From 13c408d2295597540f0b2dfb6f7b86e739876c90 Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Mon, 12 Sep 2016 22:35:47 -0400
Subject: implement client-server Proof Of Work

Mashed up a argon2-based PoW with token buckets and bloom filters.
This is intended to prevent a few abuses including:

* Using a keysafe server for general file storage, by storing a whole
  lot of chunks.
* An attacker guessing names that people will use, and uploading junk
  to keysafe servers under those names, to make it harder for others to use
  keysafe later.
* An attacker trying to guess the names used for objects on keysafe
  servers in order to download them and start password cracking.
  (As a second level of defense, since the name generation hash
  is expensive already.)

Completely untested, but it builds!

This commit was sponsored by Andreas on Patreon.
---
 keysafe.cabal | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'keysafe.cabal')

diff --git a/keysafe.cabal b/keysafe.cabal
index 9b75141..b13ee88 100644
--- a/keysafe.cabal
+++ b/keysafe.cabal
@@ -60,10 +60,14 @@ Executable keysafe
     , stm == 2.4.*
     , socks == 0.5.*
     , network == 2.6.*
+    , token-bucket == 0.1.*
+    , bloomfilter == 2.0.*
     -- Temporarily inlined due to https://github.com/ocharles/argon2/issues/3
     -- argon2 == 1.1.*
   Extra-Libraries: argon2
   Other-Modules:
+    Benchmark
+    ByteStrings
     Crypto.Argon2.FFI
     Crypto.Argon2
     CmdLine
@@ -76,6 +80,7 @@ Executable keysafe
     HTTP.Client
     HTTP.ProofOfWork
     HTTP.Server
+    HTTP.RateLimit
     SecretKey
     Serialization
     Share
-- 
cgit v1.2.3