From 3e23b50a01abc5041470ce3d74a68635ba1ad50d Mon Sep 17 00:00:00 2001 From: vishal <1117327+vishalchangrani@users.noreply.github.com> Date: Thu, 19 Jun 2025 17:28:29 -0700 Subject: [PATCH 1/6] Adding FLIP 332:Enforcing Domain-Based Networking Addresses for Nodes --- .../20250619-network-address-validation.md | 78 +++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 protocol/20250619-network-address-validation.md diff --git a/protocol/20250619-network-address-validation.md b/protocol/20250619-network-address-validation.md new file mode 100644 index 000000000..0033bd28a --- /dev/null +++ b/protocol/20250619-network-address-validation.md @@ -0,0 +1,78 @@ +--- +status: draft +flip: NNN (set to the issue number) +authors: My Name (me@example.org), AN Other (you@example.org) +sponsor: AN Expert (core-contributor@example.org) +updated: YYYY-MM-DD +--- +# FLIP 332: Enforcing Domain-Based Networking Addresses for Nodes + +## Objective + +This FLIP proposes stricter validation rules for node networking addresses during registration and updates. Currently, the staking contract allows the use of both IP addresses and domain names, with or without a port. This flexibility introduces security and operational concerns. + +The FLIP proposes to: +- Disallow IP addresses entirely as networking addresses. +- Require that networking addresses include a valid domain name and port. +- Apply these same rules when updating an existing node's networking address. + +### Summary of Accepted vs Rejected Formats + +❌ **Rejected**: +- `193.23.53.12:3569` +- `193.23.53.12` +- `flownode.xyz.com` _(missing port)_ + +✅ **Accepted**: +- `flownode.xyz.com:3569` +- `flownode.888.com:1234` + +## Motivation +### Background + +To register a node on the Flow network, an operator submits a [node registration transaction](https://developers.flow.com/networks/staking/staking-collection#register-stakers), which includes the networking address of the node. This address is how other nodes establish peer connections with this node. + +While [best practices](https://developers.flow.com/networks/node-ops/node-operation/node-bootstrap#generate-your-node-keys) recommend using a fully qualified domain name (FQDN) and including the port, the staking contract does not enforce these recommendations. + +### Drawbacks of IP-Based Addresses + +1. **Unstable connectivity**: Nodes running in cloud environments may not have a static IP unless specifically provisioned. If the IP changes, other nodes can no longer connect to it, severely impacting availability. +2. **Poor portability**: Migrating a node to another machine (e.g. for maintenance or hardware upgrades) will likely change the IP, breaking peer connectivity. + +### Advantages of Domain Names + +3. **Resilience and flexibility**: Domain names can be mapped to new IPs by simply updating DNS records, ensuring seamless migration without disrupting node operation. +4. **Security**: Using DNS enables additional security layers like DNS-based filtering and monitoring. + +Furthermore, omitting the port number causes node initialization to fail. This alone justifies enforcing its inclusion. + +## Design Proposal + +A validation check will be added to the [`FlowIDTableStaking` contract](https://github.com/onflow/flow-core-contracts/blob/master/contracts/FlowIDTableStaking.cdc). + +### Draft Implementation + +A preliminary implementation is available in this [pull request](https://github.com/onflow/flow-core-contracts/pull/484/files#diff-65336be374bb3fc9ad7b822243e065a389d73e758c7c16223e52fc3181cea59bR170). + +This same validation must also be applied to updates made through the [`NetworkingAddressUpdate` function](https://github.com/onflow/flow-core-contracts/blob/master/contracts/FlowIDTableStaking.cdc#L53). + +> **Note**: This change is not retroactive. Existing nodes using IP addresses will not be affected. + +## Performance Implications + +This change introduces no performance overhead, as the additional validation is limited to a simple format check at the time of registration or update. + +## Dependencies + +None. + +## Compatibility + +- **Backward compatibility**: This change is **not** backward-compatible for node registration or networking address updates involving IPs or missing ports. However, it **does not** affect already registered nodes. +- **Tooling implications**: + - **FlowPort** must implement client-side validation to block invalid formats before submission. + - **FCL**, **Emulator**, and **Flow SDKs** are unaffected unless they perform client-side validation, in which case they should mirror the new logic. + +## Status + +A draft implementation is available for review in [PR #484](https://github.com/onflow/flow-core-contracts/pull/484). From aaf5a8878046950861190d368859d790ddc0a12b Mon Sep 17 00:00:00 2001 From: vishal <1117327+vishalchangrani@users.noreply.github.com> Date: Fri, 20 Jun 2025 14:51:35 -0700 Subject: [PATCH 2/6] updating the header --- protocol/20250619-network-address-validation.