Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[release-v2.0] main: Use backported mixing updates. #3458

Merged
merged 5 commits into from
Nov 11, 2024

Conversation

davecgh
Copy link
Member

@davecgh davecgh commented Nov 11, 2024

This updates the 2.0 release branch to use the latest version of the mixing module which includes various fixes to make decentralized mixing more robust against misbehaving peers. All participants will need to update to the latest version to achieve the maximum anonymity set.

In particular, the following updated module version is used:

- github.com/decred/dcrd/[email protected]

Note that it also cherry picks all of the commits included in updates to the mixing module to ensure they are also included in the release branch even though it is not strictly necessary since go.mod has been updated to require the new release and thus will pull in the new code. However, from past experience, not having code backported to modules available in the release branch too leads to headaches for devs building from source in their local workspace with overrides such as those in go.work.

The following PRs are included:

jrick and others added 5 commits November 11, 2024 14:59
rand.Duration may not be called with a negative or zero upper bound, but this
was seen to occur in (*Client).prDelay().  Two notable possible bugs stood out.

First, if sendBefore is exactly equal to now, then it will not be incremented
by another epoch duration, leading to a potential invalid rand.Duration
parameter.  This is corrected by also checking for the times equaling exactly.

Second, time.Until() causes an additional call to time.Now(), which we have
already fetched and all calculations must be based on it.  If
sendBefore.Sub(now) is an extremely small value, it is possible that
time.Until(sendBefore) now returns a small negative or zero duration.  This is
corrected by replacing the time.Until call with sendBefore.Sub(now).
If the csppsolver process has unexpectedly exited after successful startup
(due to crash, signal, oom-killer, etc.) unset the PR flag indicating root
solving support for future mixes.  Wait for other peers to publish roots (if
any do), otherwise our peer will be (correctly) blamed for not publishing
roots.
The purpose of the SR (slot reservation) mix is to determine unique anonymous
slot positions for the DC-net (xor) mix.  However, there was a missing check
by non-root-solving peers that the published roots are in the proper order.
This could result in a malicious actor publishing roots in a different order,
disrupting mixes by causing non-root-solving peers to unknowingly perform the
DC-net in the wrong slots, and causing the wrong peers to be blamed for
disrupting the mix.

Prevent this by requiring roots to be sorted before slots are discovered.
This also matches the root-sorting that occurred in the older client-server
design.

This change is not compatible with previous mixclient versions, as the DC-net
mix would occur with peers writing messages into different slots.  The pairing
version included in PR messages is updated to reflect this.
When a RS (reveal secrets) message was published, the mixpool Receive method
would immediately return, and blame assignment was immediately run.  This
created a logic race (due to message propagation over the network) where not
all peers would run blame assignment with all currently-published messages,
and different peers would blame different sets of peers for missing messages.

Correct this by modifying the Receive method to not return ErrSecretsRevealed
until the total number of expected messages have been received first.
This updates the 2.0 release branch to use the latest version of the
mixing module which includes various fixes to make decentralized mixing
more robust against misbehaving peers.  All participants will need to
update to the latest version to achieve the maximum anonymity set.

In particular, the following updated module version is used:

- github.com/decred/dcrd/[email protected]
@davecgh davecgh added this to the 2.0.5 milestone Nov 11, 2024
@davecgh davecgh merged commit ce5824c into decred:release-v2.0 Nov 11, 2024
2 checks passed
@davecgh davecgh deleted the rel20_mixing_backports branch November 11, 2024 21:26
@davecgh davecgh added the mix pairing version change Discussion and pull requests regarding items that require changes to the mix pairing version. label Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
mix pairing version change Discussion and pull requests regarding items that require changes to the mix pairing version.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants