Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[HackerOne-2310746] Add fee check to transmissions fetched in batch proposal. #3104

Merged
merged 4 commits into from
Mar 4, 2024
Merged

[HackerOne-2310746] Add fee check to transmissions fetched in batch proposal. #3104

merged 4 commits into from
Mar 4, 2024

Conversation

raychu86
Copy link
Contributor

Motivation

This PR performs basic checks on transmissions fetched from batch proposals. We now check that the transmission id's match and that the transmission is not a Fee transaction.

This fix does not address all the issues, but is an added mitigation for the malicious Fee transmission case. This is an incremental fix for #3098.

Related PRs

This PR is related to #3098, and is a simpler approach that addresses one case of the problem.

This PR fixes #2990, but is insufficient for #2991.

This was referenced Mar 1, 2024
Merged
Closed
Closed
@raychu86 raychu86 force-pushed the feat/simple-proposal-transmission-check branch from af95fff to f8c2827 Compare March 3, 2024 20:11
howardwu
howardwu reviewed Mar 4, 2024
View reviewed changes
node/bft/src/primary.rs
let mut transmissions = self.sync_with_batch_header_from_peer(peer_ip, &batch_header).await?;

// Check that the transmission ids match and are not fee transactions.
for (transmission_id, transmission) in transmissions.iter_mut() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ljedrz can you profile this and determine if an optimization is possible with rayon or tokio?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feel free to open a new PR if so

Copy link
Contributor Author

@raychu86 raychu86 Mar 4, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that the number of transmissions here can be up to 50, and each one will be deserializing the Transmission Data object.

@howardwu howardwu merged commit 39fbf98 into mainnet Mar 4, 2024
23 of 24 checks passed
@howardwu howardwu deleted the feat/simple-proposal-transmission-check branch March 4, 2024 00:10
@howardwu howardwu mentioned this pull request Mar 4, 2024
Closed
@raychu86 raychu86 mentioned this pull request Mar 4, 2024
Closed
@howardwu howardwu mentioned this pull request Mar 5, 2024
Draft
@howardwu howardwu mentioned this pull request Mar 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@howardwu howardwu howardwu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug] A malicious validator can broadcast certificate with Transaction::Fee and block the network
2 participants
@raychu86 @howardwu