Alert fix #1729

pull gavinandresen wants to merge 2 commits into bitcoin:master from gavinandresen:alert_fix changing 2 files +42 −7
  1. gavinandresen commented at 2:51 PM on August 27, 2012: contributor

    These commits:

    1. prevents a possible DoS (make nodes waste CPU time checking alert signatures) attack (thanks to Sergio Lerner for finding/reporting)
    2. implement's theymos' suggestion of a non-overrideable alert message, to be used only in case the alert key is compromised.

    Both thoroughly tested by me in a testnet-in-a-box environment:

    Verified that nodes are disconnected/banned if they send too many invalid alerts. Verified that the alert system still works properly when sent valid alerts. Verified that nId=max alerts are ignored unless they match hard-coded values. Verified that nId=max alerts work properly if they do match.

  2. Alert system DoS prevention
    This fixes two alert system vulnerabilities found by
Sergio Lerner; you could send peers unlimited numbers
of invalid alert message to try to either fill up their
debug.log with messages and/or keep their CPU busy
checking signatures.

Fixed by disconnecting/banning peers if they send 10 or more
bad (invalid/expired/cancelled) alerts.
    d5a52d9b3e
  3. Special-case the last alert for alert-key-compromised case
    Hard-code a special nId=max int alert, to be broadcast if the
alert key is ever compromised. It applies to all versions, never
expires, cancels all previous alerts, and has a fixed message:
   URGENT: Alert key compromised, upgrade required

Variations are not allowed (ignored), so an attacker with
the private key cannot broadcast empty-message nId=max alerts.
    ea2fda46c3
  4. jgarzik commented at 3:49 PM on August 27, 2012: contributor

    ACK

  5. laanwj commented at 3:56 PM on August 27, 2012: member

    ACK

  6. in src/main.cpp:None in ea2fda46c3 
    2337 | +                nCancel == (maxInt-1) &&
2338 | +                nMinVer == 0 &&
2339 | +                nMaxVer == maxInt &&
2340 | +                setSubVer.empty() &&
2341 | +                nPriority == maxInt &&
2342 | +                strStatusBar == "URGENT: Alert key compromised, upgrade required"
    Diapolo commented at 4:02 PM on August 27, 2012:

    Could you add an "!" at the end of the message? Yes a nitpick ;-).

  7. gavinandresen merged this on Aug 27, 2012
  8. gavinandresen closed this on Aug 27, 2012
  9. owlhooter referenced this in commit 3e86c41be5 on Oct 10, 2018
  10. DrahtBot locked this on Sep 8, 2021
Contributors
gavinandresenjgarziklaanwjDiapolo

Milestone
0.7.0

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-02 15:16 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me