From f33d243f87388565ff040e3f17c12c756e3d852a Mon Sep 17 00:00:00 2001 From: Chenna Keshava B S <21219765+ckeshava@users.noreply.github.com> Date: Mon, 18 Sep 2023 22:00:59 -0700 Subject: [PATCH] docs(overlay): add URL of blog post and clarify wording (#4635) --- src/ripple/overlay/README.md | 9 +++++---- src/ripple/overlay/ReduceRelayCommon.h | 4 ++++ 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/ripple/overlay/README.md b/src/ripple/overlay/README.md index 8be890ef75f..6525e5edf86 100644 --- a/src/ripple/overlay/README.md +++ b/src/ripple/overlay/README.md @@ -343,10 +343,11 @@ messages for the local and remote endpoints, and combine them to generate a uniq "fingerprint". By design, this fingerprint should be the same for both SSL/TLS endpoints. -That fingerprint, which is never shared over the wire (since each endpoint will -calculate it independently), is then signed by each server using its public -**`secp256k1`** node identity and the signature is transferred over the SSL/TLS -encrypted link during the protocol handshake phase. +That fingerprint is calculated by each endpoint independently, so the +fingerprint is never transmitted over the network. Each server then utilizes its +private key to sign the fingerprint. This is the same keypair that determines +the server's public `secp256k1` node identity. The signature is transferred over +the secure SSL/TLS encrypted link during the protocol's initial handshake phase. Each side of the link will verify that the provided signature is from the claimed public key against the session's unique fingerprint. If this signature check fails diff --git a/src/ripple/overlay/ReduceRelayCommon.h b/src/ripple/overlay/ReduceRelayCommon.h index 3b87c3c8c13..8289e467e65 100644 --- a/src/ripple/overlay/ReduceRelayCommon.h +++ b/src/ripple/overlay/ReduceRelayCommon.h @@ -24,6 +24,10 @@ namespace ripple { +// Blog post explaining the rationale behind reduction of flooding gossip +// protocol: +// https://xrpl.org/blog/2021/message-routing-optimizations-pt-1-proposal-validation-relaying.html + namespace reduce_relay { // Peer's squelch is limited in time to