New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fake hash vulnerability (for sha256d and quark) #353

Closed
chris2286266 opened this Issue Nov 15, 2014 · 2 comments

Comments

Projects
None yet
2 participants
@chris2286266

chris2286266 commented Nov 15, 2014

Due to a (obvious?) bug in template_registry.py all sha256d (and probably quark) pools using the current version (June, 26 2014) are affected. (I have not checked other versions and forks.)

I checked and proofed the vulnerability myself on my pool http://coinz.at/DEM which also was cheated.
For testing I used the setup described in #313 using difficulty of 0.001 and poolers cpu-miner.

Reason:

Following expression in function diff_to_target is always true (and thus is wrong)
if settings.COINDAEMON_ALGO == 'scrypt' or 'scrypt-jane':

This means, that ALL algos work with
diff1 = 0x0000ffff00000000000000000000000000000000000000000000000000000000

This is incorrect for sha256d by factor 65535 (and quark by factor 255) and allows the exploit.

Suggested fix:

def diff_to_target(self, difficulty):
'''Converts difficulty to target'''
if settings.COINDAEMON_ALGO == 'scrypt':
diff1 = 0x0000ffff00000000000000000000000000000000000000000000000000000000
elif settings.COINDAEMON_ALGO == 'scrypt-jane':
diff1 = 0x0000ffff00000000000000000000000000000000000000000000000000000000
elif settings.COINDAEMON_ALGO == 'quark':
diff1 = 0x000000ffff000000000000000000000000000000000000000000000000000000
elif settings.COINDAEMON_ALGO == 'sha256d':
diff1 = 0x00000000ffff0000000000000000000000000000000000000000000000000000
else: '''default/fallback: diff of bitcoin/sha256d'''
diff1 = 0x00000000ffff0000000000000000000000000000000000000000000000000000
return diff1 / difficulty

It took me a lot of hours (and nerves) to find this (obvious?) bug. If you appreciate my work, consider donating BTC 1NDSvWkyn4gQfLuud688zcocARuHiU4Qx2 or LTC LcZvuNVDcbDqV2Txr9GToYh4ZAhfGttxef

Cheers
Chris

@ahmedbodi

This comment has been minimized.

Show comment
Hide comment
@ahmedbodi

ahmedbodi Nov 15, 2014

Member

Hi, thanks for that. i was aware of this bug however i haven't found much of a need to fix it. 99% of pool ops i know of have moved over to NOMP, and other software. stratum is need of a major refactor to get it to a good standard. I'd be willing to implement this fix however i would say it might be a good idea to move to something like NOMP or UNOMP (a fork of NOMP with features that should have been added long ago)

Member

ahmedbodi commented Nov 15, 2014

Hi, thanks for that. i was aware of this bug however i haven't found much of a need to fix it. 99% of pool ops i know of have moved over to NOMP, and other software. stratum is need of a major refactor to get it to a good standard. I'd be willing to implement this fix however i would say it might be a good idea to move to something like NOMP or UNOMP (a fork of NOMP with features that should have been added long ago)

@ahmedbodi

This comment has been minimized.

Show comment
Hide comment
@ahmedbodi

ahmedbodi Jan 22, 2015

Member

refactor done here: Multicoin-co#2 now you can specify your own diff1 and algo

Member

ahmedbodi commented Jan 22, 2015

refactor done here: Multicoin-co#2 now you can specify your own diff1 and algo

@ahmedbodi ahmedbodi closed this Jan 22, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment