- Add CheckRandomXSolution() to validate RandomX PoW in nSolution field
- Add ASSETCHAINS_RANDOMX_VALIDATION activation height per chain
(DRAGONX: 2838976, TUMIN: 1200, others: height 1)
- Add CRandomXInput serializer for deterministic RandomX hash input
- Fix CheckProofOfWork() to properly reject invalid PoW (was missing
SMART_CHAIN_SYMBOL check, allowing bypass)
- Call CheckRandomXSolution() in hush_checkPOW and CheckBlockHeader
Without this fix, attackers could submit blocks with invalid RandomX
hashes that passed validation, as CheckProofOfWork returned early
during block loading and the nSolution field was never verified.
Some comments turned out to be wrong and some could be more helpful.
It turns out that when AveragingWindowTimespan was changed to fix a HUSH
mainnet bug long ago, that introduced a bug for HSC's that do not use
a 75s block time. Since the default is 60s that likely means all HSC's that will
be created. There were no production HSC's in use at the time of that bugfix,
so the bug went unnoticed until DRAGONX was launched. The bug then manifested
as the DRAGONX difficulty bug, which cause the difficulty to never correct down,
only up and lead to extremely long block times on DRAGONX mainnet.
This code change ensures that HUSH mainnet uses the same hardcoded AWT as it
did previously and all other HSC's will use params.AveragingWindowTimespan() ,
including DRAGONX mainnet.
This seems less dangerous than changing AveragingWindowTimespan() on HUSH mainnet.
Any projects which want to use Hush code from now on will need to be licensed as
GPLv3 or we will send the lawyers: https://www.softwarefreedom.org/
Notably, Komodo (KMD) is licensed as GPLv2 and is no longer compatible to receive
code changes, without causing legal issues. MIT projects, such as Zcash, also cannot pull
in changes from the Hush Full Node without permission from The Hush Developers,
which may in some circumstances grant an MIT license on a case-by-case basis.
