Description
As described in https://adlrocha.substack.com/p/adlrocha-beyond-bitswap-i , IPFS uses Kademlia to store a list of peers who can serve a piece of content, and not just a list of peers. It's only by accident that some blockchains decided to start using Kademlia for peer discovery, and now (at least for me) that's how I mostly think about it, but the kad protocol in libp2p is full implementation and thus supports more kinds of interaction than just peer lookup.
In particular, there are AddProvider and PutRecord which allow peers to register themselves as hosts and also to put data into our node. This is a potential attack vector, as malicious users could put pressure on our memory.
These events are handled in on_connection_handler_event and if we look at the PutRecord handler we can see that whether anything gets stored depends on the record_filtering setting. By using KademliaStoreInserts::FilterBoth we only get an event, while KademliaStoreInserts::Unfiltered puts it in the store first. Unfiltered happens to be the default setting.
To prevent anyone from storing records, we can either use the FilterBoth setting, or we can stop these events from reaching the Kademlia behaviour in our discovery::Behaviour::on_connection_event_handler.