From 8b57ca63b870f49ebd9306af454374f31b0b2aaa Mon Sep 17 00:00:00 2001 From: "Jonathan \"Duke\" Leto" Date: Wed, 15 May 2019 21:27:05 -0700 Subject: [PATCH 1/2] Prevent linkability analysis on out-of-sync nodes This addresses upstream issue https://github.com/zcash/zcash/issues/3996 by preventing z_sendmany, z_mergecoinbase and z_shieldcoinbase from making shielded transactions if the node is out of sync. This prevents metadata leakage which can be used in blockchain analysis. --- src/wallet/rpcwallet.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/wallet/rpcwallet.cpp b/src/wallet/rpcwallet.cpp index a22a81e34..23b62c2fe 100644 --- a/src/wallet/rpcwallet.cpp +++ b/src/wallet/rpcwallet.cpp @@ -70,6 +70,7 @@ extern std::string ASSETCHAINS_OVERRIDE_PUBKEY; const std::string ADDR_TYPE_SPROUT = "sprout"; const std::string ADDR_TYPE_SAPLING = "sapling"; extern UniValue TxJoinSplitToJSON(const CTransaction& tx); +extern int32_t KOMODO_INSYNC; uint32_t komodo_segid32(char *coinaddr); int32_t komodo_dpowconfs(int32_t height,int32_t numconfs); int32_t komodo_isnotaryvout(char *coinaddr); // from ac_private chains only @@ -84,6 +85,7 @@ UniValue z_getoperationstatus_IMPL(const UniValue&, bool); #define PLAN_NAME_MAX 8 #define VALID_PLAN_NAME(x) (strlen(x) <= PLAN_NAME_MAX) +#define THROW_IF_SYNCING(INSYNC) if (INSYNC == 0) { throw runtime_error(strprintf("%s: Chain still syncing at height %d, aborting to prevent linkability analysis!",__FUNCTION__,chainActive.Tip()->GetHeight())); } int tx_height( const uint256 &hash ); @@ -4248,6 +4250,8 @@ UniValue z_sendmany(const UniValue& params, bool fHelp) + HelpExampleRpc("z_sendmany", "\"RD6GgnrMpPaTSMn8vai6yiGA7mN4QGPV\", [{\"address\": \"zs14d8tc0hl9q0vg5l28uec5vk6sk34fkj2n8s7jalvw5fxpy6v39yn4s2ga082lymrkjk0x2nqg37\" ,\"amount\": 5.0}]") ); + THROW_IF_SYNCING(KOMODO_INSYNC); + LOCK2(cs_main, pwalletMain->cs_wallet); // Check that the from address is valid. @@ -4557,6 +4561,8 @@ UniValue z_shieldcoinbase(const UniValue& params, bool fHelp) + HelpExampleRpc("z_shieldcoinbase", "\"RD6GgnrMpPaTSMn8vai6yiGA7mN4QGPV\", \"zs14d8tc0hl9q0vg5l28uec5vk6sk34fkj2n8s7jalvw5fxpy6v39yn4s2ga082lymrkjk0x2nqg37\"") ); + THROW_IF_SYNCING(KOMODO_INSYNC); + LOCK2(cs_main, pwalletMain->cs_wallet); // Validate the from address @@ -4817,6 +4823,8 @@ UniValue z_mergetoaddress(const UniValue& params, bool fHelp) throw JSONRPCError(RPC_WALLET_ERROR, "Error: z_mergetoaddress is disabled."); } + THROW_IF_SYNCING(KOMODO_INSYNC); + LOCK2(cs_main, pwalletMain->cs_wallet); bool useAnyUTXO = false; From 3275b435dea4e9348ea495d4be9a76e265573ab2 Mon Sep 17 00:00:00 2001 From: "Jonathan \"Duke\" Leto" Date: Wed, 15 May 2019 22:07:09 -0700 Subject: [PATCH 2/2] Add synced key to getinfo+getblockchaininfo This addresses #3 of upstream issue https://github.com/zcash/zcash/issues/3996 . Any