New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[HackerOne-2310746/2311934] Verify the transmissions fetched in batch proposals. #3098
Conversation
We should start with a PR that just filters for |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with #3098 (comment), LGTM otherwise
If possible, I can make a PR for this. |
I think it's fine to reject the |
I think a better solution to solve it without regard to code changes:
|
The other nodes can be in a newer round and will never accept the |
This should be replaced by AleoNet/snarkVM#2376 and #3104. |
Closing due to AleoNet/snarkVM#2376 and #3104 being merged. |
Motivation
This PR performs transmission verification on transmissions fetched from batch proposals. Previously we were blindly accepting them into the batch, which could lead to possible halting cases, where malicious nodes inject faulty transactions.
This approach should should be taken instead of #3083 because it doesn't falsely eliminate valid transmissions that come in subsequent blocks. The thread in #3083 has more details.
NOTE: This puts transaction verification on the "critical path" which means we will have to verify newly seen transactions before processing batch proposals. Previously we would verify the transactions in
check_next_block
after the block was created, but this will slow down the block production via the BFT. We are basically front-loading the TX verification tasks now.This should fix:
#2990
#2991