Add hashAuthDataRoot to Block network messages, and semantically verify it #2336
Labels
A-network
Area: Network protocol updates or fixes
A-rust
Area: Updates to Rust code
C-security
Category: Security issues
I-invalid-data
Zebra relies on invalid or untrusted data, or sends invalid data
S-needs-spec-update
Status: Not in the Zcash spec, but it should be
Comments
teor2345
added
A-rust
|
I assigned ZIP number |
2 tasks
teor2345
added
the
S-needs-spec-update
|
This protocol change would be useful, but other things are higher priority. |
6 tasks
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Motivation
In #2134, Zebra validates the
hashAuthDataRootin the finalized state. But this is very late in the validation pipeline.We'd prefer to validate it as the first step in block and checkpoint verification. That way, the transaction authorizing data is bound to the block header before we do any other verification. That improves the security of Zebra's verification pipeline.
Specifications
Transaction Identifier Non-Malleability: https://zips.z.cash/zip-0244
Designs
Zebra's parallel verification pipeline: https://github.com/ZcashFoundation/zebra/blob/main/book/src/dev/rfcs/0002-parallel-verification.md#definitions
Solution
hashBlockCommitmentsto the end ofBlockmessages in the network protocolblock::Header, parsing them on the way in, and sending them on the way outhashAuthDataRootas the first step in block and checkpoint verificationAlternatives
This change improves security, but it's not required for full validation. We'll probably do it during the network protocol upgrades after NU5.
Related Work
#1874 and other ZIP-244 work.
The text was updated successfully, but these errors were encountered: