Skip to content

Latest commit

 

History

History
51 lines (40 loc) · 2.49 KB

README.md

File metadata and controls

51 lines (40 loc) · 2.49 KB
Raw

aka-sweep

warning:

  • use at your own risk.
  • App will automatically load keys and signs transactions.
  • Loss of funds can easily occur if app is run anywhere but a fully secure and trusted environment.
  • You are responsible for securing your keys
  • The developer is not responsible in any way for how you may use the software, including loss of funds.
  • The developer recommends that you do not use this software.

Configuration (to use aka-sweep, you need to define these):

  • keyfiles: /secure/UTC--foobar-mn-1.json, /secure/UTC--foobar-mn-2.json
  • properties file: /secure/application.properties with clear text passwords to unlock the account keyfiles
  • modified destination.account address
  • modified web3.rpc.url location of local aka rpc node. (optionally can use public node)

Optional config:

  • number of blocks to wait for chain confirmation. C
  • gas prices

sweep logic:

  • Load all accounts for keyfiles in given directory
  • wait C number of confirmation blocks.
  • For each account, if it holds more than 5,000 aka
    • do nothing if from-address matches txn in mem pool
    • optionally, do nothing if to-address matches txn in mem pool
    • transfer amount greater than 5k to destination address.

chain validation, watching for re-orgs:

  • when a new block is received, a check is made that the parent block hash matches.
  • If a block is received without a matching parent, the chain is walked back until the matching parent is found.
  • The number of blocks that must be walked back is the height of a chain re-org.
  • montioring the chain for large re-orgs is a way to monitor chain health.

run it:

  • in IDE from Application.java
  • docker run -d -v /mnt/secure/aka-mn-keys:/secure <imageid>
  • docker-compose build akroma-sweep

Waiting C blocks at start allows time to load transacation mempool, which prevents flooding network with duplicate transactions w same nonce.

Todo:

  • accept cleartext private keys in addition to UTC--keyfile.json/password combo.
  • gracful handing of node reboot. after reconnect, app will receive flood of old blocks as node re-syncs chain.
  • transactions from all blocks are put in mem pool, even orphan blocks. no attempt is done to undo adding txn pool when block is found to be orphan.
  • More chain attack checks:
    • done: check parent block hash match, looking for high re-org height.
    • check same miner mined unreasonably large number of sequential blocks (easily defeated by attacking miner using many addresses)