Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate received DKG messages #1888

Closed
3 tasks
corverroos opened this issue Mar 15, 2023 · 0 comments
Closed
3 tasks

Validate received DKG messages #1888

corverroos opened this issue Mar 15, 2023 · 0 comments
Assignees
@xenowits
Labels
protocol Protocol Team tickets sigp audit Issues identified by sigma prime audit

Comments

@corverroos
Copy link
Contributor

🎯 Problem to be solved

When receiving message frost round messages from peers in newFrostP2P, we do not verify the message contents. See original sigma-prime thread

🛠️ Proposed solution

Check FrostMsgKey:

Message Keys:
- FrostRound1Msg
  - Each element of Casts []*FrostRound1Cast check Key *FrostMsgKey
  - Each element of P2Ps ShamirShare check Key *FrostMsgKey
- FrostRound2Msg 
  - Each elemeent of Casts []*FrostRound2Cast check Key *FrostMsgKey


For the FrostMsgKey that are listed above validate
- 0 <= ValIdx < numValidators
- 1 <= SourceId <= numNodes
- 1 <= TargetId <= numNodes
- SourceId matches the peer ID (can check frostP2P.peers[sourceId] == s.Conn().RemotePeer()
- TargetId matches our peer ID (this is done already in that we ignore other messages)

Describe the solution to be implemented

🧪 Tests

  • Tested by new automated unit/integration/smoke tests
  • Manually tested on core team/canary/test clusters
  • Manually tested on local compose simnet
@corverroos corverroos added the sigp audit Issues identified by sigma prime audit label Mar 15, 2023
@github-actions github-actions bot added the protocol Protocol Team tickets label Mar 15, 2023
@xenowits xenowits self-assigned this Apr 12, 2023
@xenowits xenowits mentioned this issue Apr 17, 2023
Merged
obol-bulldozer bot pushed a commit that referenced this issue Apr 20, 2023
@xenowits
dkg: verify valIdx in frost dkg messages (#2107)
764a161 
Adds check to ensure validator indexes (`ValIdx`) in frost DKG messages are in the range `[0, num_validators)`.

Also refactors out broadcast and p2p callbacks and adds tests for them.

category: feature
ticket: #1888
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xenowits xenowits

Labels
protocol Protocol Team tickets sigp audit Issues identified by sigma prime audit
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@corverroos @dB2510 @xenowits