New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ZCA­005 - Unlimited number of transaction proofs allows CPU­ exhaustion attacks #1388

Open
nathan-at-least opened this Issue Sep 13, 2016 · 3 comments

Comments

Projects
4 participants
@nathan-at-least
Copy link
Contributor

nathan-at-least commented Sep 13, 2016

No description provided.

@nathan-at-least nathan-at-least changed the title ZCA­005 - Unlimited number of transaction proofs allows CPU­exhaustion attacks ZCA­005 - Unlimited number of transaction proofs allows CPU­ exhaustion attacks Sep 13, 2016

@nathan-at-least

This comment has been minimized.

Copy link
Contributor Author

nathan-at-least commented Sep 13, 2016

We consider this not to be an issue somewhat by happenstance in our current design:

  • blocksize limit provides an "incidental cap" on JS count.
  • JS verification is necessarily fully parallel.
  • We expect other CPU exhaustion vectors to pop up when raising the blocksize limit which may be worse (eg: non-segwit SIGHASH_ALL superlinearity).

However, it's important to keep this in mind, so I'm going to add a "protocol fragility" label here.

@SergioDemianLerner

This comment has been minimized.

Copy link
Contributor

SergioDemianLerner commented Sep 16, 2016

This issue may become relevant if orphan transaction having JS proofs is enabled (currently it is not). In that case, the verification of JS proofs can be re-triggered over and over by the reception of new parent transactions (when not all parents (providing the orphan tx inputs) are present).

@daira

This comment has been minimized.

Copy link
Contributor

daira commented Jan 1, 2017

@SergioDemianLerner: the expensive part of the proof verification would be fully cachable in that case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment