The Peer Misbehavior System: A brief look at `net.cpp`'s role in banning
The Peer Misbehavior System: A brief look at net.cpp's role in banning
In the "Forge of the Core," there is no room for "Traitors." If a peer tries to send your node invalid data, broken signatures, or malformed packets, they must be punished. This is handled by the Misbehavior System. While the "Judgment" of what is bad happens in net_processing.cpp, the "Enforcement" (the Banning) happens in net.cpp and banman.cpp.
For the Sovereign Architect, the Misbehavior System is the "Justice of the Machine." It is the logic that ensures "Bad Actors" are excluded from the network, protecting the resources of the "Good Actors." It is a system of "Automated Discipline."
Analyzing the Justice: Ban and Discourage
In the source code, we see how the node "Marks" a peer as untrustworthy and eventually cuts them off.
/**
* PEDAGOGICAL ANALYSIS: THE JUSTICE OF THE MACHINE
* This logic ensures that malicious peers are identified and excluded.
*/
void CConnman::DisconnectNode(const std::string& strNode)
{
LOCK(cs_vNodes);
for (CNode* pnode : vNodes) {
if (pnode->GetAddrName() == strNode) {
// 1. Mark the peer for "Disconnection".
pnode->fDisconnect = true;
// 2. Add their IP to the "Ban List" (BanMan).
if (m_banman) m_banman->Ban(pnode->addr, ...);
}
}
}
Explaining the Justice: The Exile of the Malicious
-
"The DoS Score": Your node keeps a "Scorecard" for every peer. If they do something slightly wrong (like sending a duplicate transaction), they get a few points. If they do something very wrong (like sending an invalid block), they get 100 points instantly. At 100 points, they are "Banned." It is the Threshold of the Patience.
-
"The Ban List": When a peer is banned, their IP address is written to a file called
banlist.json. For the next 24 hours, if that IP tries to connect, your node will "Hang Up" before even saying "Hello." This protects your node's CPU from being wasted on a known attacker. It is the Memory of the Crime. -
"The Discouragement": Sometimes a peer isn't "Evil," just "Broken" or "Running Old Software." Instead of a full ban, the node might just "Discourage" them. This means it will close the current connection but allow them to try again later. It is the Mercy of the Sovereign.
-
"The Inbound-Only Ban": You can't "Ban" your own "Outbound Scouts" (Chapter 8). If an outbound peer misbehaves, you just disconnect and find a new one. Banning is primarily used to protect your "Inbound Slots" from being filled by attackers. It is the Defense of the Border.
The Sovereignty of the Discipline
A decentralized network is only secure if it has "Incentives" for good behavior and "Punishments" for bad behavior. By running a node that enforces these bans, you are helping to "Clean" the entire Bitcoin network. As a Sovereign Architect, you are the "Judge," commanding a node that provides "Swift and Automated Justice" to anyone who tries to corrupt the truth. You are the "Master of the Exile."
TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation: