From 0fb7ef4051dd1cefd3915fdb6d29adbb857dc941 Mon Sep 17 00:00:00 2001 From: Chenna Keshava B S <21219765+ckeshava@users.noreply.github.com> Date: Mon, 18 Sep 2023 22:00:59 -0700 Subject: [PATCH] docs(overlay): add URL of blog post and clarify wording (#4635) --- src/ripple/overlay/README.md | 9 +++++---- src/ripple/overlay/ReduceRelayCommon.h | 4 ++++ 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/ripple/overlay/README.md b/src/ripple/overlay/README.md index 8be890ef7..6525e5edf 100644 --- a/src/ripple/overlay/README.md +++ b/src/ripple/overlay/README.md @@ -343,10 +343,11 @@ messages for the local and remote endpoints, and combine them to generate a uniq "fingerprint". By design, this fingerprint should be the same for both SSL/TLS endpoints. -That fingerprint, which is never shared over the wire (since each endpoint will -calculate it independently), is then signed by each server using its public -**`secp256k1`** node identity and the signature is transferred over the SSL/TLS -encrypted link during the protocol handshake phase. +That fingerprint is calculated by each endpoint independently, so the +fingerprint is never transmitted over the network. Each server then utilizes its +private key to sign the fingerprint. This is the same keypair that determines +the server's public `secp256k1` node identity. The signature is transferred over +the secure SSL/TLS encrypted link during the protocol's initial handshake phase. Each side of the link will verify that the provided signature is from the claimed public key against the session's unique fingerprint. If this signature check fails diff --git a/src/ripple/overlay/ReduceRelayCommon.h b/src/ripple/overlay/ReduceRelayCommon.h index 3b87c3c8c..8289e467e 100644 --- a/src/ripple/overlay/ReduceRelayCommon.h +++ b/src/ripple/overlay/ReduceRelayCommon.h @@ -24,6 +24,10 @@ namespace ripple { +// Blog post explaining the rationale behind reduction of flooding gossip +// protocol: +// https://xrpl.org/blog/2021/message-routing-optimizations-pt-1-proposal-validation-relaying.html + namespace reduce_relay { // Peer's squelch is limited in time to