Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Malleability C] flow.Block #6716

Open
Tracked by #6647
UlyanaAndrukhiv opened this issue Nov 14, 2024 · 0 comments
Open
Tracked by #6647

[Malleability C] flow.Block #6716

UlyanaAndrukhiv opened this issue Nov 14, 2024 · 0 comments

Comments

@UlyanaAndrukhiv
Copy link
Contributor

UlyanaAndrukhiv commented Nov 14, 2024
edited by illia-malachyn
Loading

Problem description

flow.Block is a heavily used data structure currently malleable. Not all fields of a block are hashed properly. Payload's hash is wrong due to how the collection guarantees ID() method is implemented.

flow-go/model/flow/payload.go

Lines 7 to 24 in edf27b0

// Payload is the actual content of each block.
type Payload struct {
// Guarantees are ordered in execution order. May be empty, in which case
// only the system chunk is executed for this block.
Guarantees []*CollectionGuarantee
// Seals holds block seals for ancestor blocks.
// The oldest seal must connect to the latest seal in the fork extended by this block.
// Seals must be internally connected, containing no seals with duplicate block IDs or heights.
// Seals may be empty. It presents a set, i.e. there is no protocol-defined ordering.
Seals []*Seal
Receipts ExecutionReceiptMetaList
Results ExecutionResultList
// ProtocolStateID is the root hash of protocol state. Per convention, this is the resulting
// state after applying all identity-changing operations potentially contained in the block.
// The block payload itself is validated wrt to the protocol state committed to by its parent.
// Thereby, we are only accepting protocol states that have been certified by a valid QC.
ProtocolStateID Identifier
}

flow-go/model/flow/payload.go

Lines 53 to 60 in edf27b0

// Hash returns the root hash of the payload.
func (p Payload) Hash() Identifier {
collHash := MerkleRoot(GetIDs(p.Guarantees)...)
sealHash := MerkleRoot(GetIDs(p.Seals)...)
recHash := MerkleRoot(GetIDs(p.Receipts)...)
resHash := MerkleRoot(GetIDs(p.Results)...)
return ConcatSum(collHash, sealHash, recHash, resHash, p.ProtocolStateID)
}

flow-go/model/flow/collectionGuarantee.go

Lines 7 to 20 in edf27b0

// CollectionGuarantee is a signed hash for a collection, which is used
// to announce collections to consensus nodes.
type CollectionGuarantee struct {
CollectionID Identifier // ID of the collection being guaranteed
ReferenceBlockID Identifier // defines expiry of the collection
ChainID ChainID // the chainID of the cluster in order to determine which cluster this guarantee belongs to
SignerIndices []byte // encoded indices of the signers
Signature crypto.Signature // guarantor signatures
}
// ID returns the fingerprint of the collection guarantee.
func (cg *CollectionGuarantee) ID() Identifier {
return cg.CollectionID
}

Proposed solution

Fix collection guarantee ID() implementation

P.S.

This is actually a copy of #6722
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@UlyanaAndrukhiv