Fix reserve-proof replay and raw-extrinsic sender off-by-one#129
Open
wmagev wants to merge 2 commits intoentrius:testfrom
Open
Fix reserve-proof replay and raw-extrinsic sender off-by-one#129wmagev wants to merge 2 commits intoentrius:testfrom
wmagev wants to merge 2 commits intoentrius:testfrom
Conversation
Two proof-handling bugs on the reservation / transfer-verification path.
Reserve proof was signed over `allways-reserve:{from_address}:{block_anchor}`
with no check that `block_anchor` is close to the validator's current block
and no binding to miner_hotkey, chain direction, or amounts. An attacker who
observes one valid proof could replay it against any miner, in any direction,
for any amount; each expiry strikes the victim's address with a doubling
cooldown and locks them out after a few replays.
- Add RESERVE_PROOF_MAX_AGE_BLOCKS freshness check against validator.block.
- Expand the signed message to bind miner_hotkey, from_chain, to_chain,
tao_amount, from_amount, to_amount, block_anchor. Tag `v2` so pre-fix
proofs stop verifying.
- Move the format into a shared `build_reserve_proof_message` helper so the
CLI signer and validator verifier share one source of truth.
parse_raw_extrinsic in SubtensorProvider read `body[1:33]` to extract the
sender, which captured the MultiAddress variant byte plus only 31 of the
32 AccountId bytes - every raw-parsed block produced a garbage SS58.
Raw-parse is the fallback path for pruned/archival nodes; when it runs,
expected-sender checks false-reject legitimate TAO swaps.
- Read `body[2:34]` after asserting the MultiAddress variant is Id (0x00);
reject Index/Raw/Address{20,32} which the rest of the parser does not
support.
CLI and validator must be upgraded together - old CLI against new validator
will receive "Invalid source address proof" on every reservation.
wmagev
force-pushed
the
fix/proof-handling-bugs
branch
from
dc8c352 to
8cc292f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Two proof-handling bugs on the reservation / transfer-verification path.
Reserve proof was signed over
allways-reserve:{from_address}:{block_anchor}with no check thatblock_anchoris close to the validator's current block and no binding to miner_hotkey, chain direction, or amounts. An attacker who observes one valid proof could replay it against any miner, in any direction, for any amount; each expiry strikes the victim's address with a doubling cooldown and locks them out after a few replays.v2so pre-fix proofs stop verifying.build_reserve_proof_messagehelper so the CLI signer and validator verifier share one source of truth.parse_raw_extrinsic in SubtensorProvider read
body[1:33]to extract the sender, which captured the MultiAddress variant byte plus only 31 of the 32 AccountId bytes - every raw-parsed block produced a garbage SS58. Raw-parse is the fallback path for pruned/archival nodes; when it runs, expected-sender checks false-reject legitimate TAO swaps.body[2:34]after asserting the MultiAddress variant is Id (0x00); reject Index/Raw/Address{20,32} which the rest of the parser does not support.CLI and validator must be upgraded together - old CLI against new validator will receive "Invalid source address proof" on every reservation.
Fixes #128