Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not parse block body before header has been validated #1642

Closed
ignopeverell opened this issue Oct 2, 2018 · 3 comments · Fixed by #3023
Closed

Do not parse block body before header has been validated #1642

ignopeverell opened this issue Oct 2, 2018 · 3 comments · Fixed by #3023
Labels
enhancement help wanted

Comments

@ignopeverell
Copy link
Contributor

The current code and data structures read a full block all at once. This could make a short-lived (because banning would still be relatively quick) DDoS attack.
@c410-f3r
Copy link

I guess this was already been implemented.

grin/core/src/core/block.rs

Lines 303 to 309 in 9c32321

// Check the block version before proceeding any further.
// We want to do this here because blocks can be pretty large
// and we want to halt processing as early as possible.
// If we receive an invalid block version then the peer is not on our hard-fork.
if !consensus::valid_header_version(height, version) {
return Err(ser::Error::InvalidBlockVersion);
}

@antiochp
Copy link
Member

antiochp commented May 20, 2019
edited
Loading

I guess this was already been implemented.

No. We are still parsing the full block prior to this.

Edit: Actually that is one scenario where header parsing would halt the block processing.

The issue is more around how we pass a "full block" into chain and pipe for block processing. The first step is then to validate the header and if this fails (PoW is invalid for example) we reject the full block.
In scenarios like this is would be more efficient to defer parsing of the full block until after we have validated the header.

@c410-f3r
Copy link

I will then fix it

hashmap added a commit to cyclefortytwo/grin that referenced this issue Sep 6, 2019
@hashmap
Verify headers and blocks only when needed
7cff552 
Curretnly we have some lightweigt validation implemented as part of
entity deserialization, which is safer and allows us to not parse the
entire object if some part is invalid. At the same time this logic
always applies when we read an entity, eg when reading from DB.

This PR introduces UntrustedHeader/Block which is used when we read from
the network. It does partial validation during read, then it is supposed
to be converted into regular header/block which doesn't validate itself.

Also this PR adds "lightweight" validation to block header read like we have
for block body, so we don't parse block body if the header is invalid.

Fixes mimblewimble#1642
@hashmap hashmap mentioned this issue Sep 6, 2019
Merged
hashmap added a commit to cyclefortytwo/grin that referenced this issue Oct 22, 2019
@hashmap
Verify headers and blocks only when needed
adcff76 
Curretnly we have some lightweigt validation implemented as part of
entity deserialization, which is safer and allows us to not parse the
entire object if some part is invalid. At the same time this logic
always applies when we read an entity, eg when reading from DB.

This PR introduces UntrustedHeader/Block which is used when we read from
the network. It does partial validation during read, then it is supposed
to be converted into regular header/block which doesn't validate itself.

Also this PR adds "lightweight" validation to block header read like we have
for block body, so we don't parse block body if the header is invalid.

Fixes mimblewimble#1642
hashmap added a commit that referenced this issue Oct 27, 2019
@hashmap
Verify headers and blocks only when needed (#3023)
1f5de6b 
* Verify headers and blocks only when needed

Curretnly we have some lightweigt validation implemented as part of
entity deserialization, which is safer and allows us to not parse the
entire object if some part is invalid. At the same time this logic
always applies when we read an entity, eg when reading from DB.

This PR introduces UntrustedHeader/Block which is used when we read from
the network. It does partial validation during read, then it is supposed
to be converted into regular header/block which doesn't validate itself.

Also this PR adds "lightweight" validation to block header read like we have
for block body, so we don't parse block body if the header is invalid.

Fixes #1642

* Move version validation to untrusted header

* update fuzz tests
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Verify headers and blocks only when needed cyclefortytwo/grin
3 participants
@c410-f3r @ignopeverell @antiochp