-
Notifications
You must be signed in to change notification settings - Fork 584
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[stateless_validation][tracking issue] Security concerns Round-1 #10565
Labels
A-stateless-validation
Area: stateless validation
Comments
52 tasks
@pugachAG , will add you as an owner of this issue for now. Please update as you work towards it |
walnut-the-cat
changed the title
[stateless_validation] Security testing
[stateless_validation][tracking issue] Security concerns
Apr 4, 2024
github-merge-queue bot
pushed a commit
that referenced
this issue
Apr 17, 2024
This PR introduces protection against wasting stateless validator resources on processing state witness when chunk endorsement is guaranteed not to have an effect on the chain state. In particular any chunk with `height_created` that doesn't exceed the height of the last final block can be safely skipped. Part of #10565.
walnut-the-cat
changed the title
[stateless_validation][tracking issue] Security concerns
[stateless_validation][tracking issue] Security concerns Round-1
Apr 18, 2024
Appending 'Round-1' to the title to indicate this is first round of security concerns. Please note that there may be more incoming as we make progress and following concerns will be tracked in a different issue. |
the only remaining item here is #11193 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As new messages for StateWitness and ChunkEndorsement are introduced, we need to ensure that protocol is safe under malicious behaviour of nodes.
Currently state witness is signed by the chunk producer which makes it possible to validate the source early in validation process. We still need to address the issues described below.
Deserialising potentially large state witness struct
Currently stateless validator receives
ChunkStateWitnessMessage
via network and puts it in memory before performing any further validations. We need to ensure a size limit for this message, something like32MB
.Update: we actually limit incoming network message to 500MB: source.
Making validator waste resources validating irrelevant chunks
Currently it is possible to make chunk validator perform irrelevant/redundant work in the following scenarios:
We need to introduce protection agains that.
The text was updated successfully, but these errors were encountered: