Code:
block.payloadHash = digest.digest();
// ???
block.generationSignature = Crypto.sign(Block.getLastBlock().generationSignature, secretPhrase);
Flaw: Blocks can be mutated after the fact, by the account which generated the block.
Topic: Nxt source code flaw reports - page 6. (Read 113312 times)
The block hash is excluded from generation signature.
Flaw: Blocks can be mutated after the fact, by the account which generated the block.
Flaw: Blocks can be mutated after the fact, by the account which generated the block.
The block payload hash and generation signature excluded from the block signature.
These bytes shouldn't be excluded from the generation signature or the block signature.
The code above, surrounding code, and relevant code in verifyBlockSignature() and verifyGenerationSignature() is fatally flawed.
Code:
byte[] data = block.getBytes();
byte[] data2 = new byte[data.length - 64];
System.arraycopy(data, 0, data2, 0, data2.length);
block.blockSignature = Crypto.sign(data2, secretPhrase);
These bytes shouldn't be excluded from the generation signature or the block signature.
The code above, surrounding code, and relevant code in verifyBlockSignature() and verifyGenerationSignature() is fatally flawed.
No, only placeholder for block signature is excluded.
The block payload hash and generation signature excluded from the block signature.
These bytes shouldn't be excluded from the generation signature or the block signature.
The code above, surrounding code, and relevant code in verifyBlockSignature() and verifyGenerationSignature() is fatally flawed.
Code:
byte[] data = block.getBytes();
byte[] data2 = new byte[data.length - 64];
System.arraycopy(data, 0, data2, 0, data2.length);
block.blockSignature = Crypto.sign(data2, secretPhrase);
These bytes shouldn't be excluded from the generation signature or the block signature.
The code above, surrounding code, and relevant code in verifyBlockSignature() and verifyGenerationSignature() is fatally flawed.
Critical flaw description:
SHA256-hash:
Code:
Only 64 bits of the previous block hash are used. This gives ability to inject blocks with another set of transactions.
SHA256-hash:
Code:
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530
You are telling me BCNxt solved tx malleability?
No. But malleability is not a problem for Nxt, it can be easily solved by any Java coder.
Is this bug going to be fixed in Nxt?
Right now Nxt uses Java long (64 bits) to encode the previous block hash.
Because it can't be fixed for Nxt without destroying the entire block chain.
Let it crash & burn!
Critical flaw description:
SHA256-hash:
Code:
Only 64 bits of the previous block hash are used. This gives ability to inject blocks with another set of transactions.
SHA256-hash:
Code:
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530
You are telling me BCNxt solved tx malleability?
No. But malleability is not a problem for Nxt, it can be easily solved by any Java coder.
Is this bug going to be fixed in Nxt?
Right now Nxt uses Java long (64 bits) to encode the previous block hash.
Because it can't be fixed for Nxt without destroying the entire block chain.
Critical flaw description:
SHA256-hash:
Code:
Only 64 bits of the previous block hash are used. This gives ability to inject blocks with another set of transactions.
SHA256-hash:
Code:
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530
You are telling me BCNxt solved tx malleability?
No. But malleability is not a problem for Nxt, it can be easily solved by any Java coder.
Is this bug going to be fixed in Nxt?
Right now Nxt uses Java long (64 bits) to encode the previous block hash.
Critical flaw description:
SHA256-hash:
Code:
Only 64 bits of the previous block hash are used. This gives ability to inject blocks with another set of transactions.
SHA256-hash:
Code:
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530
You are telling me BCNxt solved tx malleability?
No. But malleability is not a problem for Nxt, it can be easily solved by any Java coder.
Is this bug going to be fixed in Nxt?
Right now Nxt uses Java long (64 bits) to encode the previous block hash.
Critical flaw description:
SHA256-hash:
Code:
Only 64 bits of the previous block hash are used. This gives ability to inject blocks with another set of transactions.
SHA256-hash:
Code:
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530
You are telling me BCNxt solved tx malleability?
No. But malleability is not a problem for Nxt, it can be easily solved by any Java coder.
Critical flaw description:
SHA256-hash:
Code:
Only 64 bits of the previous block hash are used. This gives ability to inject blocks with another set of transactions.
SHA256-hash:
Code:
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530
You are telling me BCNxt solved tx malleability?
TY very much, smaragda
Hello,
I see that two of the bounties have already been claimed, is it possible to know which flaws where without having to read all the thread?
Thanks
I see that two of the bounties have already been claimed, is it possible to know which flaws where without having to read all the thread?
Thanks
Just as a random gander because it seems too simple ... The fatal flaw couldn't be that the genesis block is hardcoded into the source? Right?
That is, I say the fatal flaw is that the NXT genesis block is hardcoded into the source, so copycoins could theoretically connect to a nxt node and think the next legit block is that second block in the NXT chain, and then end up trying to download the entire Nxt chain instead of starting a new one for a separate coin.
I think the chance is slim that this is the correct answer, but hey, just in case it really is that simple.
That is, I say the fatal flaw is that the NXT genesis block is hardcoded into the source, so copycoins could theoretically connect to a nxt node and think the next legit block is that second block in the NXT chain, and then end up trying to download the entire Nxt chain instead of starting a new one for a separate coin.
I think the chance is slim that this is the correct answer, but hey, just in case it really is that simple.
No, a copycoin won't download Nxt blockchain if it has another genesis.
Just as a random gander because it seems too simple ... The fatal flaw couldn't be that the genesis block is hardcoded into the source? Right?
That is, I say the fatal flaw is that the NXT genesis block is hardcoded into the source, so copycoins could theoretically connect to a nxt node and think the next legit block is that second block in the NXT chain, and then end up trying to download the entire Nxt chain instead of starting a new one for a separate coin.
I think the chance is slim that this is the correct answer, but hey, just in case it really is that simple.
That is, I say the fatal flaw is that the NXT genesis block is hardcoded into the source, so copycoins could theoretically connect to a nxt node and think the next legit block is that second block in the NXT chain, and then end up trying to download the entire Nxt chain instead of starting a new one for a separate coin.
I think the chance is slim that this is the correct answer, but hey, just in case it really is that simple.
Nice.
I am busy coding other stuff at the moment.
Come on, guys. Find the flaw!
Jeeps ... only took me 8 days to finally get to the end of this thread, kudos to the many more experienced java coders than me that trudged through that beast of a file.
Even so it seems that the fatal flaw has not been found, I might not be able to get in much time to really tear into the logic in the code, with recent snow days I had a little time to delve into it, but I'll try in what time I can find anyhow.
Smaragda, gimre, ricot, ImmortAlex, doctorevil et al. (sorry if I forgot all your names >_<) awesome stuff!
Also curious as to why this thread has been silent for days... O.o
Even so it seems that the fatal flaw has not been found, I might not be able to get in much time to really tear into the logic in the code, with recent snow days I had a little time to delve into it, but I'll try in what time I can find anyhow.
Smaragda, gimre, ricot, ImmortAlex, doctorevil et al. (sorry if I forgot all your names >_<) awesome stuff!
Also curious as to why this thread has been silent for days... O.o
Indeed, he got a bounty of 10 btc though. The priority whos getting bountys or not isnt the most logical one. This was a HUGE bug and deserved a lot more attention. Instead they arguing about who getting a part of the 10M nxt and they can give some guy 250k for client. The priorites arent clear. There does not seem to exist any form of true leadership or core team. End of discussion.
"If we have nothing else to do, we can always vote on something."
Regards
j0b
As far as I know, there was no reward at all, but c-f-b decided to reward him 10 BTC anyways. Plus, there is still the 100k bounty for the the fatal flaw...
Indeed, he got a bounty of 10 btc though. The priority whos getting bountys or not isnt the most logical one. This was a HUGE bug and deserved a lot more attention. Instead they arguing about who getting a part of the 10M nxt and they can give some guy 250k for client. The priorites arent clear. There does not seem to exist any form of true leadership or core team. End of discussion.
"If we have nothing else to do, we can always vote on something."
Regards
j0b
Jump to: