Skip to content

BEP-402: Complete Missing Fields in Block Header to Generate Signature#402

Merged
brilliant-lx merged 4 commits intobnb-chain:masterfrom
buddh0:complete_missing_fields_for_signature
Jul 3, 2024
Merged

BEP-402: Complete Missing Fields in Block Header to Generate Signature#402
brilliant-lx merged 4 commits intobnb-chain:masterfrom
buddh0:complete_missing_fields_for_signature

Conversation

@buddh0
Copy link
Copy Markdown
Contributor

@buddh0 buddh0 commented Jun 28, 2024
edited
Loading 

  BEP: 402
  Title: Complete Missing Fields in Block Header to Generate Signature
  Status: Candidate
  Type: Standards
  Created: 2024-06-28

BEP-402: Complete Missing Fields in Block Header to Generate Signature

1. Summary

Since the London upgrade on the BSC chain, 5 new fields have been added to the block header, but these fields are not used when generating the block signature. As a result, users cannot guarantee that these new fields have not been tampered with after only verifying the signature. This BEP aims to address this issue.

2. Motivation

After a block producer mines a block, they first encode all fields in the block header along with the chainId, then sign it, and place the signature in the block header before broadcasting it. The receiver only needs to extract the signature and verify it to confirm whether the block has been tampered with.

The BSC client, when signing the block header, omitted the 5 new fields. In most scenarios, this does not cause security issues, as the receiver will strictly validate these fields upon receiving the block. However, to adhere to best practices in blockchain and further enhance security, this BEP proposes to include these 5 new fields when generating the signature.

3. Status

This BEP is in progress.

4. Specification

4-1

4.1 Define ParentBeaconRoot

The ParentBeaconRoot is unnecessary for BSC and is retained for compatibility with Ethereum APIs. The value of this field will be changed from nil to zero hash, allowing the encoding stage for signing and verification to be based solely on the values of the fields in the header, independent of hard fork timing. Following Geth, the zero hash will be used as a placeholder.

header.ParentBeaconRoot = new(Hash)

4.2 Encode Before Signing

The encoding logic will be determined based on whether header.ParentBeaconRoot is a zero hash.

if header.ParentBeaconRoot != nil && *header.ParentBeaconRoot == Hash{} {
    encoding = rlp([chainId,
        header.ParentHash,
        header.UncleHash,
        header.Coinbase,
        header.Root,
        header.TxHash,
        header.ReceiptHash,
        header.Bloom,
        header.Difficulty,
        header.Number,
        header.GasLimit,
        header.GasUsed,
        header.Time,
        // signature will be put at the end of header.Extra, exclude it 
        header.Extra[:len(header.Extra)-len(signature)],
        header.MixDigest,
        header.Nonce,
        header.BaseFee,
        header.WithdrawalsHash,
        header.BlobGasUsed,
        header.ExcessBlobGas,
        header.ParentBeaconRoot,
    ])
} else {
    encoding = rlp([chainId,
        header.ParentHash,
        header.UncleHash,
        header.Coinbase,
        header.Root,
        header.TxHash,
        header.ReceiptHash,
        header.Bloom,
        header.Difficulty,
        header.Number,
        header.GasLimit,
        header.GasUsed,
        header.Time,
        // signature will be put at the end of header.Extra, exclude it 
        header.Extra[:len(header.Extra)-len(signature)],
        header.MixDigest,
        header.Nonce,
    ])
}

5. Backwards Compatibility

There are no known backward compatibility issues.

6. License

The content is licensed under CC0

@buddh0 buddh0 changed the title Complete the missing fields in the Block Header to generate the Signature BEP-402: Complete missing fields in Block Header to generate Signature Jun 28, 2024
@NathanBSC NathanBSC marked this pull request as draft July 1, 2024 03:32
@NathanBSC NathanBSC changed the title BEP-402: Complete missing fields in Block Header to generate Signature BEP-402: Complete Missing Fields in Block Header to Generate Signature Jul 2, 2024
@buddh0 buddh0 marked this pull request as ready for review July 2, 2024 10:32
@buddh0 buddh0 mentioned this pull request Jul 2, 2024
Merged
emailtovamos
emailtovamos reviewed Jul 2, 2024
View reviewed changes
BEPs/BEP-402.md
## 2. Motivation
After a block producer mines a block, they first encode all fields in the block header along with the chainId, then sign it, and place the signature in the block header before broadcasting it. The receiver only needs to extract the signature and verify it to confirm whether the block has been tampered with.

The BSC client, when signing the block header, omitted the 5 new fields. In most scenarios, this does not cause security issues, as the receiver will strictly validate these fields upon receiving the block. However, to adhere to best practices in blockchain and further enhance security, this BEP proposes to include these 5 new fields when generating the signature.
Copy link
Copy Markdown
Contributor

@emailtovamos emailtovamos Jul 2, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any scenario at all where security might be an issue currently? If not then the following sentence from summary doesn't hold true for bsc.
As a result, users cannot guarantee that these new fields have not been tampered with after verifying the signature.

Copy link
Copy Markdown
Contributor Author

@buddh0 buddh0 Jul 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any scenario at all where security might be an issue currently? If not then the following sentence from summary doesn't hold true for bsc. As a result, users cannot guarantee that these new fields have not been tampered with after verifying the signature.

the scenario: verifying the signature but not verify the fields in Header

after verifying the signature.
-->
after only verifying the signature.

MatusKysel
MatusKysel previously approved these changes Jul 2, 2024
View reviewed changes
@brilliant-lx brilliant-lx merged commit 1390735 into bnb-chain:master Jul 3, 2024
@yutianwu yutianwu mentioned this pull request Jul 29, 2024
Merged
galaio pushed a commit to galaio/BEPs that referenced this pull request Nov 1, 2024
@buddh0 @galaio
BEP-402: Complete Missing Fields in Block Header to Generate Signature (
08ecc44 
bnb-chain#402)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zzzckck zzzckck zzzckck approved these changes

+4 more reviewers

@emailtovamos emailtovamos emailtovamos left review comments

@monkeydluffyto monkeydluffyto monkeydluffyto approved these changes

@Gabo139 Gabo139 Gabo139 approved these changes

@MatusKysel MatusKysel MatusKysel left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@buddh0 @MatusKysel @emailtovamos @monkeydluffyto @zzzckck @Gabo139 @brilliant-lx