Validate the transaction merkle root and transaction uniqueness #1385
Assignees
Milestone
Comments
teor2345
added
C-bug
hdevalence
added a commit
that referenced
this issue
Nov 25, 2020
As a side effect of computing Merkle roots, we build a list of transaction hashes. Instead of discarding these, add them to PreparedBlock and FinalizedBlock so that they can be reused rather than recomputed. This commit adds Merkle root validation to: 1. the block verifier; 2. the checkpoint verifier. In the first case, Bitcoin Merkle tree malleability has no effect, because only a single Merkle tree in each malleablity set is valid (the others have duplicate transactions). In the second case, we need to check that the Merkle tree does not contain any duplicate transactions. Closes #1385
hdevalence
added a commit
that referenced
this issue
Nov 25, 2020
As a side effect of computing Merkle roots, we build a list of transaction hashes. Instead of discarding these, add them to PreparedBlock and FinalizedBlock so that they can be reused rather than recomputed. This commit adds Merkle root validation to: 1. the block verifier; 2. the checkpoint verifier. In the first case, Bitcoin Merkle tree malleability has no effect, because only a single Merkle tree in each malleablity set is valid (the others have duplicate transactions). In the second case, we need to check that the Merkle tree does not contain any duplicate transactions. Closes #1385 Closes #906
hdevalence
added a commit
that referenced
this issue
Nov 25, 2020
As a side effect of computing Merkle roots, we build a list of transaction hashes. Instead of discarding these, add them to PreparedBlock and FinalizedBlock so that they can be reused rather than recomputed. This commit adds Merkle root validation to: 1. the block verifier; 2. the checkpoint verifier. In the first case, Bitcoin Merkle tree malleability has no effect, because only a single Merkle tree in each malleablity set is valid (the others have duplicate transactions). In the second case, we need to check that the Merkle tree does not contain any duplicate transactions. Closes #1385 Closes #906
hdevalence
added a commit
that referenced
this issue
Nov 25, 2020
As a side effect of computing Merkle roots, we build a list of transaction hashes. Instead of discarding these, add them to PreparedBlock and FinalizedBlock so that they can be reused rather than recomputed. This commit adds Merkle root validation to: 1. the block verifier; 2. the checkpoint verifier. In the first case, Bitcoin Merkle tree malleability has no effect, because only a single Merkle tree in each malleablity set is valid (the others have duplicate transactions). In the second case, we need to check that the Merkle tree does not contain any duplicate transactions. Closes #1385 Closes #906
|
assigning to @hdevalence as he is working on this in #1386 already |
hdevalence
added a commit
that referenced
this issue
Nov 30, 2020
As a side effect of computing Merkle roots, we build a list of transaction hashes. Instead of discarding these, add them to PreparedBlock and FinalizedBlock so that they can be reused rather than recomputed. This commit adds Merkle root validation to: 1. the block verifier; 2. the checkpoint verifier. In the first case, Bitcoin Merkle tree malleability has no effect, because only a single Merkle tree in each malleablity set is valid (the others have duplicate transactions). In the second case, we need to check that the Merkle tree does not contain any duplicate transactions. Closes #1385 Closes #906
teor2345
pushed a commit
that referenced
this issue
Dec 1, 2020
As a side effect of computing Merkle roots, we build a list of transaction hashes. Instead of discarding these, add them to PreparedBlock and FinalizedBlock so that they can be reused rather than recomputed. This commit adds Merkle root validation to: 1. the block verifier; 2. the checkpoint verifier. In the first case, Bitcoin Merkle tree malleability has no effect, because only a single Merkle tree in each malleablity set is valid (the others have duplicate transactions). In the second case, we need to check that the Merkle tree does not contain any duplicate transactions. Closes #1385 Closes #906
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Zebra should validate the transaction merkle root during both checkpoint and block validation.
The chain of block header hashes ensures that the block headers are correct for each checkpointed block.
But we also need need to check the transaction merkle root before adding a block to the queue.
The queue rejects blocks with identical block header hashes, so we need to check for invalid transaction data before queuing the block. Otherwise, we could add an invalid block to the queue, and then reject valid blocks with identical hashes.
Due to a mistake in the bitcoin merkle tree design, it's easy to create identical merkle roots by duplicating trailing transactions.
TODO:
Before adding a block to the checkpoint queue:
In the block verifier:
Related issues:
Full Disclosure - CVE-2012-2459 - block merkle calculation exploit: https://bitcointalk.org/?topic=102395
The text was updated successfully, but these errors were encountered: