sdaftuar
commented at 6:36 pm on October 6, 2017:
member
A peer could try to waste our resources by sending us unrequested blocks with
low work (eg to fill up our disk). Since e265200 we no longer request blocks until we
know we’re on a chain with more than nMinimumChainWork (our anti-DoS
threshold), but we would still process unrequested blocks that had more work
than our tip (which generally has low-work during IBD), even though we may not
yet have found a headers chain with sufficient work.
Fix this and add a test.
gmaxwell
commented at 7:04 pm on October 6, 2017:
contributor
Concept ACK
TheBlueMatt
commented at 0:17 am on October 7, 2017:
member
Concept ACK, though fForceProcessing/fRequested doesn’t do the thing you think it does, see, eg #9352#pullrequestreview-13343287.
fanquake added the label
Validation
on Oct 7, 2017
promag
commented at 7:49 am on October 7, 2017:
member
This is only useful if tip chain work is less than minimum chain work, which I think only happens in IBD?
Edit: ready more carefully the PR description.
Maybe we should just ignore unrequested blocks if tip chain work < minimum chain work? This way this test could be moved before AcceptBlockHeader?
sdaftuar
commented at 12:31 pm on October 7, 2017:
member
Concept ACK, though fForceProcessing/fRequested doesn’t do the thing you think it does, see, eg #9352 (review).
@TheBlueMatt Is there a mistake here? I know we use the fForceProcessing/fRequested in a couple ways but I believe this is correct – for instance the unusual use of it in compact block processing shouldn’t be an issue, because we don’t try to reconstruct compact blocks when our chain tip is far behind. Did I miss a case?
achow101
commented at 9:17 pm on October 8, 2017:
member
Concept ACK
promag
commented at 1:01 am on October 10, 2017:
member
TheBlueMatt
commented at 11:07 pm on October 19, 2017:
member
@sdaftuar Indeed. You were right, I was confused, but this does leave the logic being added here super brittle to future changes. For those following along at home, the reason compact blocks always passing fRequested as true doesn’t break this is that it does a CanDirectFetch first, which only looks at the timestamp of our chainActive.Tip(). Thus, this logic would be broken if there were any way for an attacker to cheaply feed us a single best-chain block which had a timestamp close to today, though there should be no way to do so as other ways to get the block onto disk (and, thus, to become our chainActive.Tip()) without meeting the nMinimumChainWork test in FindNextBlocksToDownload. This anti-DoS-logic-stradling-validation-and-net_processing stuff irritates me endlessly, but I think this is fine for now (and should likely be backported in 0.15.0.2 if we do one as a part of #11531).
utACK (didn’t review test changes, which will conflict with #11531) f0940e462cb435f10ef6f052dae609655202f245
TheBlueMatt
commented at 11:34 pm on October 19, 2017:
member
Also, maybe add a comment about the CanDirectFetch stuff somewhere.
Don't process unrequested, low-work blocks
A peer could try to waste our resources by sending us unrequested blocks with
low work, eg to fill up our disk. Since
e2652002b6011f793185d473f87f1730c625593b we no longer request blocks until we
know we're on a chain with more than nMinimumChainWork (our anti-DoS
threshold), but we would still process unrequested blocks that had more work
than our tip. This commit fixes that behavior.
ce8cd7a7da
qa: add test for minchainwork use in acceptblock08fd822771
sdaftuar force-pushed
on Oct 20, 2017
sdaftuar
commented at 0:39 am on October 20, 2017:
member
Needed a rebase due to a conflict in the test.
Add comment explaining forced processing of compact blocks01b52cedd4
sdaftuar
commented at 0:59 am on October 20, 2017:
member
@TheBlueMatt I added a comment.
@promag Thanks for the patch and for the review, but I (slightly) prefer the code that I’ve presented already. Skipping the call to AcceptBlockHeader doesn’t do much in the adversarial case (which is the only case we’re concerned about here), because an attacker would just separately deliver the header which we would process and store. And it seems clearer to me to just put this in the same block with the other checks we do when a block is not requested.
promag
commented at 8:45 am on October 20, 2017:
member
utACK01b52ce.
Nit, I would squash the test with the commit adding the feature.
sipa
commented at 11:03 am on October 20, 2017:
member
utACK01b52cedd42f50a93b40981c91af7c12de6e45ce
TheBlueMatt
commented at 5:25 pm on October 20, 2017:
member
utACK01b52cedd42f50a93b40981c91af7c12de6e45ce, didnt review the test parts.
laanwj merged this
on Oct 21, 2017
laanwj closed this
on Oct 21, 2017
laanwj referenced this in commit
c0e5139413
on Oct 21, 2017
laanwj referenced this in commit
cffa5ee132
on Nov 1, 2017
MarcoFalke added the label
Needs backport
on Nov 1, 2017
TheBlueMatt
commented at 2:44 pm on November 1, 2017:
member
Needs backport (#11531 depends on this somewhat indirectly)
MarcoFalke added this to the milestone 0.15.0.2
on Nov 1, 2017
MarcoFalke referenced this in commit
07502603c0
on Nov 1, 2017
MarcoFalke referenced this in commit
6c8e2471b6
on Nov 1, 2017
MarcoFalke referenced this in commit
691c73379f
on Nov 1, 2017
MarcoFalke referenced this in commit
347c74b9ea
on Nov 1, 2017
MarcoFalke referenced this in commit
d20508f84a
on Nov 1, 2017
MarcoFalke referenced this in commit
1aa6f8807a
on Nov 1, 2017
MarcoFalke referenced this in commit
2ff59ef99b
on Nov 1, 2017
MarcoFalke referenced this in commit
4a9621dac9
on Nov 1, 2017
MarcoFalke referenced this in commit
d98815e64e
on Nov 1, 2017
MarcoFalke referenced this in commit
5fa26f0a5b
on Nov 1, 2017
MarcoFalke referenced this in commit
b40f5924f3
on Nov 1, 2017
MarcoFalke referenced this in commit
69cb6e10ce
on Nov 1, 2017
MarcoFalke removed the label
Needs backport
on Nov 1, 2017
MarcoFalke referenced this in commit
3acec38781
on Nov 2, 2017
MarcoFalke referenced this in commit
2df65eeb98
on Nov 2, 2017
MarcoFalke referenced this in commit
ffb6ea4e5e
on Nov 2, 2017
codablock referenced this in commit
e820f396aa
on Sep 26, 2019
codablock referenced this in commit
b246b58720
on Sep 26, 2019
codablock referenced this in commit
35d60de2b5
on Sep 29, 2019
codablock referenced this in commit
7d21a78fa1
on Sep 29, 2019
barrystyle referenced this in commit
e07add8dd8
on Jan 22, 2020
barrystyle referenced this in commit
95b0dcef19
on Jan 22, 2020
This is a metadata mirror of the GitHub repository
bitcoin/bitcoin.
This site is not affiliated with GitHub.
Content is generated from a GitHub metadata backup.
generated: 2024-12-18 21:12 UTC
This site is hosted by @0xB10C More mirrored repositories can be found on mirror.b10c.me