Summary
Currently the threshold for PrepareRequest is 10 minutes, if a malicious CN propuse a block that come from the near future (10 minutes more), it will be accepted. Next blocks will be proposed by the others trusted CN from the future too
|
Block.Timestamp = Math.Max(TimeProvider.Current.UtcNow.ToTimestampMS(), PrevHeader.Timestamp + 1); |
So next round, this malicious CN could propose another block, and step by step move the chain to the future
For 7 CN this should be the scenario (CN1 malicious one):
First round:
- CN-1 (Real Time 00:00:00 , BlockTime 00:10:00)
- CN-2 (Real Time 00:00:15 , BlockTime 00:10:01)
- CN-3 (Real Time 00:00:30 , BlockTime 00:10:02)
- CN-4 (Real Time 00:00:45 , BlockTime 00:10:03)
- CN-5 (Real Time 00:01:00 , BlockTime 00:10:04)
- CN-6 (Real Time 00:01:15 , BlockTime 00:10:05)
- CN-7 (Real Time 00:01:30 , BlockTime 00:10:06)
Second round
- CN-1 (Real Time 00:01:45 , BlockTime 00:20:06)
Do you have any solution you want to propose?
Reduce the threshold to 1 or 2 minutes.
Where in the software does this update applies to?
Summary
Currently the threshold for PrepareRequest is 10 minutes, if a malicious CN propuse a block that come from the near future (10 minutes more), it will be accepted. Next blocks will be proposed by the others trusted CN from the future too
neo/neo/Consensus/ConsensusContext.cs
Line 286 in f1d6434
So next round, this malicious CN could propose another block, and step by step move the chain to the future
For 7 CN this should be the scenario (CN1 malicious one):
First round:
Second round
Do you have any solution you want to propose?
Reduce the threshold to 1 or 2 minutes.
Where in the software does this update applies to?