Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[vulnerability] Possible privacy leakage due to ordered transaction inputs #2279

Open
yixiao5428 opened this issue Jun 9, 2021 · 4 comments

Comments

@yixiao5428
Copy link

The wallet uses ordered inputs of transactions (src/wallet/wallet.cpp, line 2628 - 2640), which may incur privacy risks like fingerprinting the wallet to observers.

A possible solution is to clear the original order, shuffle it, and push back the new order before signing the transaction.

Similar fix from Bitcoin: bitcoin/bitcoin@2fb9c1e.

Reported by 6004ed5feaa31ae9df36b5dbc60f0fa53255a5fb734334082c6d202405fc738c.

@p-j01
Copy link
Contributor

p-j01 commented Jun 13, 2021

@yixiao5428 Should setCoins type be changed from a set<pair<const CWalletTx*,unsigned int>> to a set<CInputCoin> on line 2466?

@yixiao5428
Copy link
Author

yixiao5428 commented Jun 15, 2021

@yixiao5428 Should setCoins type be changed from a set<pair<const CWalletTx*,unsigned int>> to a set<CInputCoin> on line 2466?

Hi @p-j01, It's not necessary. They are basically the same. You can check this commit bitcoin/bitcoin@fd44ac1 from Bitcoin.

@DeerSpotter
Copy link

If this is closed then please close the issue.

@patricklodder
Copy link
Member

If this is closed then please close the issue.

I think the issue is valid and I haven't seen any real discussion on the 1.14 PR. If the target is to implement this for 1.21 per my suggestion, then we'd keep the issue open until we have a 1.21 release, if people disagree with my position then we keep it open until we merge #2314.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants