Introduce a hyper-log-log-based cardinality rate limiter

service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java

@@ -129,15 +129,13 @@ public class MessageController {
     }
 
     if (source.isPresent() && !source.get().isFor(destinationName)) {
-      rateLimiters.getMessagesLimiter().validate(source.get().getNumber() + "__" + destinationName);
-
-        try {
-          rateLimiters.getUnsealedSenderLimiter().validate(source.get().getUuid().toString());
-        } catch (RateLimitExceededException e) {
-          rejectUnsealedSenderLimit.mark();
-          logger.debug("Rejected unsealed sender limit from: {}", source.get().getNumber());
-        }
+      try {
+        rateLimiters.getUnsealedSenderLimiter().validate(source.get().getUuid().toString(), destinationName.toString());
+      } catch (RateLimitExceededException e) {
+        rejectUnsealedSenderLimit.mark();
+        logger.debug("Rejected unsealed sender limit from: {}", source.get().getNumber());
       }
+    }
 
     final String senderType;
 
@@ -181,6 +179,10 @@ public class MessageController {
       OptionalAccess.verify(source, accessKey, destination);
       assert(destination.isPresent());
 
+      if (source.isPresent() && !source.get().isFor(destinationName)) {
+        rateLimiters.getMessagesLimiter().validate(source.get().getUuid() + "__" + destination.get().getUuid());
+      }
+
       validateCompleteDeviceList(destination.get(), messages.getMessages(), isSyncMessage);
       validateRegistrationIds(destination.get(), messages.getMessages());
 

service/src/main/java/org/whispersystems/textsecuregcm/controllers/RateLimitExceededException.java

@@ -5,6 +5,10 @@
 package org.whispersystems.textsecuregcm.controllers;
 
 public class RateLimitExceededException extends Exception {
+  public RateLimitExceededException() {
+    super();
+  }
+
   public RateLimitExceededException(String number) {
     super(number);
   }