Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ZKS-02] Add committee ID checks when processing proposals and certificates #3129

Merged
merged 7 commits into from Mar 3, 2024
Merged

[ZKS-02] Add committee ID checks when processing proposals and certificates #3129

merged 7 commits into from Mar 3, 2024

Conversation

raychu86
Copy link
Contributor

@raychu86 raychu86 commented Feb 26, 2024
edited

Motivation

This PR adds an additional committee ID check when processing batch proposals and batch certificates from peers. This check guarantees that the proposal/certificate from a validator must have the same committee id that your validator node expects for the given round, which means both validators have consistent committee state.

If this committee ID from a peer's batch proposal is not what was expected, that means the peer is either being malicious or has deviated state. The new logic will now ignore the proposal and disconnect from the peer in an attempt to not perpetuate a subdag based on deviated committee state.

The sister PR can be found here: AleoNet/snarkVM#2374

Audit Finding: [zksecurity 02] Dynamic Committee Feature is Not Safe

@raychu86 raychu86 changed the title [ZKS-02] Add committee ID checks when processing batch proposals [ZKS-02] Add committee ID checks when processing proposals and certificates Feb 26, 2024
howardwu
howardwu reviewed Mar 3, 2024
View reviewed changes
Cargo.toml Outdated Show resolved Hide resolved
howardwu and others added 3 commits March 2, 2024 21:05
@howardwu
Merge branch 'mainnet' into committee-id
0ec30cb
@raychu86 @howardwu
Update Cargo.toml
3e3c0a4 
Co-authored-by: Howard Wu <9260812+howardwu@users.noreply.github.com>
Signed-off-by: Raymond Chu <14917648+raychu86@users.noreply.github.com>
@raychu86
nit: logs
d7a0208
@howardwu howardwu merged commit 1c23c9a into mainnet Mar 3, 2024
0 of 24 checks passed
@howardwu howardwu deleted the committee-id branch March 3, 2024 04:16
This was referenced Mar 3, 2024
Closed
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@acoglio acoglio acoglio approved these changes

@howardwu howardwu howardwu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@raychu86 @acoglio @howardwu