libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers
found that libp2p-rendezvous server has no limit on how many namespaces a single peer can register. a malicious peer can just keep registering unique namespaces in a loop and the server happily accepts every single one allocating memory for each registration with no pushback. keep doing this long enough (or with multiple sybil peers) and the server process gets OOM killed. no auth required. any peer on the network can …