Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Malleability C] flow.CertifiedBlock #6717

Open
Tracked by #6647
UlyanaAndrukhiv opened this issue Nov 14, 2024 · 0 comments
Open
Tracked by #6647

[Malleability C] flow.CertifiedBlock #6717

UlyanaAndrukhiv opened this issue Nov 14, 2024 · 0 comments

Comments

@UlyanaAndrukhiv
Copy link
Contributor

UlyanaAndrukhiv commented Nov 14, 2024
edited by illia-malachyn
Loading

Problem description

CertifiedBlock is a Block with acquired quorum. ID() implementation is wrong as it doesn't cover the quorum certificate, a byzantine consensus node can change the QC without being noticed by other nodes. The usage of this data structure should be reviewed to be proven safe.

flow-go/model/flow/block.go

Lines 77 to 84 in edf27b0

// CertifiedBlock holds a certified block, which is a block and a QC that is pointing to
// the block. A QC is the aggregated form of votes from a supermajority of HotStuff and
// therefore proves validity of the block. A certified block satisfies:
// Block.View == QC.View and Block.BlockID == QC.BlockID
type CertifiedBlock struct {
Block *Block
CertifyingQC *QuorumCertificate
}

flow-go/model/flow/block.go

Lines 100 to 104 in edf27b0

// ID returns unique identifier for the block.
// To avoid repeated computation, we use value from the QC.
func (b *CertifiedBlock) ID() Identifier {
return b.CertifyingQC.BlockID
}

flow-go/model/flow/quorum_certificate.go

Lines 3 to 23 in edf27b0

// QuorumCertificate represents a quorum certificate for a block proposal as defined in the HotStuff algorithm.
// A quorum certificate is a collection of votes for a particular block proposal. Valid quorum certificates contain
// signatures from a super-majority of consensus committee members.
type QuorumCertificate struct {
View uint64
BlockID Identifier
// SignerIndices encodes the HotStuff participants whose vote is included in this QC.
// For `n` authorized consensus nodes, `SignerIndices` is an n-bit vector (padded with tailing
// zeros to reach full bytes). We list the nodes in their canonical order, as defined by the protocol.
SignerIndices []byte
// For consensus cluster, the SigData is a serialization of the following fields
// - SigType []byte, bit-vector indicating the type of sig produced by the signer.
// - AggregatedStakingSig []byte
// - AggregatedRandomBeaconSig []byte
// - ReconstructedRandomBeaconSig crypto.Signature
// For collector cluster HotStuff, SigData is simply the aggregated staking signatures
// from all signers.
SigData []byte
}

Proposed solution

Change implementation of ID() so that it hashes the quorum certificate too
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@UlyanaAndrukhiv