Enhance: spine blocks manifest and spine public keys validation process #627

iltoga · 2020-03-09T01:36:31Z

Description

As of now spine block manifests and spine public keys records that are downloaded together with spine blocks are not validated before being pushed, so in theory a misbehaving node could send a correct spine block with a modified version of block manifest and make new nodes download its version of the snapshot referred by it.

Breakdown

Add general validation of spine block manifest and spine public keys in blockSpineService.ValidateBlock (there is already a TODO for that)

Expected behavior

Before pushing a block, all block attached data (spine block manifests and spine public keys) should be validated against the block's payload hash to make sure they have not been tampered by the sending node

Diagram

iltoga added the ENHANCE label Mar 9, 2020

iltoga self-assigned this Mar 9, 2020

iltoga changed the title ~~Enhance: spine blocks manifest validation process~~ Enhance: spine blocks manifest and spine public keys validation process Mar 9, 2020

iltoga mentioned this issue Mar 9, 2020

Spine block manifest and spine public keys validation when downloading blocks from peers #631

Merged

2 tasks

astaphobia closed this as completed in #631 Mar 10, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enhance: spine blocks manifest and spine public keys validation process #627

Enhance: spine blocks manifest and spine public keys validation process #627

iltoga commented Mar 9, 2020 •

edited

Loading

Enhance: spine blocks manifest and spine public keys validation process #627

Enhance: spine blocks manifest and spine public keys validation process #627

Comments

iltoga commented Mar 9, 2020 • edited Loading

Description

Breakdown

Expected behavior

Diagram

iltoga commented Mar 9, 2020 •

edited

Loading