Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NCC-2016-016 - Generous Miners using Alternative Clients may Cause Forks #1460

Closed
rcseacord opened this issue Sep 30, 2016 · 7 comments
Closed

NCC-2016-016 - Generous Miners using Alternative Clients may Cause Forks #1460

rcseacord opened this issue Sep 30, 2016 · 7 comments
Assignees
@daira
Labels
A-consensus Area: Consensus rules A-consensus-fr Area: Founders' Reward C-audit Category: Issues and tasks related to audit findings I-SECURITY Problems and improvements related to security.
Milestone
1.0.0-beta2 - aud...

Comments

@rcseacord
Copy link
Contributor

We're currently assessing impact before publishing more detail.
@daira daira added NCC finding I-SECURITY Problems and improvements related to security. labels Sep 30, 2016
@daira
Copy link
Contributor

daira commented Sep 30, 2016

The Zcash protocol specifies that a founder’s reward will be paid out to a specific address up until a certain point in time.
Currently, there are two ways to pay into this founder’s address:

  1. As the founder’s address is a public, normal address, any user can simply create a
    transaction with the founder’s address listed as the output.
  2. Each block that is mined must send 20% of the reward to the founder’s address.
    When checking the validity of a block, the 20% of a reward is checked at location
    main.cpp:3075: [...]
    The straight equality check may lead to forks if a miner is particularly generous. If an alternative client is put forth which allows more than 20% of the reward being sent to the founder address, forks may arise because of the difference in consensus rules.

Recommendation
Instead of a strict equality check, perform a greater-than-or-equals check against 20% of the block subsidy.

@daira
Copy link
Contributor

daira commented Sep 30, 2016

This is specified as intended. I will clarify the protocol specification to make the strict equality a MUST requirement, ensuring that this is clear to implementors of alternative clients. A miner (or anyone else) may donate any additional ZEC to Founders' addresses if it feels like it, but must do so in a separate output. There is a potential spec ambiguity in the case of multiple outputs to the correct Founders' address, which I will also clarify and check against the implementation.

@daira daira self-assigned this Sep 30, 2016
@daira daira changed the title NCC-2016-016 NCC-2016-016 - Generous Miners using Alternative Clients may Cause Unintentional Forks Sep 30, 2016
@daira daira added A-consensus Area: Consensus rules A-consensus-fr Area: Founders' Reward needs prioritization labels Sep 30, 2016
@daira daira changed the title NCC-2016-016 - Generous Miners using Alternative Clients may Cause Unintentional Forks NCC-2016-016 - Generous Miners using Alternative Clients may Cause Forks Oct 1, 2016
@daira daira mentioned this issue Oct 1, 2016
Closed
daira added a commit to zcash/zips that referenced this issue Oct 2, 2016
@daira
Clarify Founders' Reward consensus rule. fixes #63
e66abc2 
refs zcash/zcash#1460

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Copy link
Contributor

daira commented Oct 2, 2016

Fixed in version 2016.0-beta-1.7 of the protocol spec. I verified that the consensus enforcement code matches the new spec (sections 6.5 and 6.6), but I'd appreciate it if someone double-checked that before closing this ticket.

@str4d
Copy link
Contributor

str4d commented Oct 4, 2016

In the engineering meeting, either @bitcartel or @ageis said they would double-check the code against the spec. I can't remember which.

@bitcartel
Copy link
Contributor

bitcartel commented Oct 4, 2016
edited

  1. The testnet addresses in the spec need to be updated with the latest version in chainparams.cpp.
  2. The formulas in the spec for FounderAddressChangeInterval and FounderAddressIndex are visually different from the code, making use of ceiling and floor. Could that confuse people?

@daira
Copy link
Contributor

daira commented Oct 4, 2016
edited

[@bitcartel's comment confuses me because it seems to be for #1477, but I answered it here anyway.]

I've just done 1. (in 2016.0-beta-1.8).

For 2., we could add a comment, but I don't see that as a blocker for this release.

@str4d
Copy link
Contributor

str4d commented Oct 4, 2016

I'm satisfied that the spec and code are consistent. ACK.

@daira daira closed this as completed Oct 4, 2016
@daira daira added this to Complete in Security and Stability Nov 11, 2017
@str4d str4d added the C-audit Category: Issues and tasks related to audit findings label Aug 17, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@daira daira

Labels
A-consensus Area: Consensus rules A-consensus-fr Area: Founders' Reward C-audit Category: Issues and tasks related to audit findings I-SECURITY Problems and improvements related to security.
Projects
None yet
Milestone
1.0.0-beta2 - audit mitigations and c...
Development

No branches or pull requests
4 participants
@bitcartel @daira @rcseacord @str4d