Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stateless_validation][tracking issue] Security concerns Round-1 #10565

Closed
Tracked by #46
Longarithm opened this issue Feb 2, 2024 · 3 comments · May be fixed by #11111
Closed
Tracked by #46

[stateless_validation][tracking issue] Security concerns Round-1 #10565

Longarithm opened this issue Feb 2, 2024 · 3 comments · May be fixed by #11111
Assignees
@pugachAG
Labels
A-stateless-validation Area: stateless validation

Comments

@Longarithm
Copy link
Member

Longarithm commented Feb 2, 2024
edited by walnut-the-cat

As new messages for StateWitness and ChunkEndorsement are introduced, we need to ensure that protocol is safe under malicious behaviour of nodes.

Currently state witness is signed by the chunk producer which makes it possible to validate the source early in validation process. We still need to address the issues described below.

Deserialising potentially large state witness struct

Currently stateless validator receives ChunkStateWitnessMessage via network and puts it in memory before performing any further validations. We need to ensure a size limit for this message, something like 32MB.

Update: we actually limit incoming network message to 500MB: source.

Making validator waste resources validating irrelevant chunks

Currently it is possible to make chunk validator perform irrelevant/redundant work in the following scenarios:

We need to introduce protection agains that.
@Longarithm Longarithm added the A-stateless-validation Area: stateless validation label Feb 2, 2024
@Longarithm Longarithm mentioned this issue Feb 2, 2024
Open
52 tasks
@github-actions github-actions bot mentioned this issue Mar 1, 2024
Closed
@walnut-the-cat
Copy link
Contributor

@pugachAG , will add you as an owner of this issue for now. Please update as you work towards it

@walnut-the-cat walnut-the-cat changed the title [stateless_validation] Security testing [stateless_validation][tracking issue] Security concerns Apr 4, 2024
@pugachAG pugachAG mentioned this issue Apr 16, 2024
Merged
github-merge-queue bot pushed a commit that referenced this issue Apr 17, 2024
@pugachAG
feat: skip processing old state witnesses (#11081)
6d17fa9 
This PR introduces protection against wasting stateless validator
resources on processing state witness when chunk endorsement is
guaranteed not to have an effect on the chain state. In particular any
chunk with `height_created` that doesn't exceed the height of the last
final block can be safely skipped.

Part of #10565.
@pugachAG pugachAG mentioned this issue Apr 18, 2024
Draft
@walnut-the-cat walnut-the-cat changed the title [stateless_validation][tracking issue] Security concerns [stateless_validation][tracking issue] Security concerns Round-1 Apr 18, 2024
@walnut-the-cat
Copy link
Contributor

Appending 'Round-1' to the title to indicate this is first round of security concerns. Please note that there may be more incoming as we make progress and following concerns will be tracked in a different issue.

@pugachAG pugachAG linked a pull request Apr 18, 2024 that will close this issue
feat: avoid processing state witness multiple times #11111
Draft
@pugachAG
Copy link
Contributor

the only remaining item here is #11193

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pugachAG pugachAG

Labels
A-stateless-validation Area: stateless validation
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: avoid processing state witness multiple times near/nearcore
3 participants
@pugachAG @Longarithm @walnut-the-cat