Add replay attack protection on the Mist Wallet

[alexvandesande]

Add a replay attack protection for the Mist Wallet

[alexvandesande]

Contract for split protection of ether and tokens

// A generic token contract
contract Token { 
    function transferFrom(address _from, address _to, uint256 _value) returns (bool success);
}

// replay protection
contract ReplayProtection {
    bytes32 public chainSignature;
    mapping (address => bool) locked;

    function ReplayProtection() {
        // creates a unique signature with the latest 16 blocks
        for (uint i = 1; i < 16; i++) {
            chainSignature = sha3(chainSignature, block.blockhash(block.number - i));
        }
    }

    // Splits the funds into 2 addresses
    function etherSplit(address recipient, address altChainRecipient, bytes32 signature) returns(bool) {
        if (signature == chainSignature && recipient.send(msg.value)) {
            return true;
        } else if (signature != chainSignature && altChainRecipient.send(msg.value)) {
            return true;
        }
        throw; // don't accept value transfer, otherwise it would be trapped.
    }


    function tokenSplit(address recipient, address altChainRecipient, address tokenAddress, uint amount, bytes32 signature) returns (bool) {
        if (msg.value > 0 ) throw;

        Token token = Token(tokenAddress);

        if (signature == chainSignature && token.transferFrom(msg.sender, recipient, amount)) {
            return true;
        } else if (signature != chainSignature && token.transferFrom(msg.sender, altChainRecipient, amount)) {
            return true;
        }
        throw; // don't accept value transfer, otherwise it would be trapped.
    }

    function () {
        throw;
    }
}

deployed at 0x64668c59Ef8d480f3E832640A75566169a456541

abi:

[{"constant":false,"inputs":[{"name":"recipient","type":"address"},{"name":"altChainRecipient","type":"address"},{"name":"signature","type":"bytes32"}],"name":"etherSplit","outputs":[{"name":"","type":"bool"}],"type":"function"},{"constant":true,"inputs":[],"name":"chainSignature","outputs":[{"name":"","type":"bytes32"}],"type":"function"},{"constant":false,"inputs":[{"name":"recipient","type":"address"},{"name":"altChainRecipient","type":"address"},{"name":"tokenAddress","type":"address"},{"name":"amount","type":"uint256"},{"name":"signature","type":"bytes32"}],"name":"tokenSplit","outputs":[{"name":"","type":"bool"}],"type":"function"},{"inputs":[],"type":"constructor"}]

[hiddentao]

So when calling etherSplit you have to have precalculated the desired chain's signature in order to pass it in?

[alexvandesande]

Yes. We will hardcode the chain signature on the wallet. Another way to do this would be if I included a block hash or block number on the constructor function so that it automatically set a bool to a given number.

[hiddentao]

Yeah, the ReplaySafeContract seems to take the simpler block number approach - http://etherscan.io/address/0xaa1a6e3e6ef20068f7f8d8c835d2d22fd5116444#code

[hiddentao]

Where would we add this though? Would we add it internally to all invocations of sendTransaction? We would then also have to take into account contract creation and method call transactions.

[luclu]

We might want this in conjunction with the contract:

Add "transfer all" option for contracts #1051

[whatisgravity]

Shouldn't the solution for this go in a different layer of the stack?

[alexvandesande]

@whatisgravity There's a current EIP for this long term, probably the Metropolis HF: ethereum/EIPs#134

But adding it to Mist is a solution that can be achieve in the short term.

[alexvandesande]

WIP: ethereum/meteor-dapp-wallet#271

[lock]

This thread has been automatically locked because it has not had recent activity. Please open a new issue for related bugs and link to relevant comments in this thread.