Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate the genesis config downloaded over RPC before accepting it #8474

Merged
merged 2 commits into from
Feb 26, 2020
Merged

Validate the genesis config downloaded over RPC before accepting it #8474

merged 2 commits into from
Feb 26, 2020

Conversation

mvines
Copy link
Member

@mvines mvines commented Feb 26, 2020
edited
Loading

This PR replaces #8467, and additionally adds verification of a downloaded genesis.tar.bz2 before accepting it. If an RPC node serves a bad genesis, that node gets blacklisted and the validator tries another.

This should be sufficient to prevent the Chorus One poisoned genesis attack during SLP2 boot from reoccurring. However note that the Certus One bzip2 bomb as described by #8427 is not fixed here.

@mvines mvines mentioned this pull request Feb 26, 2020
Closed
@codecov
Copy link

codecov bot commented Feb 26, 2020

Codecov Report

❗ No coverage uploaded for pull request base (master@407d058). Click here to learn what that means.
The diff coverage is 33.3%.

@@           Coverage Diff            @@
##             master   #8474   +/-   ##
========================================
  Coverage          ?   80.3%           
========================================
  Files             ?     256           
  Lines             ?   56447           
  Branches          ?       0           
========================================
  Hits              ?   45344           
  Misses            ?   11103           
  Partials          ?       0

@mvines mvines merged commit d5a7867 into solana-labs:master Feb 26, 2020
@mvines mvines deleted the val branch February 26, 2020 21:21
This was referenced Feb 26, 2020
Merged
Merged
solana-grimes pushed a commit that referenced this pull request Feb 26, 2020
@mergify
Validate the genesis config downloaded over RPC before accepting it (bp
242afa7 
#8474) (#8480)

automerge
solana-grimes pushed a commit that referenced this pull request Feb 26, 2020
@mergify
Validate the genesis config downloaded over RPC before accepting it (bp
87cfac1 
#8474) (#8481)

automerge
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mvines