Fix RandomX validation exploit: verify nSolution contains valid RandomX hash
- Add CheckRandomXSolution() to validate RandomX PoW in nSolution field - Add ASSETCHAINS_RANDOMX_VALIDATION activation height per chain (DRAGONX: 2838976, TUMIN: 1200, others: height 1) - Add CRandomXInput serializer for deterministic RandomX hash input - Fix CheckProofOfWork() to properly reject invalid PoW (was missing SMART_CHAIN_SYMBOL check, allowing bypass) - Call CheckRandomXSolution() in hush_checkPOW and CheckBlockHeader Without this fix, attackers could submit blocks with invalid RandomX hashes that passed validation, as CheckProofOfWork returned early during block loading and the nSolution field was never verified.
This commit is contained in:
@@ -568,6 +568,7 @@ extern uint64_t ASSETCHAINS_SUPPLY, ASSETCHAINS_FOUNDERS_REWARD;
|
||||
extern int32_t ASSETCHAINS_LWMAPOS, ASSETCHAINS_SAPLING, ASSETCHAINS_OVERWINTER,ASSETCHAINS_BLOCKTIME;
|
||||
extern uint64_t ASSETCHAINS_TIMELOCKGTE;
|
||||
extern uint32_t ASSETCHAINS_ALGO,ASSETCHAINS_EQUIHASH,ASSETCHAINS_RANDOMX, HUSH_INITDONE;
|
||||
extern int32_t ASSETCHAINS_RANDOMX_VALIDATION;
|
||||
extern int32_t HUSH_MININGTHREADS,HUSH_LONGESTCHAIN,ASSETCHAINS_SEED,IS_HUSH_NOTARY,USE_EXTERNAL_PUBKEY,HUSH_CHOSEN_ONE,HUSH_ON_DEMAND,HUSH_PASSPORT_INITDONE,ASSETCHAINS_STAKED,HUSH_NSPV;
|
||||
extern uint64_t ASSETCHAINS_COMMISSION, ASSETCHAINS_LASTERA,ASSETCHAINS_CBOPRET;
|
||||
extern uint64_t ASSETCHAINS_REWARD[ASSETCHAINS_MAX_ERAS+1], ASSETCHAINS_NOTARY_PAY[ASSETCHAINS_MAX_ERAS+1], ASSETCHAINS_TIMELOCKGTE, ASSETCHAINS_NONCEMASK[],ASSETCHAINS_NK[2];
|
||||
|
||||
Reference in New Issue
Block a user