Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Signers can crash each other with invalid DkgPrivateShares #1162

Open
1 task
djordon opened this issue Dec 18, 2024 · 0 comments
Open
1 task

[Bug]: Signers can crash each other with invalid DkgPrivateShares #1162

djordon opened this issue Dec 18, 2024 · 0 comments
Assignees
@xoloki
Labels
bug Something isn't working sbtc signer binary The sBTC Bootstrap Signer. signer communication Communication across sBTC bootstrap signers.
Milestone
sBTC: Key rotation

Comments

@djordon
Copy link
Contributor

djordon commented Dec 18, 2024
edited
Loading

Bug - Signers can crash each other with invalid DkgPrivateShares

1. Description

This issue is that a malicious signer can cause other signers to panic by sending them empty DkgPrivateShares objects. This is a bug in WSTS and is tracked there by Trust-Machines/wsts#109.

1.1 Context & Purpose

A malicious signer can construct an empty (or nearly empty) DkgPrivateShares object and broadcast it to other signers. When they receive it they will crash, and their hopes and dreams will crash with it.

2. Technical Details:

The fix here will be on the WSTS side and it is here Trust-Machines/wsts#111. We still need to update the signer crate to use this version, so this ticket tracks that.

2.1 Acceptance Criteria:

  • A signer cannot crash other signers if they broadcast empty DkgPrivateShares.

3. Related Issues and Pull Requests (optional):

Trust-Machines/wsts#109
@djordon djordon added bug Something isn't working sbtc signer binary The sBTC Bootstrap Signer. signer communication Communication across sBTC bootstrap signers. labels Dec 18, 2024
@djordon djordon added this to the sBTC: Release polish milestone Dec 18, 2024
@djordon djordon added this to sBTC Dec 18, 2024
@github-project-automation github-project-automation bot moved this to Needs Triage in sBTC Dec 18, 2024
@djordon djordon changed the title [Bug]: Ensure signers cannot crash each other with invalid DkgPrivateShares [Bug]: Signers can crash each other with invalid DkgPrivateShares Dec 18, 2024
@djordon djordon moved this from Needs Triage to Todo in sBTC Dec 18, 2024
@djordon djordon moved this from Todo to In Progress in sBTC Dec 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xoloki xoloki

Labels
bug Something isn't working sbtc signer binary The sBTC Bootstrap Signer. signer communication Communication across sBTC bootstrap signers.
Projects
sBTC
Status: In Progress
Milestone
sBTC: Key rotation
Development

No branches or pull requests
2 participants
@xoloki @djordon