Re: [GNUnet-developers] Found a related project

[Christian Grothoff]

>   The design of GNUnet always impresses me. (The *one* thing that
> I suspect may be a flaw is that AFAIK requests for things must have
> a TTL set, so presumably, even if it is made random, there will be
> times when the first node it reaches would be able to tell that it
> is a new request (not forwarded). Is this true, anyone?)

Ok, this question warrants an answer :-). The initial TTL is randomized, so a 
peer may start with 5, 15, 7 or 42. The peer will pick a higher number if the 
TTL was not large enough, but again, how much higher is again randomzied. A 
similar problem applies for the "smallest" TTL. Suppose a peer sends a very 
small TTL to another peer (say -3 [!!! negative values are OK!]). Well, its 
not very likely that the other peer will actually process this message (after 
all, the TTL is negative, which means it expired some time ago). But, 
depending on the peers internal state of the routing table, a peer may very 
well route a query with -52275234 to another peer which may then even still 
reply. Just the probability that this happens decreases. Thus neither the 
initial TTL nor the "final" TTL can be used to expose any of the endpoints of 
the transaction. 

The GAP paper describes this in a bit more detail.

Christian