I hadn't thought of that, but it would be a good idea to make it extremely hard to set a high TTL (I think 5 would make a fine limiting value), although I'm sure that people would write clients that attempt to set it higher, so the "Max TTL" value should be set to 5 as well, so that the "good" clients can stop the "bad" clients as soon as possible, before the network is flooded. Of course, some developers might object to the limitation of freedom, but the performance of the net for everyone is (I think) more important than the freedom of any particular greedy user.