Add handshake handling of peer timestamp deviation.

evoskuil · evoskuil · commit 3bf1a2ced070 · 2025-06-03T18:19:08.000-04:00
diff --git a/include/bitcoin/network/error.hpp b/include/bitcoin/network/error.hpp
@@ -75,6 +75,7 @@ enum error_t : uint8_t
     peer_disconnect,
     peer_unsupported,
     peer_insufficient,
+    peer_timestamp,
     protocol_violation,
     channel_overflow,
     channel_underflow,
diff --git a/include/bitcoin/network/protocols/protocol_version_31402.hpp b/include/bitcoin/network/protocols/protocol_version_31402.hpp
@@ -78,6 +78,8 @@ class BCT_API protocol_version_31402
     const uint64_t invalid_services_;
 
 private:
+    static bool is_disallowed_deviation(uint64_t timestamp) NOEXCEPT;
+
     // These are protected by strand.
     bool sent_version_{};
     bool received_version_{};
diff --git a/src/error.cpp b/src/error.cpp
@@ -51,6 +51,7 @@ DEFINE_ERROR_T_MESSAGE_MAP(error)
     { peer_disconnect, "peer disconnect" },
     { peer_unsupported, "peer unsupported" },
     { peer_insufficient, "peer insufficient" },
+    { peer_timestamp, "peer timestamp" },
     { protocol_violation, "protocol violation" },
     { channel_overflow, "channel overflow" },
     { channel_underflow, "channel underflow" },
diff --git a/src/protocols/protocol_version_31402.cpp b/src/protocols/protocol_version_31402.cpp
@@ -40,6 +40,9 @@ using namespace system;
 using namespace messages;
 using namespace std::placeholders;
 
+// Drop peer it its clock deviates more than 2 hours from own clock.
+constexpr auto allowed_timestamp_deviation = hours{ 2 };
+
 // Require the configured minimum protocol and services by default.
 protocol_version_31402::protocol_version_31402(const session::ptr& session,
     const channel::ptr& channel) NOEXCEPT
@@ -273,6 +276,16 @@ bool protocol_version_31402::handle_receive_acknowledge(const code& ec,
 // Incoming [receive_version => send_acknowledge].
 // ----------------------------------------------------------------------------
 
+// private
+bool protocol_version_31402::is_disallowed_deviation(
+    uint64_t timestamp) NOEXCEPT
+{
+    const auto now = wall_clock::now();
+    const auto time = wall_clock::from_time_t(timestamp);
+    return time < (now - allowed_timestamp_deviation)
+        || time > (now + allowed_timestamp_deviation);
+}
+
 bool protocol_version_31402::handle_receive_version(const code& ec,
     const version::cptr& message) NOEXCEPT
 {
@@ -320,6 +333,15 @@ bool protocol_version_31402::handle_receive_version(const code& ec,
         return false;
     }
 
+    if (is_disallowed_deviation(message->timestamp))
+    {
+        LOGP("Timestamp out of range (" << message->value << ") "
+            "for [" << authority() << "].");
+
+        rejection(error::peer_timestamp);
+        return false;
+    }
+
     const auto version = std::min(message->value, maximum_version_);
     set_negotiated_version(version);
     set_peer_version(message);
diff --git a/src/protocols/protocol_version_70002.cpp b/src/protocols/protocol_version_70002.cpp
@@ -84,14 +84,20 @@ void protocol_version_70002::rejection(const code& ec) NOEXCEPT
     }
     else if (ec == error::peer_unsupported)
     {
-        SEND((reject{ version::command, reject::reason_code::nonstandard }),
+        SEND((reject{ version::command, reject::reason_code::undefined,
+            "services" }),
             handle_send, _1);
     }
     else if (ec == error::protocol_violation)
     {
         SEND((reject{ version::command, reject::reason_code::duplicate }),
             handle_send, _1);
     }
+    else if (ec == error::peer_timestamp)
+    {
+        SEND((reject{ version::command, reject::reason_code::undefined,
+            "timestamp" }), handle_send, _1);
+    }
 
     return protocol_version_70001::rejection(ec);
 }
diff --git a/test/error.cpp b/test/error.cpp
@@ -182,6 +182,15 @@ BOOST_AUTO_TEST_CASE(error_t__code__peer_insufficient__true_exected_message)
     BOOST_REQUIRE_EQUAL(ec.message(), "peer insufficient");
 }
 
+BOOST_AUTO_TEST_CASE(error_t__code__peer_timestamp__true_exected_message)
+{
+    constexpr auto value = error::peer_timestamp;
+    const auto ec = code(value);
+    BOOST_REQUIRE(ec);
+    BOOST_REQUIRE(ec == value);
+    BOOST_REQUIRE_EQUAL(ec.message(), "peer timestamp");
+}
+
 BOOST_AUTO_TEST_CASE(error_t__code__protocol_violation__true_exected_message)
 {
     constexpr auto value = error::protocol_violation;

Original file line number	Diff line number	Diff line change
`@@ -84,14 +84,20 @@ void protocol_version_70002::rejection(const code& ec) NOEXCEPT`
`84`	`84`	`}`
`85`	`85`	`else if (ec == error::peer_unsupported)`
`86`	`86`	`{`
`87`		`- SEND((reject{ version::command, reject::reason_code::nonstandard }),`
	`87`	`+ SEND((reject{ version::command, reject::reason_code::undefined,`
	`88`	`+ "services" }),`
`88`	`89`	`handle_send, _1);`
`89`	`90`	`}`
`90`	`91`	`else if (ec == error::protocol_violation)`
`91`	`92`	`{`
`92`	`93`	`SEND((reject{ version::command, reject::reason_code::duplicate }),`
`93`	`94`	`handle_send, _1);`
`94`	`95`	`}`
	`96`	`+ else if (ec == error::peer_timestamp)`
	`97`	`+ {`
	`98`	`+ SEND((reject{ version::command, reject::reason_code::undefined,`
	`99`	`+ "timestamp" }), handle_send, _1);`
	`100`	`+ }`
`95`	`101`
`96`	`102`	`return protocol_version_70001::rejection(ec);`
`97`	`103`	`}`