From 8245ea6fa62ad8163c2964965845833dd72849bf Mon Sep 17 00:00:00 2001
From: cryptozoidberg <crypto.zoidberg@gmail.com>
Date: Mon, 17 Jun 2019 11:15:12 +0300
Subject: [PATCH] added more strict pos validation

---
 src/currency_core/blockchain_storage.cpp       | 16 ++++++++++++++++
 utils/test_api_files/exec_getblocktemplate.bat |  1 +
 2 files changed, 17 insertions(+)
 create mode 100644 utils/test_api_files/exec_getblocktemplate.bat

diff --git a/src/currency_core/blockchain_storage.cpp b/src/currency_core/blockchain_storage.cpp
index a6f7daf36..b4a240573 100644
--- a/src/currency_core/blockchain_storage.cpp
+++ b/src/currency_core/blockchain_storage.cpp
@@ -1507,6 +1507,13 @@ bool blockchain_storage::handle_alternative_block(const block& b, const crypto::
     if (abei.height >= m_core_runtime_config.pos_minimum_heigh)
       cumulative_diff_delta = correct_difficulty_with_sequence_factor(sequence_factor, cumulative_diff_delta);
 
+    if (pos_block && sequence_factor > 20)
+    {
+      LOG_PRINT_RED_L0("Alternative block " << id << " @ " << abei.height << " has too big sequence factor: " << sequence_factor << ", rejected");
+      bvc.m_verification_failed = true;
+      return false;
+    }
+
     abei.cumulative_diff_adjusted += cumulative_diff_delta;
 
     abei.cumulative_diff_precise = get_last_alt_x_block_cumulative_precise_difficulty(alt_chain, abei.height, pos_block);
@@ -4458,6 +4465,15 @@ bool blockchain_storage::handle_block_to_main_chain(const block& bl, const crypt
   if (bei.height >= m_core_runtime_config.pos_minimum_heigh)
     cumulative_diff_delta = correct_difficulty_with_sequence_factor(sequence_factor, cumulative_diff_delta);
   
+  if (is_pos_bl && sequence_factor > 20)
+  {
+    LOG_PRINT_L0("Block with id: " << id
+      << " has too big sequence_factor = " << sequence_factor);
+    purge_block_data_from_blockchain(bl, tx_processed_count);
+    bvc.m_verification_failed = true;
+    return false;
+  }
+
   bei.cumulative_diff_adjusted += cumulative_diff_delta;
 
   //etc 
diff --git a/utils/test_api_files/exec_getblocktemplate.bat b/utils/test_api_files/exec_getblocktemplate.bat
new file mode 100644
index 000000000..08f7dca41
--- /dev/null
+++ b/utils/test_api_files/exec_getblocktemplate.bat
@@ -0,0 +1 @@
+curl --data @getblocktemplate.json  http://127.0.0.1:11211/json_rpc