Peer-to-Peer (P2P) Network

A P2P network operates without a central coordinating server. Instead, each peer (or node) acts as both a client and a server, sharing resources directly with others. This eliminates single points of failure and distributes control across the network.

• Example: In Bitcoin, every full node validates transactions and stores a copy of the blockchain, removing the need for a central bank or authority.

The distributed nature of P2P networks makes them highly resistant to outages and attacks. If multiple nodes fail or are taken offline, the network can continue to function because other peers can route around the disruption.

• Mechanism: Data and tasks are redundantly distributed across many nodes. Protocols like Kademlia (used in Ethereum's discovery) ensure the network can self-heal and maintain connectivity.

Peers contribute their own resources—such as bandwidth, storage, and computing power—to the network. This collective contribution allows the network to scale organically; as more peers join, the total capacity of the system increases.

• Contrast: In a client-server model, scaling requires expensive upgrades to central infrastructure. In P2P, new users bring additional resources with them.

The absence of a central gatekeeper makes it extremely difficult for any single entity to control, block, or censor transactions or communications on the network. Actions require consensus among a distributed set of peers.

• Application: This is a foundational property for permissionless blockchains like Bitcoin and Ethereum, where anyone can participate without approval from an authority.

Communication in a P2P network occurs directly between peers. Transactions, messages, or file transfers are routed through the network mesh without passing through a central hub, reducing latency and potential bottlenecks.

• Protocol Example: The Bitcoin P2P protocol defines how nodes discover each other, propagate transactions, and synchronize blocks through direct connections.

In blockchain-based P2P networks, a consensus mechanism is the protocol that allows distributed nodes to agree on a single state of the ledger without a central validator. This is critical for security and trustlessness.

• Common Types: Proof of Work (PoW) (Bitcoin) and Proof of Stake (PoS) (Ethereum) are consensus algorithms that secure the network by aligning economic incentives with honest participation.

A Sybil attack occurs when a single adversary creates and controls a large number of fake identities (Sybil nodes) to subvert the network's reputation or consensus system. This is a foundational threat in P2P systems.

• Impact: Can enable eclipse attacks, disrupt routing, manipulate voting, or censor transactions.
• Mitigation: Networks use proof-of-work, proof-of-stake, or resource-based identity (like IP addresses or storage) to make creating identities costly. Bitcoin's Nakamoto Consensus is a primary defense.

An eclipse attack isolates a specific node by surrounding it with malicious peers that the attacker controls, effectively cutting it off from the honest network.

• Mechanism: The attacker monopolizes all of the victim's incoming and outgoing connections.
• Consequences: The victim only sees a manipulated view of the network, enabling double-spend attempts or preventing transaction propagation.
• Prevention: Using a diverse set of peers, maintaining persistent trusted nodes, and protocols that randomize peer selection.

In blockchain contexts, a data withholding attack occurs when a block producer publishes a block header but withholds the corresponding transaction data, preventing others from verifying the block's contents.

• Risk: This can stall the network and is a key challenge in scaling solutions like rollups.
• Solutions: Data availability sampling (DAS) and erasure coding allow nodes to probabilistically verify data is available without downloading it all. Data availability committees provide a fallback attestation layer.

The initial process of finding and connecting to other peers is a critical vulnerability, as it often relies on a small set of bootstrap nodes or a centralized DNS seed.

• Centralization Risk: Compromised bootstrap nodes can provide malicious peer lists, facilitating eclipse attacks.
• Hardening Methods: Using multiple, hardcoded bootstrap nodes, peer exchange (PEX) protocols, and distributed hash tables (DHTs) for decentralized discovery. Node operators are encouraged to maintain a personal list of trusted peers.

Peer-to-peer networks are vulnerable to resource exhaustion attacks where adversaries flood the network with invalid transactions, empty blocks, or connection requests.

• Targets: Can overwhelm node memory, CPU, or bandwidth.
• Defenses: Transaction fees act as a spam deterrent. Proof-of-work for message propagation (e.g., Bitcoin's inv messages), rate limiting, and peer scoring systems that penalize bad actors. Resource-bounded data structures are also used.

The P2P layer itself can leak metadata. By observing the gossip protocol, adversaries can perform network analysis to de-anonymize users, map node relationships, and infer transaction origins.

• Exposed Data: IP addresses, connection timing, and transaction propagation paths.
• Countermeasures: Dandelion++ for transaction propagation anonymization, Tor / I2P integration, and peer-to-peer mixing protocols. However, complete P2P layer privacy remains a significant challenge.

The core principle enabled by a P2P architecture, where control and data are distributed across participants rather than a central authority. In blockchain, this creates censorship resistance and removes single points of failure. Key aspects include:

• Architectural Decentralization: The physical distribution of nodes.
• Political Decentralization: No single entity controls the network.
• Logical Decentralization: The system presents as a single, unified computer (e.g., a blockchain ledger).

Any computer or device that participates in a P2P network by running the protocol's software. Nodes are the individual peers that form the network fabric. Types include:

• Full Nodes: Store the complete blockchain history and validate all rules.
• Light Nodes (SPV Clients): Store only block headers, relying on full nodes for transaction details.
• Mining/Validator Nodes: Specialized nodes that propose and secure new blocks through Proof of Work or Proof of Stake.

The algorithm used by nodes in a decentralized P2P network to agree on the state of the shared ledger. It replaces the need for a trusted central coordinator. Major types are:

• Proof of Work (PoW): Used by Bitcoin, where nodes (miners) compete to solve cryptographic puzzles.
• Proof of Stake (PoS): Used by Ethereum, where nodes (validators) are chosen based on staked cryptocurrency.
• Practical Byzantine Fault Tolerance (PBFT): Used in many permissioned networks for fast finality.

The communication method used by nodes in a P2P network to efficiently propagate data. When a node receives new information (e.g., a transaction), it "gossips" it to a few randomly selected peers, who then do the same. This creates an epidemic-style spread that ensures:

• Robustness: The network tolerates node failures.
• Low Latency: Information reaches all nodes quickly.
• Bandwidth Efficiency: Avoids overwhelming any single node with direct connections from all others.

A decentralized key-value storage system built on top of a P2P network. It allows nodes to efficiently find data or other nodes without a central directory. Pioneered by protocols like BitTorrent and Kademlia, DHTs are crucial for:

• Peer Discovery: Finding which peers hold specific data or are part of the network.
• Content Addressing: Using cryptographic hashes (like CIDs in IPFS) as content identifiers.
• Resilience: Data redundancy across multiple nodes prevents loss.

The centralized architectural alternative to a P2P network. In this model, clients (e.g., web browsers) request data or services from a centralized server. Key contrasts with P2P include:

• Single Point of Failure: The server is a critical vulnerability.
• Scalability Limits: Server capacity must meet peak demand.
• Administrative Control: The server operator has full control over data and access rules. Most traditional web services (like AWS or Google) use this model.