Comments (4)
@gakonst pointed out that only the transaction needs to incorporate the network_id
for replay prevention and support for multiple networks (similar to EIP155).
Thus, we propose the following architecture. Accounts will not include an is_testnet
boolean or network_id
byte. Instead, we update DPC as follows:
- The
inner_snark_gadget
adds as public input onenetwork_id
byte, and - The
Transaction
struct adds onenetwork_id
byte, which miners will use as public input to verify theinner_snark
proof.
For simplicity, we set the Aleo mainnet to ID 0
and the first Aleo testnet to ID 1
.
from snarkos.
@kobigurk proposed using an integer instead of a boolean flag to differentiate mainnet from testnet accounts in order to allow support for multiple testnets.
In our architecture, to prevent replay attacks and support multiple testnets simultaneously, we can introduce one byte network_id
to the account private key, where the MSB is set to 0
if the account is a mainnet account, and 1
if the account is a testnet account. Thus, mainnets would occupy 0-127
and testnets would occupy 128-255
as their network_id
.
Then, the account public key would be produced as follows:
let commit_input = to_bytes![private_key.pk_sig, private_key.sk_prf, private_key.metadata, private_key.network_id]?;
let commitment = C::AccountCommitment::commit(parameters, &commit_input, &private_key.r_pk)?;
To prevent replay attacks across networks, we update DPC as follows:
- The
inner_snark_gadget
adds as public input onenetwork_id
byte, and - The
Transaction
struct adds onenetwork_id
byte, which miners will use as public input to verify theinner_snark
proof.
from snarkos.
from snarkos.
Since #129 is merged, should this be closed? @howardwu
from snarkos.
Related Issues (20)
- [Bug] Repeatedly sending GET or POST requests to any endpoint against the API port causes a crash wherein the node becomes unresponsive, stops printing to terminal, and the API times out HOT 4
- [Bug] Stopping the node would still sometimes leads to corrupted storage HOT 2
- Please add contributor HOT 1
- [Bug] Client nodes often fail to synchronize through CDN HOT 3
- [Bug] Transaction result not output to console on snarkos developer deploy command HOT 3
- [Bug] Prover mode can not connect to peers HOT 3
- [Feature] Allow nodes to keep a log of failed Tx for users to identify why their Tx failed
- [Bug] snarkOS sometimes would still corrupt the storage when syncing HOT 1
- [Bug] Sync module has racing condition on some checks HOT 12
- [Bug] Validator sign arbitrary nonce can lead to downgraded length of secure bit. HOT 1
- [Bug] BFT fails to increment the storage round when syncing and gets stuck at the old round HOT 5
- [Bug] Unthrottled worker ping allows denial of service attack
- [Bug] Updating validator committee every two rounds will cause leader manipulation and permanent chain state split HOT 21
- [Bug] Validators may produce different blocks in current AleoBFT implementation HOT 3
- [Feature] Order Transactions with same timestamp by moment of entry HOT 1
- [Bug] A malicious validator can broadcast certificate with `Transaction::Fee` and block the network HOT 3
- [Bug] BatchPropose with invalid transaction can halt the network HOT 3
- [Bug] error: unexpected argument '--beacon' found HOT 2
- [Bug] Failure to sync client node HOT 7
- [Proposal] snarkOS probably shouldn't count provers when trying to maintain peer connections HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from snarkos.