-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dkg/bcast: exchange full messages #2798
Conversation
Instead of passing around hashes, share the whole message with the target for them to validate.
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #2798 +/- ##
=========================================
+ Coverage 0 53.28% +53.28%
=========================================
Files 0 199 +199
Lines 0 27669 +27669
=========================================
+ Hits 0 14744 +14744
- Misses 0 11096 +11096
- Partials 0 1829 +1829 ☔ View full report in Codecov by Sentry. |
|
||
target := targetFn(messageID) | ||
|
||
err := msgAny.UnmarshalTo(target) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is still an incomplete solution as a malicious peer can still broadcast a malformed message in the correct pb.FrostRount1Casts
. They can still be able to get the sign on this data from other peers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
They don't control the input anymore though, i.e. it's not just a slice of bytes.
What do you suggest we check?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not sure if we can check each field in pb.FrostRound1Cast
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
|
Instead of passing around hashes, share the whole message with the target for them to validate. category: refactor ticket: none
Instead of passing around hashes, share the whole message with the target for them to validate.
category: refactor
ticket: none