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/protocol/20250619-network-address-validation.md b/protocol/20250619-network-address-validation.md index 0033bd28a..3b63c53b8 100644 --- a/protocol/20250619-network-address-validation.md +++ b/protocol/20250619-network-address-validation.md @@ -1,9 +1,9 @@ --- status: draft -flip: NNN (set to the issue number) -authors: My Name (me@example.org), AN Other (you@example.org) -sponsor: AN Expert (core-contributor@example.org) -updated: YYYY-MM-DD +flip: 332 +authors: Vishal Changrani +sponsor: +updated: 2025-06-19 --- # FLIP 332: Enforcing Domain-Based Networking Addresses for Nodes From 1f541a9faf6a3e91cf877419c8093a64a19111f5 Mon Sep 17 00:00:00 2001 From: vishal <1117327+vishalchangrani@users.noreply.github.com> Date: Fri, 20 Jun 2025 14:57:08 -0700 Subject: [PATCH 3/6] adding a line explaining the port --- protocol/20250619-network-address-validation.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/protocol/20250619-network-address-validation.md b/protocol/20250619-network-address-validation.md index 3b63c53b8..4329b0ce0 100644 --- a/protocol/20250619-network-address-validation.md +++ b/protocol/20250619-network-address-validation.md @@ -32,6 +32,8 @@ The FLIP proposes to: To register a node on the Flow network, an operator submits a [node registration transaction](https://developers.flow.com/networks/staking/staking-collection#register-stakers), which includes the networking address of the node. This address is how other nodes establish peer connections with this node. +The networking address has two parts - the TCP/IP address or domain name of the node and the port used by the node for peer-to-peer communication.q + While [best practices](https://developers.flow.com/networks/node-ops/node-operation/node-bootstrap#generate-your-node-keys) recommend using a fully qualified domain name (FQDN) and including the port, the staking contract does not enforce these recommendations. ### Drawbacks of IP-Based Addresses From d6d51210a55e76e84def457db570e78d0766d2d8 Mon Sep 17 00:00:00 2001 From: vishal <1117327+vishalchangrani@users.noreply.github.com> Date: Fri, 20 Jun 2025 14:58:20 -0700 Subject: [PATCH 4/6] removing extra char --- protocol/20250619-network-address-validation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/protocol/20250619-network-address-validation.md b/protocol/20250619-network-address-validation.md index 4329b0ce0..e0a8aa317 100644 --- a/protocol/20250619-network-address-validation.md +++ b/protocol/20250619-network-address-validation.md @@ -32,7 +32,7 @@ The FLIP proposes to: To register a node on the Flow network, an operator submits a [node registration transaction](https://developers.flow.com/networks/staking/staking-collection#register-stakers), which includes the networking address of the node. This address is how other nodes establish peer connections with this node. -The networking address has two parts - the TCP/IP address or domain name of the node and the port used by the node for peer-to-peer communication.q +The networking address has two parts - the TCP/IP address or domain name of the node and the port used by the node for peer-to-peer communication. While [best practices](https://developers.flow.com/networks/node-ops/node-operation/node-bootstrap#generate-your-node-keys) recommend using a fully qualified domain name (FQDN) and including the port, the staking contract does not enforce these recommendations. From 544f0d49f8a9453afb0859088c5f85c7045f3273 Mon Sep 17 00:00:00 2001 From: vishal <1117327+vishalchangrani@users.noreply.github.com> Date: Fri, 20 Jun 2025 15:00:11 -0700 Subject: [PATCH 5/6] changing status to Proposed from Drafted --- protocol/20250619-network-address-validation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/protocol/20250619-network-address-validation.md b/protocol/20250619-network-address-validation.md index e0a8aa317..75312349b 100644 --- a/protocol/20250619-network-address-validation.md +++ b/protocol/20250619-network-address-validation.md @@ -1,5 +1,5 @@ --- -status: draft +status: Proposed flip: 332 authors: Vishal Changrani sponsor: From 705b92cac6af7ecea22691625be9494f3a37a4d4 Mon Sep 17 00:00:00 2001 From: vishal <1117327+vishalchangrani@users.noreply.github.com> Date: Fri, 20 Jun 2025 19:18:16 -0700 Subject: [PATCH 6/6] updating FLIP 332 --- protocol/20250619-network-address-validation.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/protocol/20250619-network-address-validation.md b/protocol/20250619-network-address-validation.md index 75312349b..e11d803bf 100644 --- a/protocol/20250619-network-address-validation.md +++ b/protocol/20250619-network-address-validation.md @@ -52,9 +52,9 @@ Furthermore, omitting the port number causes node initialization to fail. This a A validation check will be added to the [`FlowIDTableStaking` contract](https://github.com/onflow/flow-core-contracts/blob/master/contracts/FlowIDTableStaking.cdc). -### Draft Implementation +### Implementation -A preliminary implementation is available in this [pull request](https://github.com/onflow/flow-core-contracts/pull/484/files#diff-65336be374bb3fc9ad7b822243e065a389d73e758c7c16223e52fc3181cea59bR170). +The implementation is available in this [pull request](https://github.com/onflow/flow-core-contracts/pull/484/files#diff-65336be374bb3fc9ad7b822243e065a389d73e758c7c16223e52fc3181cea59bR170). This same validation must also be applied to updates made through the [`NetworkingAddressUpdate` function](https://github.com/onflow/flow-core-contracts/blob/master/contracts/FlowIDTableStaking.cdc#L53). @@ -77,4 +77,4 @@ None. ## Status -A draft implementation is available for review in [PR #484](https://github.com/onflow/flow-core-contracts/pull/484). +Contract updates are available for review in [PR #484](https://github.com/onflow/flow-core-contracts/pull/484).