I thought this was a good insight into how bitcoin core nodes find peers on the network (using a hardcoded list of seed nodes)
Not quite correct: that's the first method they try. But if that fails, there is a backup list of IP addresses that are tried too. Also, for Tor only nodes, IIRC there's some fixed .onion addresses that are tried too. I2P probably has something similar.
If you run a node with -connect, the seed nodes and other mechanisms aren't used. Similarly, if you use -addnode, provided your node works and returns addresses, the seed nodes aren't that relevant either.
Assuming your ISP isn't themselves MITM attacking you, you only need a single "honest" peer for Bitcoin to properly connect to the P2P network. So the seed node mechanism has a lot of redundancy.
BTW, the reason why DNS is used in the first place is because DNS is heavily cached at multiple levels. That makes it extremely difficult for the people running the DNS seeds to:
  1. Figure out who is requesting IP addresses.
  2. Serve different IP addresses to specific target clients.
This protects users by making it very difficult to use DNS seeds to attack people.
reply
wow thanks for the great insight Peter!
reply
Yes, there are hardcoded list of both .onion and .i2p peers too, updated from time to time. https://github.com/bitcoin/bitcoin/tree/master/contrib/seeds
Assuming your ISP isn't themselves MITM attacking you
Running onion AND i2p would help here even if ISP is trying to MITM attack you.
reply