New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] A malicious validator can broadcast certificate with Transaction::Fee
and block the network
#2990
Comments
@feezybabee It seems that |
This looks legit, great work @randomsleep . @ljedrz do you have time coming week to test and propose the fix? See also #2991 |
I can reproduce the issue with the attached patch. |
Please try to reproduce this bug with the changes here - #3083 |
@raychu86 I tried to reproduce it with the |
Hmm, the way the patch works seems to interfere with the current consensus setup; while I'm pretty sure that we no longer hit the critical speculation bug, it would be best if we could come up with an updated way to reproduce the issue. @raychu86 could you suggest some method that would be the least "intrusive"? |
@ljedrz @randomsleep I've created a new proposed fix for this to just do verification for the proposals. Take a look here - #3098. Would be helpful to think about the implications of this fix. |
I tried to reproduce it with the mainnet branch, still not working but will find a way surely |
Closed with #3104. |
https://hackerone.com/reports/2310746
Summary:
Currently, Aleo does not speculate on
Transaction::Fee
:However, malicious can propose a
BatchPropose
withFee
transaction. Other validators won't check if aBatchPropose
contains aFee
transaction and will sign the proposal. Once theCertificate
withFee
transaction is committed, it will block the execution of the block. All the validators will be blocked.Steps To Reproduce:
git checkout 052457bddbf736f88227c543646890f8588a0efb
git apply unchecked_fee_transaction.patch
Also see the attached sample log
sample_log.zip
sample_log.zip
Proof-of-Concept (PoC)
See above
Fix Suggestions:
Check if a
BatchPropose
containsTransaction::Fee
before signing.Impact
A malicious validator can broadcast certificate with
Transaction::Fee
and block the whole networkThe text was updated successfully, but these errors were encountered: