You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current implementation of SignedUpdateProposal leaves some space for replay attacks. If the signature is only on the changes, it can be replayed at a later date, or in a different chain.
I'm not sure of the implications, submitting a transaction still requires to pay some fee, and if the proposal is not any good other leaders would not vote it. On the other side, if the proposal is accepted, that means bft leaders agreed on it.
However, I do not like having an implementation that suggests something is securely authenticated when it's not. I think we should either fix this (e.g. include a counter of how many proposals have been submitted + block0 hash in the signature, have the whole transaction directly signed by a bft leader key?) or remove the signature altogether. I still don't have a strong preference on any of the two, but maybe sticking with the initial idea of only allowing bft leaders to do so is a safer approach.
The current implementation of
SignedUpdateProposal
leaves some space for replay attacks. If the signature is only on the changes, it can be replayed at a later date, or in a different chain.I'm not sure of the implications, submitting a transaction still requires to pay some fee, and if the proposal is not any good other leaders would not vote it. On the other side, if the proposal is accepted, that means bft leaders agreed on it.
However, I do not like having an implementation that suggests something is securely authenticated when it's not. I think we should either fix this (e.g. include a counter of how many proposals have been submitted + block0 hash in the signature, have the whole transaction directly signed by a bft leader key?) or remove the signature altogether. I still don't have a strong preference on any of the two, but maybe sticking with the initial idea of only allowing bft leaders to do so is a safer approach.
Originally posted by @zeegomo in #665 (comment)
The text was updated successfully, but these errors were encountered: