checklist of 3.6.0 PRs that will cause FORK

[vang1ong7ang]

hope all the FORK points can be resolved before the upgrade

• Native: store ID->hash mapping for native contracts too #2833 : ContractManagement.GetContractById ContractManagement.GetContractHashes
• Optimize vote reward data #2841 : NeoToken.UnclaimedGAS NeoToken.GetAccountState
• Add zkp - Groth16 #2691 : CryptoLib.Bls12381Deserialize
• SmartContract: add FindOptions.Backwards to iterate in reverse order #2819 : to be confirmed
• fix trusts conflicts #2892 : to be confirmed

by submitting a transaction with script FORKTRIGGER(); NEO.transfer(self, victim, amount) inside when v3.5.0, the attacker will get his money back when v3.6.0.

ALL the PRs listed above should not be blamed, since looking at these pull requests individually, there is no problem with their implementation. while in the context of upgrading from v3.5.0, more historical baggage is introduced. maintainers should create a new PR to handle all possible fork points to ensure mainnet state consistency.

I'm fine if the final decision is to ignore the fork risks and proceed to upgrade to v3.6.0. we will still try to monitor, warn and prevent possible forks as much as possible to keep the mainnet safe though I don't think we should let the mainnet take the risk.

hardfork PRs should learn from #2810

if (!IsHardforkEnabled(Hardfork.HF_Basilisk))
{
    RuntimeNotifyV1(eventName, state);
    return;
}

[dusmart]

(Optional) Additional context

• there is a version-control method for native contract upgrade
• there is also a hard-fork tag for upgrade

Based on NEO's current situation, I also understand you if the final decision is to ignore the fork risks and proceed to upgrade to v3.6.0.

[roman-khimov]

#2849 shouldn't be an issue, its behavior is controlled via the hardfork (see #2881). But I agree that many other can be problematic. Unfortunately, we have an unwritten convention of relying on resyncs (at least since #2560) and to be fair it even works most of the time. Anyway, using proper upgrade mechanisms would make Neo a much better place, especially since we have them (both native activations and hardforks, but likely HFs are easier to use and can cover any situation).

[roman-khimov]

I'll also add that the scenario of "submitting a transaction with script FORKTRIGGER(); NEO.transfer(self, victim, amount) inside when v3.5.0, the attacker will get his money back when v3.6.0." is not always possible. If some PR is only adding some new native contract API then any attempt to call it will make transaction FAIL miserably. This means that after the upgrade it can do something instead of failing, but it's a bit harder to leverage that (not impossible though).

[dusmart]

I'll also add that the scenario of "submitting a transaction with script FORKTRIGGER(); NEO.transfer(self, victim, amount) inside when v3.5.0, the attacker will get his money back when v3.6.0." is not always possible.

They are basically the same. You can send a transaction first, and then use the second to check it's state in FORKTRIGGER().

Any change including add, delete and modify should all be treated seriously.

[vang1ong7ang]

I'll also add that the scenario of "submitting a transaction with script FORKTRIGGER(); NEO.transfer(self, victim, amount) inside when v3.5.0, the attacker will get his money back when v3.6.0." is not always possible. If some PR is only adding some new native contract API then any attempt to call it will make transaction FAIL miserably. This means that after the upgrade it can do something instead of failing, but it's a bit harder to leverage that (not impossible though).

it's not right.

by calling Ledger.GetTransactionState, the attackers can still succeed.

[dusmart]

by calling Ledger.GetTransactionState, the attackers can still succeed.

I also figure out a new method to do the same if there is no such a native contract. If one tx in 3.5.0 will fail, you can add GAS.burn(GAS.balance(sender)) in it. And then send a second tx that will cost some GAS. When it comes to 3.6.0, the second will be an invalid tx and stuck the upgrade process.

[vncoelho]

In fact, @igormcoelho and I have been in favor of not changing tx state after any modification.

That was the reason we created that simple plugin on neo-modules for neo2x and it is still used nowdays.

We need to preserve states, MPT or Graphs are mostly for this purpose of having a solid compact state representation.

A fork tag can change the behavior just for the next events. I do not see much options instead of a general tag and ensurance of past states.
As we have observed in other protocols, we do not need witness itself, we just need the result of that verification at that time. And, for sure, that should never change.

[vncoelho]

My suggestion is to:

• Abolish resync during upgrades.

  • We need continous compatibility;

• Create a general fork tag.

  • include client version on local storage in a way that in case of resync we can use exactly the version used at the time of data creation.

Surely there could be options to flexibilize that, maybe we have a patch that makes sync faster and it is compatible.

[dusmart]

• Abolish resync during upgrades.

Actually there are some PRs rely on resync heavily. The PR for optimizing the vote reward data requires a full resync to help future reward calculating.

My advice is to drop these PRs from 3.6.0 if we need continuous compatibility. For #2841, there are only about 4GB data for a normal node. I don't see any significant reason to do it and make the upgrade risky. If you have ever run a ethereum node or some others, you will know NEO is far more better on that.

[Jim8y]

What resync actually means? Reexecution or re-downloading everything?@dusmart

[dusmart]

What resync actually means? Reexecution or re-downloading everything?@dusmart

I mean re-creating the previous state here based on whatever makes it happen. It makes the MTP useless on checking whether the upgrade is abused or not.

[vncoelho]

I fully agree @dusmart.
That enters in the case when full resync is just recommended if there is a relevant improvement on the sync process and data.
4GB is not really relevant now.

[dusmart]

BTW, Vang has done a POC that makes it even harder to identify whether a TX abuses the upgrade or not. I believe advanced patten matching could also fail here if you've seen that OpCodes.

If the previous state is kept, then a simple MTP state root check will be very helpful for identifying it.

[vncoelho]

BTW, Vang has done a POC that makes it even harder to identify whether a TX abuses the upgrade or not. I believe advanced patten matching could also fail here if you've seen that OpCodes.

If the previous state is kept, then a simple MTP state root check will be very helpful for identifying it.

This guy has no limits...ahahaha

The state preservation is the correct way to go.
For now, revert those that require resync if they are not critical or with a considerable relevance to optimization.

I can push these PRs next week if you want, but I think you guys from NGD are more expert on that, count on us for support and review in any case.