsvJ8idQZdYEtWnvxA8POYQ8Rl/NhyCdF0zLMOOJU=
 github.com/ethersphere/langos v1.0.0 h1:NBtNKzXTTRSue95uOlzPN4py7Aofs0xWPzyj4AI1Vcc=
 
@@ -64,9 +64,10 @@ type Service struct {
 	sem               *semaphore.Weighted
 	bootnode          bool
 	allowPrivateCIDRs bool
+	overlay           swarm.Address
 }
 
-func New(streamer p2p.Streamer, addressbook addressbook.GetPutter, networkID uint64, bootnode bool, allowPrivateCIDRs bool, logger log.Logger) *Service {
+func New(streamer p2p.Streamer, addressbook addressbook.GetPutter, networkID uint64, bootnode bool, allowPrivateCIDRs bool, overlay swarm.Address, logger log.Logger) *Service {
 	svc := &Service{
 		streamer:          streamer,
 		logger:            logger.WithName(loggerName).Register(),
@@ -80,6 +81,7 @@ func New(streamer p2p.Streamer, addressbook addressbook.GetPutter, networkID uin
 		sem:               semaphore.NewWeighted(int64(swarm.MaxBins)),
 		bootnode:          bootnode,
 		allowPrivateCIDRs: allowPrivateCIDRs,
+		overlay:           overlay,
 	}
 
 	if !bootnode {
@@ -174,6 +176,11 @@ func (s *Service) sendPeers(ctx context.Context, peer swarm.Address, peers []swa
 	w, _ := protobuf.NewWriterAndReader(stream)
 	var peersRequest pb.Peers
 	for _, p := range peers {
+		if p.Equal(s.overlay) {
+			s.logger.Debug("skipping self-address in broadcast", "overlay", p.String())
+			continue
+		}
+
 		addr, err := s.addressBook.Get(p)
 		if err != nil {
 			if errors.Is(err, addressbook.ErrNotFound) {
@@ -290,8 +297,15 @@ func (s *Service) checkAndAddPeers(peers pb.Peers) {
 			continue
 		}
 
+		overlayAddr := swarm.NewAddress(p.Overlay)
+
+		if overlayAddr.Equal(s.overlay) {
+			s.logger.Debug("skipping self-address in peer list", "overlay", overlayAddr.String())
+			continue
+		}
+
 		bzzAddress := bzz.Address{
-			Overlay:   swarm.NewAddress(p.Overlay),
+			Overlay:   overlayAddr,
 			Underlays: multiUnderlays,
 			Signature: p.Signature,
 			Nonce:     p.Nonce,
 
@@ -50,10 +50,9 @@ func TestHandlerRateLimit(t *testing.T) {
 	// new recorder
 	streamer := streamtest.New()
 	// create a hive server that handles the incoming stream
-	server := hive.New(streamer, addressbookclean, networkID, false, true, logger)
-	testutil.CleanupCloser(t, server)
-
 	serverAddress := swarm.RandAddress(t)
+	server := hive.New(streamer, addressbookclean, networkID, false, true, serverAddress, logger)
+	testutil.CleanupCloser(t, server)
 
 	// setup the stream recorder to record stream data
 	serverRecorder := streamtest.New(
@@ -94,7 +93,8 @@ func TestHandlerRateLimit(t *testing.T) {
 	}
 
 	// create a hive client that will do broadcast
-	client := hive.New(serverRecorder, addressbook, networkID, false, true, logger)
+	clientAddress := swarm.RandAddress(t)
+	client := hive.New(serverRecorder, addressbook, networkID, false, true, clientAddress, logger)
 	err := client.BroadcastPeers(context.Background(), serverAddress, peers...)
 	if err != nil {
 		t.Fatal(err)
@@ -273,7 +273,8 @@ func TestBroadcastPeers(t *testing.T) {
 
 			streamer := streamtest.New()
 			// create a hive server that handles the incoming stream
-			server := hive.New(streamer, addressbookclean, networkID, false, true, logger)
+			serverAddress := swarm.RandAddress(t)
+			server := hive.New(streamer, addressbookclean, networkID, false, true, serverAddress, logger)
 			testutil.CleanupCloser(t, server)
 
 			// setup the stream recorder to record stream data
@@ -282,7 +283,8 @@ func TestBroadcastPeers(t *testing.T) {
 			)
 
 			// create a hive client that will do broadcast
-			client := hive.New(recorder, addressbook, networkID, false, tc.allowPrivateCIDRs, logger)
+			clientAddress := swarm.RandAddress(t)
+			client := hive.New(recorder, addressbook, networkID, false, tc.allowPrivateCIDRs, clientAddress, logger)
 
 			if err := client.BroadcastPeers(context.Background(), tc.addresee, tc.peers...); err != nil {
 				t.Fatal(err)
@@ -444,3 +446,222 @@ func shortHex(b []byte) string {
 	}
 	return s
 }
+
+// TestBroadcastPeersSkipsSelf verifies that hive does not broadcast self address
+// to other peers, preventing self-connection attempts.
+func TestBroadcastPeersSkipsSelf(t *testing.T) {
+	t.Parallel()
+
+	logger := log.Noop
+	statestore := mock.NewStateStore()
+	addressbook := ab.New(statestore)
+	networkID := uint64(1)
+	addressbookclean := ab.New(mock.NewStateStore())
+
+	// Create addresses
+	serverAddress := swarm.RandAddress(t)
+	clientAddress := swarm.RandAddress(t)
+
+	// Create a peer address
+	peer1 := swarm.RandAddress(t)
+	underlay1, err := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/1234")
+	if err != nil {
+		t.Fatal(err)
+	}
+	pk, err := crypto.GenerateSecp256k1Key()
+	if err != nil {
+		t.Fatal(err)
+	}
+	signer := crypto.NewDefaultSigner(pk)
+	overlay1, err := crypto.NewOverlayAddress(pk.PublicKey, networkID, block)
+	if err != nil {
+		t.Fatal(err)
+	}
+	bzzAddr1, err := bzz.NewAddress(signer, []ma.Multiaddr{underlay1}, overlay1, networkID, nonce)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := addressbook.Put(bzzAddr1.Overlay, *bzzAddr1); err != nil {
+		t.Fatal(err)
+	}
+
+	// Create self address entry in addressbook
+	underlayClient, err := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/9999")
+	if err != nil {
+		t.Fatal(err)
+	}
+	pkClient, err := crypto.GenerateSecp256k1Key()
+	if err != nil {
+		t.Fatal(err)
+	}
+	signerClient := crypto.NewDefaultSigner(pkClient)
+	bzzAddrClient, err := bzz.NewAddress(signerClient, []ma.Multiaddr{underlayClient}, clientAddress, networkID, nonce)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := addressbook.Put(clientAddress, *bzzAddrClient); err != nil {
+		t.Fatal(err)
+	}
+
+	// Setup server
+	streamer := streamtest.New()
+	server := hive.New(streamer, addressbookclean, networkID, false, true, serverAddress, logger)
+	testutil.CleanupCloser(t, server)
+
+	serverRecorder := streamtest.New(
+		streamtest.WithProtocols(server.Protocol()),
+	)
+
+	// Setup client
+	client := hive.New(serverRecorder, addressbook, networkID, false, true, clientAddress, logger)
+	testutil.CleanupCloser(t, client)
+
+	// Try to broadcast: peer1, clientAddress (self), and another peer
+	peersIncludingSelf := []swarm.Address{bzzAddr1.Overlay, clientAddress, peer1}
+
+	err = client.BroadcastPeers(context.Background(), serverAddress, peersIncludingSelf...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Get records
+	records, err := serverRecorder.Records(serverAddress, "hive", "1.1.0", "peers")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(records) == 0 {
+		t.Fatal("expected at least one record")
+	}
+
+	// Read the messages
+	messages, err := readAndAssertPeersMsgs(records[0].In(), 1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Verify that clientAddress (self) was NOT included in broadcast
+	for _, peerMsg := range messages[0].Peers {
+		receivedOverlay := swarm.NewAddress(peerMsg.Overlay)
+		if receivedOverlay.Equal(clientAddress) {
+			t.Fatal("self address should not be broadcast to peers")
+		}
+	}
+
+	// Verify server addressbook eventually contains only the valid peers, not self
+	err = spinlock.Wait(spinTimeout, func() bool {
+		overlays, err := addressbookclean.Overlays()
+		if err != nil {
+			t.Fatal(err)
+		}
+		// Should only have bzzAddr1, not clientAddress
+		for _, o := range overlays {
+			if o.Equal(clientAddress) {
+				return false // self should not be in addressbook
+			}
+		}
+		return true
+	})
+	if err != nil {
+		t.Fatal("self address found in server addressbook")
+	}
+}
+
+// TestReceivePeersSkipsSelf verifies that hive does not add self address
+// when receiving peer lists from other peers.
+func TestReceivePeersSkipsSelf(t *testing.T) {
+	t.Parallel()
+
+	logger := log.Noop
+	statestore := mock.NewStateStore()
+	addressbook := ab.New(statestore)
+	networkID := uint64(1)
+	addressbookclean := ab.New(mock.NewStateStore())
+
+	// Create addresses
+	serverAddress := swarm.RandAddress(t)
+	clientAddress := swarm.RandAddress(t)
+
+	// Create a valid peer
+	underlay1, err := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/1234")
+	if err != nil {
+		t.Fatal(err)
+	}
+	pk1, err := crypto.GenerateSecp256k1Key()
+	if err != nil {
+		t.Fatal(err)
+	}
+	signer1 := crypto.NewDefaultSigner(pk1)
+	overlay1, err := crypto.NewOverlayAddress(pk1.PublicKey, networkID, block)
+	if err != nil {
+		t.Fatal(err)
+	}
+	bzzAddr1, err := bzz.NewAddress(signer1, []ma.Multiaddr{underlay1}, overlay1, networkID, nonce)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if err := addressbook.Put(bzzAddr1.Overlay, *bzzAddr1); err != nil {
+		t.Fatal(err)
+	}
+
+	// Create self address entry (serverAddress) that will be sent by client
+	underlayServer, err := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/8888")
+	if err != nil {
+		t.Fatal(err)
+	}
+	pkServer, err := crypto.GenerateSecp256k1Key()
+	if err != nil {
+		t.Fatal(err)
+	}
+	signerServer := crypto.NewDefaultSigner(pkServer)
+	bzzAddrServer, err := bzz.NewAddress(signerServer, []ma.Multiaddr{underlayServer}, serverAddress, networkID, nonce)
+	if err != nil {
+		t.Fatal(err)
+	}
+	// Add server's own address to client's addressbook (so client can send it)
+	if err := addressbook.Put(serverAddress, *bzzAddrServer); err != nil {
+		t.Fatal(err)
+	}
+
+	// Setup server that will receive peers including its own address
+	streamer := streamtest.New()
+	server := hive.New(streamer, addressbookclean, networkID, false, true, serverAddress, logger)
+	testutil.CleanupCloser(t, server)
+
+	serverRecorder := streamtest.New(
+		streamtest.WithProtocols(server.Protocol()),
+	)
+
+	// Setup client
+	client := hive.New(serverRecorder, addressbook, networkID, false, true, clientAddress, logger)
+	testutil.CleanupCloser(t, client)
+
+	// Client broadcasts: valid peer and server's own address
+	peersIncludingSelf := []swarm.Address{bzzAddr1.Overlay, serverAddress}
+
+	err = client.BroadcastPeers(context.Background(), serverAddress, peersIncludingSelf...)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Wait a bit for server to process
+	time.Sleep(100 * time.Millisecond)
+
+	// Verify server's addressbook does NOT contain its own address
+	overlays, err := addressbookclean.Overlays()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	for _, o := range overlays {
+		if o.Equal(serverAddress) {
+			t.Fatal("server should not add its own address to addressbook when received from peer")
+		}
+	}
+
+	// Verify server does have the valid peer
+	_, err = addressbookclean.Get(bzzAddr1.Overlay)
+	if err != nil {
+		t.Fatalf("expected server to have valid peer in addressbook, got error: %v", err)
+	}
+}
@@ -117,7 +117,7 @@ func bootstrapNode(
 	b.p2pService = p2ps
 	b.p2pHalter = p2ps
 
-	hive := hive.New(p2ps, addressbook, networkID, o.BootnodeMode, o.AllowPrivateCIDRs, logger)
+	hive := hive.New(p2ps, addressbook, networkID, o.BootnodeMode, o.AllowPrivateCIDRs, swarmAddress, logger)
 
 	if err = p2ps.AddProtocol(hive.Protocol()); err != nil {
 		return nil, fmt.Errorf("hive service: %w", err)
 
@@ -748,7 +748,7 @@ func NewBee(
 		return nil, fmt.Errorf("pingpong service: %w", err)
 	}
 
-	hive := hive.New(p2ps, addressbook, networkID, o.BootnodeMode, o.AllowPrivateCIDRs, logger)
+	hive := hive.New(p2ps, addressbook, networkID, o.BootnodeMode, o.AllowPrivateCIDRs, swarmAddress, logger)
 
 	if err = p2ps.AddProtocol(hive.Protocol()); err != nil {
 		return nil, fmt.Errorf("hive service: %w", err)
Original file line number	Diff line number	Diff line change
`@@ -748,7 +748,7 @@ func NewBee(`
`748`	`748`	`return nil, fmt.Errorf("pingpong service: %w", err)`
`749`	`749`	`}`
`750`	`750`
`751`		`- hive := hive.New(p2ps, addressbook, networkID, o.BootnodeMode, o.AllowPrivateCIDRs, logger)`
	`751`	`+ hive := hive.New(p2ps, addressbook, networkID, o.BootnodeMode, o.AllowPrivateCIDRs, swarmAddress, logger)`
`752`	`752`
`753`	`753`	`if err = p2ps.AddProtocol(hive.Protocol()); err != nil {`
`754`	`754`	`return nil, fmt.Errorf("hive service: %w", err)`