Author

Topic: Bug in Stratum Mining Software (Read 3603 times)

legendary
Activity: 4592
Merit: 1851
Linux since 1997 RedHat 4
June 19, 2015, 05:54:22 PM
#9
... this problem is due to using high level slow languages and treating data as strings rather than what they really are ...
newbie
Activity: 25
Merit: 0
June 14, 2015, 05:43:45 PM
#8
Does anyone know of actual pool that allows this duplicate share submission?

i dont thing that there is stupid enought pools that allow you to do that, why will they allow you to do that? they will loose money if they do that man...

edited: just to quote this, was a better reply than mine Tongue

There is no public disclosure here. You are talking about client software aren't you? No pool software is stupid enough to allow you to submit duplicates and get paid for them and there is plenty of free and open pool software code (mine included) to see. The pools will just rightly reject duplicates.

Just because it's stupid doesn't mean that there aren't people stupider than the reference client [or similar] programmers who allowed this bug to exist.  Looking at some of the big bugs in software throughout history (for example, gambling places allowing double spends, and ultimately going bankrupt because so many people double-spent their servers), it's pretty funny to see the major epic fails.
legendary
Activity: 1401
Merit: 1008
northern exposure
June 14, 2015, 06:32:39 AM
#7
Does anyone know of actual pool that allows this duplicate share submission?

i dont thing that there is stupid enought pools that allow you to do that, why will they allow you to do that? they will loose money if they do that man...

edited: just to quote this, was a better reply than mine Tongue

There is no public disclosure here. You are talking about client software aren't you? No pool software is stupid enough to allow you to submit duplicates and get paid for them and there is plenty of free and open pool software code (mine included) to see. The pools will just rightly reject duplicates.
newbie
Activity: 25
Merit: 0
June 12, 2015, 09:44:36 PM
#6
Does anyone know of actual pool that allows this duplicate share submission?
legendary
Activity: 938
Merit: 1001
June 08, 2015, 03:19:58 PM
#5
Thanks for fix.

Added it to my pool. It does seem to do the job.
-ck
legendary
Activity: 4088
Merit: 1631
Ruu \o/
March 24, 2015, 07:20:00 PM
#4
Nice. Fortunately there are alternatives.
newbie
Activity: 29
Merit: 0
March 24, 2015, 07:03:15 PM
#3
Hi

I'm talking about the server side of the stratum mining.

The bug is in the reference code itself (at least I would say it is the reference because it was the first one).

https://github.com/slush0/stratum-mining

Denis
-ck
legendary
Activity: 4088
Merit: 1631
Ruu \o/
March 24, 2015, 03:17:42 PM
#2
There is no public disclosure here. You are talking about client software aren't you? No pool software is stupid enough to allow you to submit duplicates and get paid for them and there is plenty of free and open pool software code (mine included) to see. The pools will just rightly reject duplicates.
newbie
Activity: 29
Merit: 0
March 24, 2015, 01:58:49 PM
#1
Hi

The Stratum Mining Software has a serious bug. It allows a Miner to send the same share several times without the duplicate check detecting it. With clever programming this can be more than 1000 shares that it should be in the worst case. Normally it is possible to get eight times the shares.

The problem is, that the duplicate check works with strings (nonce, extranonce...) and does check them case sensitive.
So the exploiter simply sends his values in all variations with small and big letters (because it is in hex)

example:

03:51:47.760512 IP 87.203.91.128.28348 > xxx.xxx.11.163.3333: Flags [P.], seq 535:1070, ack 216, win 64185, length 535
.m.g..h..P...kn..
{"id":913,"method":"mining.submit","params":["uphellper.5553", "424", "f5670100", "550cdcbf", "5d82727c"]}
{"id":913,"method":"mining.submit","params":["uphellper.5553", "424", "f5670100", "550cdcbf", "5d82727C"]}
{"id":913,"method":"mining.submit","params":["uphellper.5553", "424", "f5670100", "550cdcbf", "5D82727c"]}
{"id":913,"method":"mining.submit","params":["uphellper.5553", "424", "f5670100", "550cdcbf", "5D82727C"]}
{"id":913,"method":"mining.submit","params":["uphellper.5553", "424", "f5670100", "550cdcbF", "5d82727c"]}

03:51:47.859746 IP xxx.xxx.11.163.3333 > 87.203.91.128.28348: Flags [.], ack 1070, win 65535, length 0
.n..h..m.i.P........
03:51:47.951332 IP xxx.xxx.11.163.3333 > 87.203.91.128.28348: Flags [P.], seq 216:431, ack 1070, win 65535, length 215
.n..h..m.i.P....3..{"error": null, "id": 913, "result": true}
{"error": null, "id": 913, "result": true}
{"error": null, "id": 913, "result": true}
{"error": null, "id": 913, "result": true}
{"error": null, "id": 913, "result": true}

The diff for the fix looks like this:

file: stratum-mining/lib/template_registry.py

         # Check for duplicated submit
-        if not job.register_submit(extranonce1_bin, extranonce2, ntime, nonce):
+        if not job.register_submit(extranonce1_bin, extranonce2.lower(), ntime.lower(), nonce.lower()):
             log.info("Duplicate from %s, (%s %s %s %s)" % \

The fix may be not complete though.

I understand that the pool owners and especially slush (his pool seems to have this fixed) do not share their hard work.
But to not release this bugfix is not what the bitcoin community stands for.

If anyone appreciates this public disclosure you can show it here: 19c4bA6qHLjnWgYQmS9VuqwHuNT6jR5Atz

Denis, owner of the small but old pool btcmp.com

PS: the user which attacked my pool had the name "uphellper". Shame on You!
Jump to: