From d5d65bdc6207d78ac07dc21fcc0816c06812fd1b Mon Sep 17 00:00:00 2001
From: Shane da Silva <shane@dasilva.io>
Date: Mon, 10 Jul 2023 22:13:37 -0700
Subject: [PATCH] Prevent connecting to peers not in allowed peer list (#1102)

We needed to add some additional logic to ensure we didn't connect to
peers not in the allowlist.
---
 .changeset/angry-lizards-hammer.md | 5 +++++
 apps/hubble/src/hubble.ts          | 6 ++++++
 2 files changed, 11 insertions(+)
 create mode 100644 .changeset/angry-lizards-hammer.md

diff --git a/.changeset/angry-lizards-hammer.md b/.changeset/angry-lizards-hammer.md
new file mode 100644
index 00000000..1fb558b0
--- /dev/null
+++ b/.changeset/angry-lizards-hammer.md
@@ -0,0 +1,5 @@
+---
+"@farcaster/hubble": patch
+---
+
+Prevent connecting to peers not in allowed peer list
diff --git a/apps/hubble/src/hubble.ts b/apps/hubble/src/hubble.ts
index f09bc61e..75dce91d 100644
--- a/apps/hubble/src/hubble.ts
+++ b/apps/hubble/src/hubble.ts
@@ -946,6 +946,12 @@ export class Hub implements HubInterface {
   }
 
   async isValidPeer(ourPeerId: PeerId, message: ContactInfoContent) {
+    const peerId = ourPeerId.toString();
+    if (MAINNET_ALLOWED_PEERS?.length && !MAINNET_ALLOWED_PEERS.includes(peerId)) {
+      log.warn(`Peer ${ourPeerId.toString()} is not in the allowed peers list`);
+      return false;
+    }
+
     const theirVersion = message.hubVersion;
     const theirNetwork = message.network;