Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Solo machine header doesn't use the existing diversifier in header updates #1839

Closed
3 tasks
colin-axner opened this issue Aug 1, 2022 · 2 comments
Closed
3 tasks
Assignees
Labels
06-solomachine type: bug Something isn't working as expected

Comments

@colin-axner
Copy link
Contributor

Summary of Bug

I noticed that when doing an update to the solo machine (to change its public key or diversifier), it uses the new diviersifier in the sign bytes. This is incorrect, it should use the current public key/diversifier to verify signature data that contains the new diversifier and new public key. The bug impact is low, the only security consideration would be around accidental misbehaviour (resulting in frozen solo machines), but the accidental misbehaviour would have to be from using a new diversifier on a sequence on which that diversifier is already being used. It is extremely unlikely and hard to even explain when this incident would occur


For Admin Use

  • Not duplicate issue
  • Appropriate labels applied
  • Appropriate contributors tagged/assigned
@colin-axner
Copy link
Contributor Author

It is fairly difficult to fix this issue in a non-API breaking way, for now we will not backport the fix unless there is a request to do so

@colin-axner colin-axner moved this from Todo to In review in ibc-go Aug 2, 2022
@colin-axner
Copy link
Contributor Author

closed by #1860

Repository owner moved this from In review to Done in ibc-go Aug 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
06-solomachine type: bug Something isn't working as expected
Projects
Archived in project
Development

No branches or pull requests

1 participant