You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Start the devnet cd snarkos && ./devnet with 4 validators, 0 clients
Observe the logs of validator1
Proof-of-Concept (PoC)
Assume validator0 is a malicious node, and validator1 is the node under attack.
The main approach of this attack is that validator0 frequently sends BatchPropose to validator1, where previous_certificate_ids will include BatchCertificateID of other honest nodes. However, validator0 does not respond to validator1's Event::CertificateRequest requests. When validator1 receives requests from honest nodes, due to the limitation on sending CertificateRequest, it will not send requests to other nodes. This eventually leads to validator1 being unable to communicate with other honest nodes.
This attack can prevent honest nodes from participating effectively in the consensus process, thereby affecting block production.
Supporting Material/References:
Logs:
2024-05-01T16:26:11.132940Z DEBUG Skipped sending request for certificate 7525999521597754.. to '127.0.0.1:5003' (2 redundant requests)2024-05-01T16:26:11.132940Z DEBUG Skipped sending request for certificate 7525999521597754.. to '127.0.0.1:5003' (2 redundant requests)
Additionally:
2024-05-01T16:17:34.709477Z ERROR Unable to advance to the next block - Failed to speculate on transactions - Failed to post-ratify - Next round 738 must be greater than current round 738 2024-05-01T16:17:34.709539Z ERROR BFT failed to advance the subdag for round 738 - Failed to speculate on transactions - Failed to post-ratify - Next round 738 must be greater than current round 738
the cause of this issue has not been identified yet
Impact
This attack can prevent honest nodes from participating effectively in the consensus process, thereby affecting block production.
The text was updated successfully, but these errors were encountered:
Confirmed that this is an issue that can be mitigated in a multitude of ways:
Rate limit batch propose messages from peers
Bound the sent_requests to peers. i.e. send 1 request to a peer at a time
I would say it's of high severity as it is a DOS attack that can be pretty easily mitigated. It also isn't a guarantee'd attack (although it can be sustained).
https://hackerone.com/reports/2485380
Summary:
Malicious validator send invalid
BatchPropose
and block theCertificateRequest
Steps To Reproduce:
git clone git@github.com:ghostant-1017/mysnarkOS.git && git checkout attack/blocking-certificate-request
cd snarkos && ./devnet
with 4 validators, 0 clientsvalidator1
Proof-of-Concept (PoC)
Assume validator0 is a malicious node, and validator1 is the node under attack.
The main approach of this attack is that validator0 frequently sends
BatchPropose
to validator1, whereprevious_certificate_ids
will includeBatchCertificateID
of other honest nodes. However, validator0 does not respond to validator1'sEvent::CertificateRequest
requests. When validator1 receives requests from honest nodes, due to the limitation on sending CertificateRequest, it will not send requests to other nodes. This eventually leads to validator1 being unable to communicate with other honest nodes.This attack can prevent honest nodes from participating effectively in the consensus process, thereby affecting block production.
Supporting Material/References:
Logs:
2024-05-01T16:26:11.132940Z DEBUG Skipped sending request for certificate 7525999521597754.. to '127.0.0.1:5003' (2 redundant requests)2024-05-01T16:26:11.132940Z DEBUG Skipped sending request for certificate 7525999521597754.. to '127.0.0.1:5003' (2 redundant requests)
Additionally:
2024-05-01T16:17:34.709477Z ERROR Unable to advance to the next block - Failed to speculate on transactions - Failed to post-ratify - Next round 738 must be greater than current round 738 2024-05-01T16:17:34.709539Z ERROR BFT failed to advance the subdag for round 738 - Failed to speculate on transactions - Failed to post-ratify - Next round 738 must be greater than current round 738
the cause of this issue has not been identified yet
Impact
This attack can prevent honest nodes from participating effectively in the consensus process, thereby affecting block production.
The text was updated successfully, but these errors were encountered: