Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Local random member selection bugs #3

Open
tcrain opened this issue Apr 21, 2020 · 0 comments
Open

Local random member selection bugs #3

tcrain opened this issue Apr 21, 2020 · 0 comments
Labels
bug Something isn't working

Comments

@tcrain
Copy link
Owner

tcrain commented Apr 21, 2020

When local random member selection is used, security relies on only the local node knowing the members.

Currently when an external node asks for recovery (i.e. in case of a lost message), the reply will, when loaded from disk contain the full state of the consensus instance which will reveal the members. Instead this should only contain the message sent by the local node.

Another issue is when using reliable broadcast, a set of Byzantine nodes can get the system to enter a sate when the Broadcast has started but not terminated, but the Byzantine nodes may allow it to
terminate later. This gives the attacker infinite time to identify and corrupt the member selection of nodes. A possible fix would be to allow a node to change members even for within the same reliable broadcast instance after a timeout, though this would need some careful design to ensure other properties are not broken.
@tcrain tcrain added the bug Something isn't working label Apr 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tcrain