Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix store malfeasant ATX #5929

Merged
merged 5 commits into from
May 13, 2024
Merged

Fix store malfeasant ATX #5929

merged 5 commits into from
May 13, 2024

Conversation

fasmat
Copy link
Member

@fasmat fasmat commented May 13, 2024
edited
Loading

Motivation

In specific cases storing an ATX will fail if it is malicious.

Description

atx.AddGettingNonce might return nil, nil for an invalid initial ATX. Specifically an ATX that isn't the first of an identity but references 0x000... as its previous ATX. Such an ATX might not contain a VRF nonce so it will fail to store with the error no nonce when persisting the malfeasance proof.

Additionally I made the check for a double 0x000... previous ATX more efficient by just fetching the initial ATX of the identity rather than going through the complete chain to find the collision.

Test Plan

Added a new test for the fix

TODO

  • Explain motivation or link existing issue(s)
  • Test changes and document test plan
  • Update documentation as needed
  • Update changelog as needed

@fasmat fasmat self-assigned this May 13, 2024
@fasmat fasmat requested review from dshulyak, poszu and ivan4th as code owners May 13, 2024 01:11
@codecov Codecov
Copy link

codecov bot commented May 13, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 66.66667% with 8 lines in your changes are missing coverage. Please review.

Project coverage is 80.4%. Comparing base (c1f9fb7) to head (17e54f3).
Report is 4 commits behind head on v1.5.

Files Patch % Lines
activation/handler.go 66.6% 4 Missing and 3 partials ⚠️
malfeasance/wire/malfeasance.go 0.0% 1 Missing ⚠️
Additional details and impacted files 
@@          Coverage Diff           @@
##            v1.5   #5929    +/-   ##
======================================
  Coverage   80.4%   80.4%            
======================================
  Files        285     286     +1     
  Lines      29579   29736   +157     
======================================
+ Hits       23804   23937   +133     
- Misses      4168    4176     +8     
- Partials    1607    1623    +16

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

poszu
poszu reviewed May 13, 2024
View reviewed changes
Copy link
Contributor

@poszu poszu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Specifically an ATX that isn't the first of an identity but references 0x000... as its previous ATX. Such an ATX might not contain a VRF nonce (...).

I don't understand, an ATX with previous=EMPTY that doesn't have a VRF nonce is syntactically invalid, isn't it?

activation/handler.go Outdated Show resolved Hide resolved
@fasmat
Copy link
Member Author

fasmat commented May 13, 2024

Specifically an ATX that isn't the first of an identity but references 0x000... as its previous ATX. Such an ATX might not contain a VRF nonce (...).

I don't understand, an ATX with previous=EMPTY that doesn't have a VRF nonce is syntactically invalid, isn't it?

You're right, the problem as a different one: blob already stored in atx_blobs. I reverted this part of the PR.

@fasmat fasmat requested a review from poszu May 13, 2024 09:39
@fasmat fasmat merged commit 0d2e5c3 into v1.5 May 13, 2024
19 of 20 checks passed
@fasmat fasmat deleted the store-malfeasant-atx branch May 13, 2024 10:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@poszu poszu poszu approved these changes

@ivan4th ivan4th ivan4th approved these changes

@dshulyak dshulyak Awaiting requested review from dshulyak dshulyak is a code owner

Assignees

@fasmat fasmat

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fasmat @ivan4th @poszu