software that creates a transaction outside of the RPC interface MUST check if synced==true beforehand, otherwise metadata leakage which leads to linkability analysis is possible. The z_sendmany, z_shieldcoinbase and z_mergetoaddress RPCs have their own synced checks, so it's not needed to look at this new synced value when using those RPCs. --- src/rpc/blockchain.cpp | 4 +++- src/rpc/misc.cpp | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/rpc/blockchain.cpp b/src/rpc/blockchain.cpp index cb2cfce92..042b6591f 100644 --- a/src/rpc/blockchain.cpp +++ b/src/rpc/blockchain.cpp @@ -48,6 +48,7 @@ using namespace std; +extern int32_t KOMODO_INSYNC; extern void TxToJSON(const CTransaction& tx, const uint256 hashBlock, UniValue& entry); void ScriptPubKeyToJSON(const CScript& scriptPubKey, UniValue& out, bool fIncludeHex); #include "komodo_defs.h" @@ -1689,6 +1690,7 @@ UniValue getblockchaininfo(const UniValue& params, bool fHelp) UniValue obj(UniValue::VOBJ); obj.push_back(Pair("chain", Params().NetworkIDString())); obj.push_back(Pair("blocks", (int)chainActive.Height())); + obj.push_back(Pair("synced", KOMODO_INSYNC!=0)); obj.push_back(Pair("headers", pindexBestHeader ? pindexBestHeader->GetHeight() : -1)); obj.push_back(Pair("bestblockhash", chainActive.LastTip()->GetBlockHash().GetHex())); obj.push_back(Pair("difficulty", (double)GetNetworkDifficulty())); @@ -2082,4 +2084,4 @@ void RegisterBlockchainRPCCommands(CRPCTable &tableRPC) { for (unsigned int vcidx = 0; vcidx < ARRAYLEN(commands); vcidx++) tableRPC.appendCommand(commands[vcidx].name, &commands[vcidx]); -} \ No newline at end of file +} diff --git a/src/rpc/misc.cpp b/src/rpc/misc.cpp index 5a495c005..eca4abb36 100644 --- a/src/rpc/misc.cpp +++ b/src/rpc/misc.cpp @@ -69,7 +69,7 @@ bool komodo_txnotarizedconfirmed(uint256 txid); uint32_t komodo_chainactive_timestamp(); int32_t komodo_whoami(char *pubkeystr,int32_t height,uint32_t timestamp); extern uint64_t KOMODO_INTERESTSUM,KOMODO_WALLETBALANCE; -extern int32_t KOMODO_LASTMINED,JUMBLR_PAUSE,KOMODO_LONGESTCHAIN,IS_STAKED_NOTARY,IS_KOMODO_NOTARY,STAKED_ERA; +extern int32_t KOMODO_LASTMINED,JUMBLR_PAUSE,KOMODO_LONGESTCHAIN,IS_STAKED_NOTARY,IS_KOMODO_NOTARY,STAKED_ERA,KOMODO_INSYNC; extern char ASSETCHAINS_SYMBOL[KOMODO_ASSETCHAIN_MAXLEN]; uint32_t komodo_segid32(char *coinaddr); int64_t komodo_coinsupply(int64_t *zfundsp,int64_t *sproutfundsp,int32_t height); @@ -237,6 +237,7 @@ UniValue getinfo(const UniValue& params, bool fHelp) obj.push_back(Pair("version", CLIENT_VERSION)); obj.push_back(Pair("protocolversion", PROTOCOL_VERSION)); obj.push_back(Pair("KMDversion", KOMODO_VERSION)); + obj.push_back(Pair("synced", KOMODO_INSYNC!=0)); //obj.push_back(Pair("VRSCversion", VERUS_VERSION)); obj.push_back(Pair("notarized", notarized_height)); obj.push_back(Pair("prevMoMheight", prevMoMheight));