Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A malicious node may fake a proposal's header when he is the leader and result in the successful consensusing of the illegal blocks #2307

Closed
fCorleone opened this issue Mar 28, 2022 · 1 comment

Comments

@fCorleone
Copy link

Describe the bug
I setup a group of 10 nodes under 3.0.0-rc2 version. One of the nodes is a malicious one and tries to modify some fields when it sends out some packages. Then I use the following command to test the system:

java -cp 'conf/:lib/*:apps/*' org.fisco.bcos.sdk.demo.perf.PerformanceOk 500000 5000 group

Then some transactions cannot be processed successfully.
To Reproduce
Steps to reproduce the behavior:

  1. setup a 10 nodes group
  2. start the press test program
  3. See the error

Expected behavior
All the transactions should be processed correctly.

Screenshots
The information of the log:
wecom-temp-91f562961c3181bcc3b08c065911ac20

Environment (please complete the following information):

  • OS: Ubuntu 20.04
  • FISCO BCOS Version 3.0.0-rc2
@cyjseagull
Copy link
Contributor

cyjseagull commented Mar 28, 2022

It can be seen from the log that the loki node forged a block with an illegal block header, and the consensus node did not verify the block, resulting in the successful consensusing of the illegal blocks, but when the block was executed, the execution failed all the time.

This problem further leads to the accumulation of blocks, the memory cannot be released, which leads to oom.

@fCorleone fCorleone changed the title A malicious node may fake a proposal's header when he is the leader and some transactions cannot be processed A malicious node may fake a proposal's header when he is the leader and result in the successful consensusing of the illegal blocks Jun 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants