feat: configuration validation

packages/libp2p/.aegir.js

@@ -24,7 +24,9 @@ export default {
       const peerId = await createEd25519PeerId()
       const libp2p = await createLibp2p({
         connectionManager: {
-          inboundConnectionThreshold: Infinity,
+          inboundConnectionThreshold: 1000,
+          maxIncomingPendingConnections: 1000,
+          maxConnections: 1000,
           minConnections: 0
         },
         addresses: {
@@ -51,7 +53,7 @@ export default {
           fetch: fetchService(),
           relay: circuitRelayServer({
             reservations: {
-              maxReservations: Infinity
+              maxReservations: 100000
             }
           })
         }

packages/libp2p/package.json

@@ -157,7 +157,8 @@
     "uint8arraylist": "^2.4.3",
     "uint8arrays": "^4.0.4",
     "wherearewe": "^2.0.1",
-    "xsalsa20": "^1.1.0"
+    "xsalsa20": "^1.1.0",
+    "yup": "^1.2.0"
   },
   "devDependencies": {
     "@chainsafe/libp2p-gossipsub": "^10.0.0",

packages/libp2p/src/address-manager/utils.ts

@@ -1,3 +1,8 @@
+import { type ObjectSchema, object, array, string, mixed } from 'yup'
+import { validateMultiaddr } from '../config/helpers.js'
+import type { AddressManagerInit } from '.'
+import type { Multiaddr } from '@multiformats/multiaddr'
+
 export function debounce (func: () => void, wait: number): () => void {
   let timeout: ReturnType<typeof setTimeout> | undefined
 
@@ -11,3 +16,12 @@ export function debounce (func: () => void, wait: number): () => void {
     timeout = setTimeout(later, wait)
   }
 }
+
+export function validateAddressManagerConfig (opts: AddressManagerInit): ObjectSchema<Record<string, unknown>> {
+  return object({
+    listen: array().of(string()).test('is multiaddr', validateMultiaddr).default([]),
+    announce: array().of(string()).test('is multiaddr', validateMultiaddr).default([]),
+    noAnnounce: array().of(string()).test('is multiaddr', validateMultiaddr).default([]),
+    announceFilter: mixed().default(() => (addrs: Multiaddr[]): Multiaddr[] => addrs)
+  })
+}

packages/libp2p/src/autonat/index.ts

@@ -32,6 +32,7 @@ import map from 'it-map'
 import parallel from 'it-parallel'
 import { pipe } from 'it-pipe'
 import isPrivateIp from 'private-ip'
+import { number, object, string } from 'yup'
 import {
   MAX_INBOUND_STREAMS,
   MAX_OUTBOUND_STREAMS,
@@ -110,7 +111,7 @@ class DefaultAutoNATService implements Startable {
   constructor (components: AutoNATComponents, init: AutoNATServiceInit) {
     this.components = components
     this.started = false
-    this.protocol = `/${init.protocolPrefix ?? PROTOCOL_PREFIX}/${PROTOCOL_NAME}/${PROTOCOL_VERSION}`
+    this.protocol = `/${init.protocolPrefix}/${PROTOCOL_NAME}/${PROTOCOL_VERSION}`
     this.timeout = init.timeout ?? TIMEOUT
     this.maxInboundStreams = init.maxInboundStreams ?? MAX_INBOUND_STREAMS
     this.maxOutboundStreams = init.maxOutboundStreams ?? MAX_OUTBOUND_STREAMS
@@ -587,7 +588,16 @@ class DefaultAutoNATService implements Startable {
 }
 
 export function autoNATService (init: AutoNATServiceInit = {}): (components: AutoNATComponents) => unknown {
+  const validatedConfig = object({
+    protocolPrefix: string().default(PROTOCOL_PREFIX),
+    timeout: number().integer().default(TIMEOUT),
+    startupDelay: number().integer().default(STARTUP_DELAY),
+    refreshInterval: number().integer().default(REFRESH_INTERVAL),
+    maxInboundStreams: number().integer().default(MAX_INBOUND_STREAMS),
+    maxOutboundStreams: number().integer().default(MAX_OUTBOUND_STREAMS)
+  }).validateSync(init)
+
   return (components) => {
-    return new DefaultAutoNATService(components, init)
+    return new DefaultAutoNATService(components, validatedConfig)
   }
 }

packages/libp2p/src/circuit-relay/constants.ts

@@ -70,3 +70,8 @@ export const DEFAULT_HOP_TIMEOUT = 30 * second
  * How long to wait before starting to advertise the relay service
  */
 export const DEFAULT_ADVERT_BOOT_DELAY = 30 * second
+
+/**
+ * The default timeout for Incoming STOP requests from the relay
+ */
+export const DEFAULT_STOP_TIMEOUT = 30 * second

packages/libp2p/src/circuit-relay/server/index.ts

@@ -6,13 +6,18 @@ import { RecordEnvelope } from '@libp2p/peer-record'
 import { type Multiaddr, multiaddr } from '@multiformats/multiaddr'
 import { pbStream, type ProtobufStream } from 'it-protobuf-stream'
 import pDefer from 'p-defer'
+import { object, number, boolean } from 'yup'
 import { MAX_CONNECTIONS } from '../../connection-manager/constants.js'
+import { DEFAULT_MAX_INBOUND_STREAMS, DEFAULT_MAX_OUTBOUND_STREAMS } from '../../registrar.js'
 import {
   CIRCUIT_PROTO_CODE,
+  DEFAULT_DURATION_LIMIT,
   DEFAULT_HOP_TIMEOUT,
-  RELAY_SOURCE_TAG,
-  RELAY_V2_HOP_CODEC,
-  RELAY_V2_STOP_CODEC
+  DEFAULT_MAX_RESERVATION_CLEAR_INTERVAL,
+  DEFAULT_MAX_RESERVATION_STORE_SIZE,
+  DEFAULT_MAX_RESERVATION_TTL,
+  RELAY_SOURCE_TAG
+  , RELAY_V2_HOP_CODEC, RELAY_V2_STOP_CODEC
 } from '../constants.js'
 import { HopMessage, type Reservation, Status, StopMessage } from '../pb/index.js'
 import { createLimitedRelay } from '../utils.js'
@@ -441,7 +446,20 @@ class CircuitRelayServer extends EventEmitter<RelayServerEvents> implements Star
 }
 
 export function circuitRelayServer (init: CircuitRelayServerInit = {}): (components: CircuitRelayServerComponents) => CircuitRelayService {
+  const validatedConfig = object({
+    hopTimeout: number().min(0).integer().default(DEFAULT_HOP_TIMEOUT),
+    reservations: object({
+      maxReservations: number().integer().min(0).default(DEFAULT_MAX_RESERVATION_STORE_SIZE),
+      reservationClearInterval: number().integer().min(0).default(DEFAULT_MAX_RESERVATION_CLEAR_INTERVAL),
+      applyDefaultLimit: boolean().default(true),
+      reservationTtl: number().integer().min(0).default(DEFAULT_MAX_RESERVATION_TTL),
+      defaultDurationLimit: number().integer().min(0).default(DEFAULT_DURATION_LIMIT).max(init?.reservations?.reservationTtl ?? DEFAULT_MAX_RESERVATION_TTL, `default duration limit must be less than reservation TTL: ${init?.reservations?.reservationTtl}`)
+    }),
+    maxInboundHopStreams: number().integer().min(0).default(DEFAULT_MAX_INBOUND_STREAMS),
+    maxOutboundHopStreams: number().integer().min(0).default(DEFAULT_MAX_OUTBOUND_STREAMS)
+  }).validateSync(init)
+
   return (components) => {
-    return new CircuitRelayServer(components, init)
+    return new CircuitRelayServer(components, validatedConfig)
   }
 }

packages/libp2p/src/circuit-relay/transport/index.ts

@@ -6,9 +6,10 @@ import { streamToMaConnection } from '@libp2p/utils/stream-to-ma-conn'
 import * as mafmt from '@multiformats/mafmt'
 import { multiaddr } from '@multiformats/multiaddr'
 import { pbStream } from 'it-protobuf-stream'
+import { number, object } from 'yup'
 import { MAX_CONNECTIONS } from '../../connection-manager/constants.js'
 import { codes } from '../../errors.js'
-import { CIRCUIT_PROTO_CODE, RELAY_V2_HOP_CODEC, RELAY_V2_STOP_CODEC } from '../constants.js'
+import { CIRCUIT_PROTO_CODE, DEFAULT_STOP_TIMEOUT, RELAY_V2_HOP_CODEC, RELAY_V2_STOP_CODEC } from '../constants.js'
 import { StopMessage, HopMessage, Status } from '../pb/index.js'
 import { RelayDiscovery, type RelayDiscoveryComponents } from './discovery.js'
 import { createListener } from './listener.js'
@@ -100,12 +101,6 @@ export interface CircuitRelayTransportInit extends RelayStoreInit {
   reservationCompletionTimeout?: number
 }
 
-const defaults = {
-  maxInboundStopStreams: MAX_CONNECTIONS,
-  maxOutboundStopStreams: MAX_CONNECTIONS,
-  stopTimeout: 30000
-}
-
 class CircuitRelayTransport implements Transport {
   private readonly discovery?: RelayDiscovery
   private readonly registrar: Registrar
@@ -116,9 +111,9 @@ class CircuitRelayTransport implements Transport {
   private readonly addressManager: AddressManager
   private readonly connectionGater: ConnectionGater
   private readonly reservationStore: ReservationStore
-  private readonly maxInboundStopStreams: number
+  private readonly maxInboundStopStreams?: number
   private readonly maxOutboundStopStreams?: number
-  private readonly stopTimeout: number
+  private readonly stopTimeout?: number
   private started: boolean
 
   constructor (components: CircuitRelayTransportComponents, init: CircuitRelayTransportInit) {
@@ -129,9 +124,9 @@ class CircuitRelayTransport implements Transport {
     this.upgrader = components.upgrader
     this.addressManager = components.addressManager
     this.connectionGater = components.connectionGater
-    this.maxInboundStopStreams = init.maxInboundStopStreams ?? defaults.maxInboundStopStreams
-    this.maxOutboundStopStreams = init.maxOutboundStopStreams ?? defaults.maxOutboundStopStreams
-    this.stopTimeout = init.stopTimeout ?? defaults.stopTimeout
+    this.maxInboundStopStreams = init.maxInboundStopStreams
+    this.maxOutboundStopStreams = init.maxOutboundStopStreams
+    this.stopTimeout = init.stopTimeout
 
     if (init.discoverRelays != null && init.discoverRelays > 0) {
       this.discovery = new RelayDiscovery(components)
@@ -321,7 +316,7 @@ class CircuitRelayTransport implements Transport {
    * An incoming STOP request means a remote peer wants to dial us via a relay
    */
   async onStop ({ connection, stream }: IncomingStreamData): Promise<void> {
-    const signal = AbortSignal.timeout(this.stopTimeout)
+    const signal = AbortSignal.timeout(this.stopTimeout ?? DEFAULT_STOP_TIMEOUT)
     const pbstr = pbStream(stream).pb(StopMessage)
     const request = await pbstr.read({
       signal
@@ -389,8 +384,15 @@ class CircuitRelayTransport implements Transport {
   }
 }
 
-export function circuitRelayTransport (init: CircuitRelayTransportInit = {}): (components: CircuitRelayTransportComponents) => Transport {
+export function circuitRelayTransport (init?: CircuitRelayTransportInit): (components: CircuitRelayTransportComponents) => Transport {
+  const validatedConfig = object({
+    discoverRelays: number().min(0).integer().default(0),
+    maxInboundStopStreams: number().min(0).integer().default(MAX_CONNECTIONS),
+    maxOutboundStopStreams: number().min(0).integer().default(MAX_CONNECTIONS),
+    stopTimeout: number().min(0).integer().default(DEFAULT_STOP_TIMEOUT)
+  }).validateSync(init)
+
   return (components) => {
-    return new CircuitRelayTransport(components, init)
+    return new CircuitRelayTransport(components, validatedConfig)
   }
 }

packages/libp2p/src/config/config.ts

@@ -0,0 +1,44 @@
+import { FaultTolerance } from '@libp2p/interface/transport'
+import { publicAddressesFirst } from '@libp2p/utils/address-sort'
+import { dnsaddrResolver } from '@multiformats/multiaddr/resolvers'
+import mergeOptions from 'merge-options'
+import { object } from 'yup'
+import { validateAddressManagerConfig } from '../address-manager/utils.js'
+import { validateConnectionManagerConfig } from '../connection-manager/utils.js'
+import type { AddressManagerInit } from '../address-manager'
+import type { ConnectionManagerInit } from '../connection-manager/index.js'
+import type { Libp2pInit } from '../index.js'
+import type { ServiceMap, RecursivePartial } from '@libp2p/interface'
+
+const DefaultConfig: Partial<Libp2pInit> = {
+  connectionManager: {
+    resolvers: {
+      dnsaddr: dnsaddrResolver
+    },
+    addressSorter: publicAddressesFirst
+  },
+  transportManager: {
+    faultTolerance: FaultTolerance.FATAL_ALL
+  }
+}
+
+export function validateConfig <T extends ServiceMap = Record<string, unknown>> (opts: RecursivePartial<Libp2pInit<T>>): Libp2pInit<T> {
+  const libp2pConfig = object({
+    addresses: validateAddressManagerConfig(opts?.addresses as AddressManagerInit),
+    connectionManager: validateConnectionManagerConfig(opts?.connectionManager as ConnectionManagerInit)
+  })
+
+  if ((opts?.services) != null) {
+    // @ts-expect-error until we resolve https://github.com/libp2p/js-libp2p/pull/1762 and have a better way of discovering type dependencies
+    // eslint-disable-next-line @typescript-eslint/strict-boolean-expressions
+    if ((opts.services?.kadDHT || opts.services?.relay || opts.services?.ping) && !opts.services.identify) {
+      throw new Error('identify service is required when using kadDHT, relay, or ping')
+    }
+  }
+
+  const parsedOpts = libp2pConfig.validateSync(opts)
+
+  const resultingOptions: Libp2pInit<T> = mergeOptions(DefaultConfig, parsedOpts)
+
+  return resultingOptions
+}

packages/libp2p/src/config/helpers.ts

@@ -0,0 +1,12 @@
+import { multiaddr } from '@multiformats/multiaddr'
+
+export const validateMultiaddr = (value: Array<string | undefined> | undefined): boolean => {
+  value?.forEach((addr) => {
+    try {
+      multiaddr(addr)
+    } catch (err) {
+      throw new Error(`invalid multiaddr: ${addr}`)
+    }
+  })
+  return true
+}

packages/libp2p/src/connection-manager/utils.ts

@@ -2,6 +2,10 @@ import { setMaxListeners } from 'events'
 import { logger } from '@libp2p/logger'
 import { type AbortOptions, multiaddr, type Multiaddr } from '@multiformats/multiaddr'
 import { type ClearableSignal, anySignal } from 'any-signal'
+import { type ObjectSchema, array, number, object, string } from 'yup'
+import { validateMultiaddr } from '../config/helpers.js'
+import { AUTO_DIAL_CONCURRENCY, AUTO_DIAL_INTERVAL, AUTO_DIAL_PRIORITY, DIAL_TIMEOUT, INBOUND_CONNECTION_THRESHOLD, INBOUND_UPGRADE_TIMEOUT, MAX_CONNECTIONS, MAX_INCOMING_PENDING_CONNECTIONS, MAX_PARALLEL_DIALS, MAX_PARALLEL_DIALS_PER_PEER, MAX_PEER_ADDRS_TO_DIAL, MIN_CONNECTIONS } from './constants.js'
+import type { ConnectionManagerInit } from '.'
 
 const log = logger('libp2p:connection-manager:utils')
 
@@ -73,3 +77,22 @@ export function combineSignals (...signals: Array<AbortSignal | undefined>): Cle
 
   return signal
 }
+
+export const validateConnectionManagerConfig = (opts: ConnectionManagerInit): ObjectSchema<Record<string, unknown>> => {
+  return object({
+    maxConnections: number().min(opts?.minConnections ?? MIN_CONNECTIONS, `maxConnections must be greater than the min connections limit: ${opts?.minConnections}`).integer().default(MAX_CONNECTIONS),
+    minConnections: number().min(0).integer().max(opts?.maxConnections ?? MAX_CONNECTIONS, `minConnections must be less than the max connections limit: ${opts?.maxConnections}`).default(MIN_CONNECTIONS),
+    autoDialInterval: number().min(0).integer().default(AUTO_DIAL_INTERVAL),
+    autoDialConcurrency: number().min(0).integer().default(AUTO_DIAL_CONCURRENCY),
+    autoDialPriority: number().min(0).integer().default(AUTO_DIAL_PRIORITY),
+    maxParallelDials: number().min(0).integer().default(MAX_PARALLEL_DIALS),
+    maxParallelDialsPerPeer: number().max(opts?.autoDialConcurrency ?? AUTO_DIAL_CONCURRENCY, `maxParallelDialsPerPeer must be less than the min auto dial conccurency limit: ${opts?.autoDialConcurrency}`).default(MAX_PARALLEL_DIALS_PER_PEER),
+    maxPeerAddrsToDialed: number().min(0).integer().default(MAX_PEER_ADDRS_TO_DIAL),
+    dialTimeout: number().min(0).integer().default(DIAL_TIMEOUT),
+    inboundUpgradeTimeout: number().integer().default(INBOUND_UPGRADE_TIMEOUT),
+    allow: array().of(string()).test('is multiaddr', validateMultiaddr).optional(),
+    deny: array().of(string()).test('is multiaddr', validateMultiaddr).optional(),
+    inboundConnectionThreshold: number().max(opts?.maxConnections ?? MAX_CONNECTIONS, `inboundConnectionThreshold must be less than the max connections limit: ${opts?.inboundConnectionThreshold}`).integer().default(INBOUND_CONNECTION_THRESHOLD),
+    maxIncomingPendingConnections: number().integer().max(opts?.maxConnections ?? MAX_CONNECTIONS, `maxIncomingPendingConnections must be less than the max connections limit: ${opts?.maxIncomingPendingConnections}`).default(MAX_INCOMING_PENDING_CONNECTIONS)
+  })
+}

packages/libp2p/src/fetch/constants.ts

@@ -1,3 +1,7 @@
 // https://github.com/libp2p/specs/tree/master/fetch#wire-protocol
 export const PROTOCOL_VERSION = '0.0.1'
 export const PROTOCOL_NAME = 'fetch'
+
+export const MAX_INBOUND_STREAMS = 1
+export const MAX_OUTBOUND_STREAMS = 1
+export const TIMEOUT = 60000

packages/libp2p/src/fetch/index.ts

@@ -7,8 +7,9 @@ import * as lp from 'it-length-prefixed'
 import { pipe } from 'it-pipe'
 import { fromString as uint8arrayFromString } from 'uint8arrays/from-string'
 import { toString as uint8arrayToString } from 'uint8arrays/to-string'
+import { number, object, string } from 'yup'
 import { codes } from '../errors.js'
-import { PROTOCOL_NAME, PROTOCOL_VERSION } from './constants.js'
+import { MAX_INBOUND_STREAMS, MAX_OUTBOUND_STREAMS, PROTOCOL_NAME, PROTOCOL_VERSION, TIMEOUT } from './constants.js'
 import { FetchRequest, FetchResponse } from './pb/proto.js'
 import type { AbortOptions } from '@libp2p/interface'
 import type { Stream } from '@libp2p/interface/connection'
@@ -100,7 +101,7 @@ class DefaultFetchService implements Startable, FetchService {
   constructor (components: FetchServiceComponents, init: FetchServiceInit) {
     this.started = false
     this.components = components
-    this.protocol = `/${init.protocolPrefix ?? 'libp2p'}/${PROTOCOL_NAME}/${PROTOCOL_VERSION}`
+    this.protocol = `/${init.protocolPrefix}/${PROTOCOL_NAME}/${PROTOCOL_VERSION}`
     this.lookupFunctions = new Map() // Maps key prefix to value lookup function
     this.handleMessage = this.handleMessage.bind(this)
     this.init = init
@@ -309,5 +310,12 @@ class DefaultFetchService implements Startable, FetchService {
 }
 
 export function fetchService (init: FetchServiceInit = {}): (components: FetchServiceComponents) => FetchService {
-  return (components) => new DefaultFetchService(components, init)
+  const validatedConfig = object({
+    protocolPrefix: string().default('libp2p'),
+    timeout: number().integer().default(TIMEOUT),
+    maxInboundStreams: number().integer().min(0).default(MAX_INBOUND_STREAMS),
+    maxOutboundStreams: number().integer().min(0).default(MAX_OUTBOUND_STREAMS)
+  }).validateSync(init)
+
+  return (components) => new DefaultFetchService(components, validatedConfig)
 }