absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-08 12:19:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add additional checks to key_gen/sign

Browse Source 
There is the ability to cause state bloat by flooding Tributary.
KeyGen/Sign specifically shouldn't allow bloat since we check the
commitments/preprocesses/shares for validity. Accordingly, any invalid data
(such as bloat) should be detected.

It was posssible to place bloat after the valid data. Doing so would be
considered a valid KeyGen/Sign message, yet could add up to 50k kB per sign.
This commit is contained in:
Luke Parker
2023-04-20 05:22:59 -04:00
parent 8041a0d845
commit 8b5eaa8092
2 changed files with 26 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
processor/src/key_gen.rs
View File

@@ -267,6 +267,12 @@ impl<C: Coin, D: Db> KeyGen<C, D> {
let (coin_machine, coin_shares) =
handle_machine(&mut rng, params, machines.1, &mut commitments_ref);
for (_, commitments) in commitments_ref {
if !commitments.is_empty() {
todo!("malicious signer: extra bytes");
}
}
self.active_share.insert(id.set, (substrate_machine, coin_machine));
let mut shares: HashMap<_, _> =
@@ -354,6 +360,12 @@ impl<C: Coin, D: Db> KeyGen<C, D> {
let substrate_keys = handle_machine(&mut rng, params, machines.0, &mut shares_ref);
let coin_keys = handle_machine(&mut rng, params, machines.1, &mut shares_ref);
for (_, shares) in shares_ref {
if !shares.is_empty() {
todo!("malicious signer: extra bytes");
}
}
let mut coin_keys = ThresholdKeys::new(coin_keys);
C::tweak_keys(&mut coin_keys);