Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CreateCommitment could be expensive for CheckTx #6

Closed
mpoke opened this issue Aug 19, 2022 · 8 comments
Closed

CreateCommitment could be expensive for CheckTx #6

mpoke opened this issue Aug 19, 2022 · 8 comments
Labels
payment Payment module in celestia-app

Comments

@mpoke
Copy link
Collaborator

mpoke commented Aug 19, 2022

Cf. https://docs.cosmos.network/v0.45/basics/tx-lifecycle.html#guideline

Gas is not charged when ValidateBasic is executed

This means that an attacker could DOS the system by sending invalid MsgWirePayForDatas (that fail the check here). The ValidateBasic of each msg of type MsgWirePayForData contains a call to CreateCommitment for every commit in msg.MessageShareCommitment. Every call to CreateCommitment entails computing multiple hashes (see here).
@mpoke mpoke added the payment Payment module in celestia-app label Aug 19, 2022
@evan-forbes evan-forbes mentioned this issue Aug 26, 2022
Merged
@evan-forbes evan-forbes mentioned this issue Sep 29, 2022
Closed
@mpoke
Copy link
Collaborator Author

mpoke commented Oct 10, 2022

A few comments regarding celestiaorg/celestia-app#666

  • ValidateAllSquareSizesCommitedTo is invoked after invoking CreateCommitment for each MessageShareCommitment. IMO, ValidateAllSquareSizesCommitedTo is the cheaper check.
  • The check on this line is redundant as it's done here.
  • IIUC from ValidateAllSquareSizesCommitedTo, the expectation is that the users have access to both MinSquareSize and MaxSquareSize, and they MUST submit MsgWirePayForData with a MessageShareCommitment for each possible square size. Is that right?

@adlerjohn
Copy link
Collaborator

the expectation is that the users have access to both MinSquareSize and MaxSquareSize, and they MUST submit MsgWirePayForData with a MessageShareCommitment for each possible square size. Is that right?

If by "possible" you mean that the data will fit in the square, then yes. This means square sizes that are too small or too large aren't included.

@mpoke
Copy link
Collaborator Author

mpoke commented Oct 10, 2022

It also means that MsgWirePayForData transactions that don't have MessageShareCommitments for all possible square sizes (i.e., 1, 2, 4, 8, 16, 32, 64, and 128) will be rejected. Right?

@adlerjohn
Copy link
Collaborator

No, it will only be rejected if it doesn't have all valid and non-redundant square sizes. If a data blob is 16 shares, then only commitments for sizes[4, 8, 16] are needed.

@mpoke
Copy link
Collaborator Author

mpoke commented Oct 10, 2022

IIUC, for a message that fits in 16 shares (i.e., MsgSharesUsed(msgSize int) returns 16), the AllSquareSizes method returns [8, 16, 32, 64, 128]. This must match the SquareSize of the MessageShareCommitments (cf. https://github.com/celestiaorg/celestia-app/blob/e088d61fcb6579b4bc797deefd2ceff7601aa079/x/payment/types/wirepayfordata.go#L152).

@adlerjohn
Copy link
Collaborator

adlerjohn commented Oct 10, 2022
edited
Loading

Then that's either a bug in AllSquareSizes, or a bug in how it's used. If a data blob fits on a single row, then all greater square sizes would have the same commitment and so aren't needed.

@rootulp
Copy link
Contributor

rootulp commented Oct 10, 2022

Related: celestiaorg/celestia-app#236 which hasn't been implemented yet

@rootulp rootulp mentioned this issue Oct 10, 2022
Merged
rootulp added a commit to celestiaorg/celestia-app that referenced this issue Oct 11, 2022
@rootulp
chore: remove redundant check (#854)
b1a02ba 
The check on this
[line](https://github.com/celestiaorg/celestia-app/blob/e088d61fcb6579b4bc797deefd2ceff7601aa079/x/payment/types/wirepayfordata.go#L148)
is redundant as it's done
[here](https://github.com/celestiaorg/celestia-app/blob/e088d61fcb6579b4bc797deefd2ceff7601aa079/x/payment/types/wirepayfordata.go#L160).

Originally discovered by @mpoke in
informalsystems/audit-celestia#6 (comment)
@rootulp
Copy link
Contributor

rootulp commented Nov 15, 2022

I think this attack is significantly less expensive after the adoption of square size independent message commitments because validating a MsgWirePayForBlob now only includes one CreateCommitment invocation.

Is it safe to close this issue?

rach-id pushed a commit to rach-id/celestia-app that referenced this issue Nov 16, 2022
@rootulp @rach-id
chore: remove redundant check (celestiaorg#854)
7f47307 
The check on this
[line](https://github.com/celestiaorg/celestia-app/blob/e088d61fcb6579b4bc797deefd2ceff7601aa079/x/payment/types/wirepayfordata.go#L148)
is redundant as it's done
[here](https://github.com/celestiaorg/celestia-app/blob/e088d61fcb6579b4bc797deefd2ceff7601aa079/x/payment/types/wirepayfordata.go#L160).

Originally discovered by @mpoke in
informalsystems/audit-celestia#6 (comment)
@rootulp rootulp closed this as not planned Won't fix, can't repro, duplicate, stale Nov 30, 2022
@rootulp rootulp mentioned this issue Nov 30, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
payment Payment module in celestia-app
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@adlerjohn @rootulp @mpoke